MidnightBSD

Advisories for sgi

CVE-1999-0003 HIGH

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.01
ibm aix 4.1.4
ibm aix 4.1.5
sun sunos 5.5
sun sunos 5.4
ibm aix 4.1
hp hp-ux 10.03
sun sunos 4.1.3
sgi irix 6.1
ibm aix 4.1.2
sgi irix 5.2
sun sunos -
ibm aix 4.1.1
sun sunos 5.1
sun sunos 5.2
hp hp-ux 10.02
sun sunos 5.5.1
sgi irix 5.3
sun sunos 5.0
ibm aix 4.2
ibm aix 4.2.1
sgi irix 6.2
sgi irix 6.4
ibm aix 4.3
sun sunos 5.3
sgi irix 6.3
sgi irix 6.0
hp hp-ux 11.00
sun solaris 2.6
tritreal ted_cde 4.3
ibm aix 4.1.3
CVE-1999-0009 HIGH

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.5
sgi irix 3.3.1
sgi irix 3.3.3
sgi irix 4.0.1t
netbsd netbsd 1.2
sun solaris 2.5.1
data_general dg_ux 5.4_3.0
sgi irix 3.3
sgi irix 4.0.5a
nec asl_ux_4800 64
redhat linux 5.0
sgi irix 6.1
ibm aix 4.1.2
ibm aix 4.1.1
sgi irix 4.0.5
sgi irix 5.0.1
redhat linux 4.2
sgi irix 4.0.5e
ibm aix 4.2.1
data_general dg_ux 5.4_4.11
netbsd netbsd 1.3
sgi irix 6.2
sgi irix 4.0.5h
sgi irix 3.2
sun sunos 5.3
data_general dg_ux 5.4_4.1
sgi irix 4.0.3
sgi irix 4.0.2
sgi irix 4.0.5_iop
sco unixware 2.1
netbsd netbsd 1.0
sun solaris 2.6
sgi irix 5.1
ibm aix 4.1.3
caldera openlinux 1.0
ibm aix 4.1.4
ibm aix 4.1.5
sgi irix 4.0.5d
sun sunos 5.4
sgi irix 5.0
ibm aix 4.1
redhat linux 4.1
netbsd netbsd 1.1
isc bind 8.1
sgi irix 4.0.4t
sgi irix 4.0.5_ipr
sco open_desktop 3.0
sgi irix 5.1.1
sgi irix 5.2
sun sunos -
isc bind 8.1.1
sgi irix 4.0.4
redhat linux 4.0
bsdi bsd_os 2.0
sgi irix 4.0.4b
sco open_desktop 5.0
bsdi bsd_os 2.0.1
sun sunos 5.5.1
sgi irix 5.3
sun solaris 2.5
ibm aix 4.2
sgi irix 4.0
netbsd netbsd 1.2.1
sgi irix 4.0.5f
netbsd netbsd 1.3.1
sgi irix 4.0.1
ibm aix 4.3
sgi irix 3.3.2
bsdi bsd_os 2.1
sgi irix 6.3
sgi irix 6.0
data_general dg_ux 5.4_3.1
sgi irix 4.0.5g
sco unixware 7.0
isc bind 4.9.6
CVE-1999-0018 HIGH

Buffer overflow in statd allows root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.5
sun sunos 5.4
sgi irix 5.0
ibm aix 4.1
sun solaris 2.5.1
sgi irix 5.1.1
sgi irix 5.2
ibm aix 3.2
sgi irix 5.0.1
sun sunos 5.5.1
sgi irix 5.3
sun solaris 2.4
sun solaris 2.5
sgi irix 5.1
CVE-1999-0019 MEDIUM

Delete or create a file via rpc.statd, due to invalid information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ncr mp-ras 3.0
sun sunos 4.1.4
ncr mp-ras 2.03
sun sunos 5.5
sun sunos 5.4
ibm aix 4.1
sun sunos 4.1.3
sun sunos 5.3
sgi irix 6.1
nighthawk cx_ux *
sco unixware 2
ibm aix 3.2
data_general dg_ux 4.11
sco open_desktop 2
sco openserver 3.0
nighthawk powerux *
sco openserver 5.0
sco open_desktop 3
CVE-1999-0022 HIGH

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-125,

Products Affected

Vendor Product Version
ibm aix 4.1.4
ibm aix 4.1.5
freebsd freebsd 2.1.0
sun sunos 5.4
sgi irix 5.0
ibm aix 4.1
sgi irix 5.1.1
sgi irix 6.1
ibm aix 4.1.2
sgi irix 5.2
freebsd freebsd 2.0.5
ibm aix 4.1.1
sun sunos 5.1
sun sunos 5.2
sgi irix 5.0.1
sun sunos 4.1.1
sun sunos 4.1.3u1
sgi irix 5.3
hp hp-ux 10.00
sun sunos 5.0
ibm aix 4.2
sun solaris 4.1.3
sgi irix 6.0.1
sgi irix 6.2
sgi irix 6.4
freebsd freebsd 2.0
ibm aix 3.1
bsdi bsd_os 1.1
sun sunos 4.1.2
sun sunos 5.3
ibm aix 3.2.4
sgi irix 6.3
sgi irix 6.0
ibm aix 3.2
ibm aix 3.2.5
sgi irix 5.1
ibm aix 4.1.3
CVE-1999-0025 HIGH

root privileges via buffer overflow in df command on SGI IRIX systems.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0026 MEDIUM

root privileges via buffer overflow in pset command on SGI IRIX systems.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0027 HIGH

root privileges via buffer overflow in eject command on SGI IRIX systems.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0028 HIGH

root privileges via buffer overflow in login/scheme command on SGI IRIX systems.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0029 HIGH

root privileges via buffer overflow in ordist command on SGI IRIX systems.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-125,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0030 HIGH

root privileges via buffer overflow in xlock command on SGI IRIX systems.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0032 HIGH

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 4.1.4
sgi irix 6.0.1
next nextstep 4.0
freebsd freebsd 2.1.0
sgi irix 5.0
sgi irix 6.2
sgi irix 6.4
freebsd freebsd 2.0
next nextstep 4.1
sgi irix 5.1.1
bsdi bsd_os 2.1
sgi irix 6.1
freebsd freebsd 2.1.5
sgi irix 5.2
sgi irix 6.3
freebsd freebsd 2.0.5
sgi irix 6.0
sgi irix 5.0.1
sun sunos 4.1.3u1
sgi irix 5.3
sgi irix 5.1
CVE-1999-0033 HIGH

Command execution in Sun systems via buffer overflow in the at program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ncr mp-ras 3.0
sun sunos 5.5
ibm aix *
sun sunos 5.4
sco unixware 3.2v4
sgi irix *
sco open_desktop 3.0
sun sunos 5.3
sun sunos 5.5.1
sco unixware 2.1
sco openserver 3.0
sco openserver 5.0
CVE-1999-0034 HIGH

Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bsdi bsd_os 3.0
sgi freeware 1.0
sgi freeware 2.0
redhat linux 4.0
redhat linux 4.1
larry_wall perl 5.3
redhat linux 4.2
bsdi bsd_os 2.1
CVE-1999-0035 MEDIUM

Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,CWE-364,

Products Affected

Vendor Product Version
gnu inet 5.01
sgi irix *
CVE-1999-0036 HIGH

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-434,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
sgi irix 5.1
CVE-1999-0038 HIGH

Buffer overflow in xlock program allows local users to execute commands as root.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-120,

Products Affected

Vendor Product Version
hp hp-ux 10.01
hp hp-ux 10.34
hp hp-ux 10.08
hp hp-ux 10.20
data_general dg_ux 1.0
data_general dg_ux 5.0
sun sunos 5.5
sun sunos 5.4
sgi irix 5.0
hp hp-ux 10.30
ibm aix 4.1
sun solaris 2.5.1
sgi irix 5.1.1
sgi irix 6.1
sgi irix 5.2
sgi irix 5.0.1
data_general dg_ux 2.0
sun sunos 5.5.1
sgi irix 5.3
sun solaris 2.5
hp hp-ux 10.00
ibm aix 4.2
sgi irix 6.0.1
hp hp-ux 10.10
debian debian_linux 1.3
sgi irix 6.4
hp hp-ux 10.16
bsdi bsd_os 2.1
sun sunos 5.3
data_general dg_ux 4.0
data_general dg_ux 6.0
debian debian_linux 0.93
sgi irix 6.3
sgi irix 6.0
ibm aix 3.2
data_general dg_ux 7.0
debian debian_linux 1.1
data_general dg_ux 3.0
debian debian_linux 1.2
sun solaris 2.4
hp hp-ux 10.24
sgi irix 5.1
CVE-1999-0039 HIGH

webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-77,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 5.0
sgi irix 6.2
sgi irix 5.3
sgi irix 5.1
CVE-1999-0040 HIGH

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.01
hp hp-ux 10.34
hp hp-ux 10.08
sun sunos 4.1.4
nec ews-ux_v 4.2mp
hp hp-ux 10.20
sun sunos 5.5
sun sunos 5.4
sgi irix 5.0
hp hp-ux 10.30
ibm aix 4.1
nec ews-ux_v 4.2
sun solaris 2.5.1
nec up-ux_v 4.2mp
sun sunos 4.1.3
nec asl_ux_4800 64
sgi irix 6.1
hp hp-ux 9.00
bsdi bsd_os 2.0
sun sunos 4.1.3u1
bsdi bsd_os 2.0.1
sun sunos 5.5.1
sgi irix 5.3
sun solaris 2.5
hp hp-ux 10.00
ibm aix 4.2
sgi irix 4.0
hp hp-ux 10.10
hp hp-ux 9.10
sgi irix 6.2
freebsd freebsd 1.1.5.1
sgi irix 6.4
freebsd freebsd 2.0
hp hp-ux 10.16
bsdi bsd_os 2.1
sun sunos 5.3
hp hp-ux 9.01
sgi irix 6.3
sgi irix 6.0
ibm aix 3.2
hp hp-ux 10.09
sun solaris 2.4
hp hp-ux 10.24
CVE-1999-0044 HIGH

fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 5.3
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-0049 HIGH

Csetup under IRIX allows arbitrary file creation or overwriting.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
CVE-1999-0051 HIGH

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 4.1.4
sun sunos 5.5
sgi irix 3.3.3
sgi irix 4.0.1t
sun solaris 2.5.1
globetrotter flexlm 5.0
sgi irix 4.0.5a
sgi irix 6.1
sgi irix 4.0.5
sgi irix 5.0.1
sun sunos 4.1.3u1
sgi irix 4.0.5e
sgi irix 6.0.1
sgi irix 6.2
sgi irix 4.0.5h
sgi irix 6.4
sgi license_oeo 3.1.1
sgi irix 4.0.3
sgi irix 4.0.2
sgi irix 4.0.5_iop
sgi irix 5.1
sgi irix 4.0.5d
sun sunos 5.4
sgi irix 5.0
globetrotter flexlm 4.0
sgi irix 4.0.4t
sgi irix 4.0.5_ipr
sgi irix 5.1.1
sun sunos 4.1.3
sgi irix 5.2
sgi irix 4.0.4
sgi irix 4.0.4b
sun sunos 4.1.1
sun sunos 5.5.1
sgi irix 5.3
sun solaris 2.5
sgi irix 4.0
sgi irix 4.0.5f
sgi irix 4.0.1
sun sunos 4.1.4jl
sgi irix 3.3.2
sun sunos 4.1.2
sgi irix 6.3
globetrotter flexlm 4.1
sgi irix 6.0
sgi license_oeo 3.0
sgi license_oeo 3.1
sun solaris 2.4
sgi irix 4.0.5g
CVE-1999-0059 HIGH

IRIX fam service allows an attacker to obtain a list of all files on the server.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,CWE-200,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 6.3
sgi irix 6.2
sgi irix 5.3
CVE-1999-0073 HIGH

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0.1
sgi irix 5.0
sgi irix 6.2
digital unix 3.2g
sgi irix 5.1.1
sgi irix 6.1
digital osf_1 1.2
sgi irix 5.2
sgi irix 6.3
digital osf_1 3.0
digital osf_1 3.2
sgi irix 6.0
digital unix 4.0
sgi irix 5.0.1
digital osf_1 2.0
digital osf_1 1.3
sgi irix 5.3
sgi irix 5.1
CVE-1999-0078 LOW

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ncr mp-ras 3.0
ncr mp-ras 2.03
sun sunos 5.5
sun sunos 5.4
ibm aix 4.1
next nextstep *
ibm aix 3.2
ncr mp-ras 3.01
sco openserver 5
hp hp-ux *
sco unixware 2.1
sun sunos 4.1
sgi irix 5.3
nec up-ux_v *
bsdi bsd_os *
freebsd freebsd 6.2
ibm aix 4.2
CVE-1999-0083 MEDIUM

getcwd() file descriptor leak in FTP.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0108 HIGH

The printers program in IRIX has a buffer overflow that gives root access to local users.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-1999-0125 MEDIUM

Buffer overflow in SGI IRIX mailx program.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 6.3
sun sunos -
sun sunos 5.5
sun solaris 2.5.1
sun sunos 5.5.1
redhat linux 4.2
sun solaris 2.6
sgi irix 5.3
sun solaris 2.4
sun solaris 2.5
CVE-1999-0148 HIGH

The handler CGI program in IRIX allows arbitrary command execution.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
CVE-1999-0149 HIGH

The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-1999-0195 MEDIUM

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
linux linux_kernel 2.6.20.1
CVE-1999-0208 HIGH

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 3
sgi irix 4
ibm aix 3.2
sgi irix 5.0
ibm aix 4.1
sgi irix 5.1
nec asl_ux_4800 *
nec up-ux_v *
nec ews-ux_v *
CVE-1999-0215 MEDIUM

Routed allows attackers to append data to files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.3
sgi irix 3
sgi irix 6.0.1
sgi irix 4
sgi irix 6.2
sgi irix 6.4
CVE-1999-0234 MEDIUM

Bash treats any character with a value of 255 as a command separator.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 3.0.3
yggdrasil linux *
caldera openlinux *
suse suse_linux 4.2
sgi irix *
CVE-1999-0241 HIGH

Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos -
xfree86_project x11r6 *
sun solaris 7.0
sun solaris 2.5.1
sgi irix *
sun solaris 2.5
CVE-1999-0270 MEDIUM

Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
CVE-1999-0313 HIGH

disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.4
CVE-1999-0314 HIGH

ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.4
CVE-1999-0327 LOW

SGI syserr program allows local users to corrupt files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
CVE-1999-0328 HIGH

SGI permissions program allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 5.0.1
sgi irix 6.4
sgi irix 5.3
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-0329 HIGH

SGI mediad program allows local users to gain root access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-0413 HIGH

A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
sgi irix 6.5
CVE-1999-0461 HIGH

Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
linux linux_kernel 2.6.20.1
CVE-1999-0524 LOW

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-noinfo,CWE-200,

Products Affected

Vendor Product Version
apple mac_os_x -
ibm aix -
sco sco_unix -
hp hp-ux -
linux linux_kernel -
hp tru64 -
oracle solaris -
novell netware -
ibm os2 -
cisco ios -
apple macos -
windriver bsdos -
microsoft windows -
sgi irix -
CVE-1999-0692 HIGH

The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.5.2
cray unicos *
sgi irix 6.4
sgi irix 6.5.3
sgi irix 6.5.4
sgi irix 6.5.1
sgi irix 6.5
CVE-1999-0765 HIGH

SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0
CVE-1999-0948 HIGH

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sun sunos -
sgi irix 6.2
turbolinux turbolinux 4.2
sun solaris 7.0
sgi irix 6.4
sun sunos 5.7
sun solaris 2.6
sgi irix 5.3
sgi irix 6.5
CVE-1999-0949 HIGH

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sun sunos -
sgi irix 6.2
turbolinux turbolinux 4.2
sun solaris 7.0
sgi irix 6.4
sun sunos 5.7
sun solaris 2.6
sgi irix 5.3
sgi irix 6.5
CVE-1999-0959 HIGH

IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
CVE-1999-0960 HIGH

IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
CVE-1999-1022 MEDIUM

serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 4
sgi irix 5.3
CVE-1999-1039 HIGH

Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.4
CVE-1999-1040 HIGH

Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.4
CVE-1999-1066 MEDIUM

Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi quake_1_server *
CVE-1999-1067 MEDIUM

SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
CVE-1999-1102 LOW

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bsd bsd 4.3
apple a_ux 2.0.1
sun sunos *
sgi irix *
CVE-1999-1114 HIGH

Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0.1
sgi irix 5.0
sgi irix 6.2
sgi irix 6.4
sgi irix 5.1.1
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0
sgi irix 5.0.1
sgi irix 5.3
sgi irix 5.1
CVE-1999-1116 HIGH

Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.4
CVE-1999-1120 MEDIUM

netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix *
sgi irix 5.3
CVE-1999-1131 MEDIUM

Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
CVE-1999-1143 HIGH

Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
sgi irix *
CVE-1999-1181 HIGH

Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
sgi irix *
CVE-1999-1183 HIGH

System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.4
CVE-1999-1214 LOW

The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.

CVSS 2.0

Severity: LOW

Problem Type: CWE-255,

Products Affected

Vendor Product Version
openbsd openbsd 2.1
bsd bsd *
bsd bsd 4.4
netbsd netbsd 2.0.4
sgi irix *
freebsd freebsd 6.2
CVE-1999-1219 HIGH

Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 5.1
CVE-1999-1232 HIGH

Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-1999-1243 MEDIUM

SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 6.0
sgi irix *
CVE-1999-1272 HIGH

Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5
sgi irix 6.3
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 6.4
CVE-1999-1286 HIGH

addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
sgi irix 5.3
CVE-1999-1319 HIGH

Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5
sgi irix 5.2
sgi irix 6.0
sgi irix *
CVE-1999-1384 HIGH

Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0.1
sgi irix 5.0
sgi irix 6.2
sgi irix *
sgi irix 5.1.1
sgi irix 6.1
sgi irix 5
sgi irix 5.2
sgi irix 6.0
sgi irix 5.0.1
sgi irix 5.3
sgi irix 5.1
CVE-1999-1398 MEDIUM

Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0.1
sgi irix 5.0
sgi irix 6.2
sgi irix 6.4
sgi irix 5.1.1
sgi irix 6.1
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0
sgi irix 5.0.1
sgi irix 5.3
sgi irix 5.1
CVE-1999-1399 HIGH

spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-1999-1401 MEDIUM

Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.0.1
sgi irix 6.0
sgi irix 5.0
sgi irix 6.2
sgi irix 5.0.1
sgi irix 5.3
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-1409 LOW

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netbsd netbsd 1.3
netbsd netbsd 1.2.1
netbsd netbsd 1.3.1
sgi irix 6.2
sgi irix 6.4
netbsd netbsd 1.1
netbsd netbsd 1.2
netbsd netbsd *
netbsd netbsd 1.0
sgi irix 6.5.1
sgi irix 6.5
CVE-1999-1410 MEDIUM

addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.0.1
sgi irix 5.0
sgi irix 6.2
sgi irix 5.0.1
sgi irix 5.3
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-1461 HIGH

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 6.3
sgi irix 6.5.10
sgi irix 6.2
sgi irix 6.4
sgi irix 5.3
CVE-1999-1468 MEDIUM

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
next next 2.0
sgi irix 4.0
sun sunos 4.0.3
sgi irix 3.3.1
sgi irix 3.3.3
sgi irix 3.3.2
cray unicos 6.0
cray unicos 6.0e
sgi irix 3.3
next next 2.1
sun sunos 4.0.3c
sun sunos 4.1psr_a
sun sunos 4.1.1
cray unicos 6.1
sun sunos 4.1
CVE-1999-1485 MEDIUM

nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.2
sgi irix 6.5.1
sgi irix 6.5
CVE-1999-1492 HIGH

Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.4
CVE-1999-1494 LOW

colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 5.2
sgi irix 6.0.1
sgi irix 6.0
sgi irix 5.1
sgi irix 5.1.1
CVE-1999-1501 MEDIUM

(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
CVE-1999-1554 LOW

/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 3.3.1
sgi irix 3.3
CVE-2000-0013 HIGH

IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-2000-0207 HIGH

SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.3m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.3f
sgi irix 6.5.3
sgi irix 6.5.2m
sgi irix 6.5.4
sgi irix 6.5.1
sgi infosearch 1.0
sgi irix 6.5
CVE-2000-0245 HIGH

Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.1
sgi irix 5.2
sgi irix 6.0.1
sgi irix 6.0
sgi irix 6.2
sgi irix 5.3
CVE-2000-0283 MEDIUM

The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.3m
sgi irix 6.3
sgi irix 6.5.6
sgi irix 6.2
sgi irix 6.5.3f
sgi irix 6.4
sgi irix 6.5.3
sgi irix 6.5.4
CVE-2000-0533 HIGH

Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi workshop_debugger_and_performance_tools 2.6
CVE-2000-0545 MEDIUM

Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi mailx 3
sgi mailx 6.3
sgi mailx 6.4
sgi mailx 6.1
sgi mailx 4
sgi mailx 5
sgi mailx 6.0.1
sgi mailx 6.2
sgi mailx 6.5
CVE-2000-0578 LOW

SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi mipspro_compilers 7.2.1
sgi mipspro_compilers 7.1
CVE-2000-0579 LOW

IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.5
CVE-2000-0733 HIGH

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.0.1
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.2
sgi irix 6.4
sgi irix 6.5.4
sgi irix 6.1
sgi irix 6.5.3m
sgi irix 5.2
sgi irix 6.3
sgi irix 6.0
sgi irix 6.5.3f
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.1
sgi irix 5.3
sgi irix 6.5
CVE-2000-0794 HIGH

Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-2000-0795 HIGH

Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
CVE-2000-0796 HIGH

Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
CVE-2000-0797 HIGH

Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
CVE-2000-0798 HIGH

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.2
sgi irix 6.4
CVE-2000-0799 LOW

inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.3m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.3f
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.4
sgi irix 6.5.1
sgi irix 6.5
CVE-2000-0844 HIGH

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse suse_linux 7.0
mandrakesoft mandrake_linux 7.0
turbolinux turbolinux 6.0
sun sunos 5.5
suse suse_linux 6.1
turbolinux turbolinux 6.0.4
conectiva linux 4.2
debian debian_linux 2.0
turbolinux turbolinux 6.0.3
mandrakesoft mandrake_linux 7.1
debian debian_linux 2.1
redhat linux 5.0
ibm aix 4.1.2
conectiva linux 4.0es
ibm aix 4.1.1
sgi irix 6.5.3f
ibm aix 4.2.1
sgi irix 6.5.6
slackware slackware_linux 7.1
sgi irix 6.2
debian debian_linux 2.3
sgi irix 6.4
ibm aix 4.3.1
sun sunos 5.3
ibm aix 3.2.4
immunix immunix 6.2
redhat linux 6.1
sun sunos 5.8
redhat linux 5.2
sun solaris 2.6
ibm aix 4.1.3
turbolinux turbolinux 6.0.2
ibm aix 4.1.4
ibm aix 4.1.5
caldera openlinux *
suse suse_linux 6.3
sun sunos 5.4
ibm aix 4.1
conectiva linux 5.0
sun sunos 5.7
slackware slackware_linux 7.0
ibm aix 4.3.2
redhat linux 6.2
sun sunos 5.1
sun sunos 5.2
redhat linux 5.1
conectiva linux 4.1
ibm aix 4.0
sgi irix 6.5.8
sgi irix 6.5.2m
sun sunos 5.5.1
conectiva linux 5.1
sun sunos 5.0
ibm aix 4.2
trustix secure_linux 1.0
sgi irix 6.5.7
caldera openlinux_ebuilder 3.0
suse suse_linux 6.2
ibm aix 4.3
caldera openlinux_eserver 2.3
suse suse_linux 6.4
sgi irix 6.5.4
sgi irix 6.5.3m
redhat linux 6.0
sgi irix 6.3
ibm aix 3.2
turbolinux turbolinux 6.0.1
sgi irix 6.5.3
conectiva linux 4.0
ibm aix 3.2.5
sgi irix 6.5.1
debian debian_linux 2.2
sgi irix 6.5
trustix secure_linux 1.1
CVE-2000-0893 MEDIUM

The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-2000-1193 MEDIUM

Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.3
sgi irix 6.4
sgi irix 6.5
CVE-2000-1220 HIGH

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
redhat linux 4.1
sgi irix 6.5.13
sgi irix 6.5.18m
redhat linux 5.0
sgi irix 6.5.15m
redhat linux 4.0
sgi irix 6.5.2
sgi irix 6.5.14m
redhat linux 5.1
sgi irix 6.5.8
redhat linux 4.2
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.4
sgi irix 6.5.18f
redhat linux 6.0
sgi irix 6.5.14f
redhat linux 6.1
sgi irix 6.5.3
redhat linux 5.2
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2000-1221 HIGH

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
redhat linux 4.1
sgi irix 6.5.13
sgi irix 6.5.18m
debian debian_linux 2.1
redhat linux 5.0
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.8
redhat linux 4.2
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.4
sgi irix 6.5.18f
redhat linux 6.0
sgi irix 6.5.14f
redhat linux 6.1
sgi irix 6.5.3
redhat linux 5.2
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2001-0247 HIGH

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.2
openbsd openbsd 2.4
freebsd freebsd 2.2.8
sgi irix 6.1
freebsd freebsd 2.2
netbsd netbsd 1.5
freebsd freebsd 4.0
sgi irix 6.5.3f
openbsd openbsd 2.8
netbsd netbsd 1.4
freebsd freebsd 2.2.6
netbsd netbsd 1.3
freebsd freebsd 3.2
freebsd freebsd 2.2.3
openbsd openbsd 2.3
sgi irix 6.5.6
sgi irix 6.5.11
freebsd freebsd 3.1
mit kerberos_5 1.2.1
freebsd freebsd 3.5.1
netbsd netbsd 1.3.2
mit kerberos_5 1.1.1
freebsd freebsd 2.2.5
freebsd freebsd 3.3
sgi irix 6.5.5
freebsd freebsd 2.2.4
sgi irix 6.5.10
netbsd netbsd 1.4.1
freebsd freebsd 4.1.1
freebsd freebsd 3.0
openbsd openbsd 2.6
netbsd netbsd 1.4.2
sgi irix 6.5.8
sgi irix 6.5.2m
freebsd freebsd 4.1
openbsd openbsd 2.5
netbsd netbsd 1.2.1
sgi irix 6.5.7
netbsd netbsd 1.3.1
freebsd freebsd 4.2
sgi irix 6.5.4
mit kerberos_5 1.2.2
sgi irix 6.5.3m
openbsd openbsd 2.7
freebsd freebsd 2.2.2
netbsd netbsd 1.4.3
sgi irix 6.5.3
netbsd netbsd 1.3.3
sgi irix 6.5.1
freebsd freebsd 3.5
freebsd freebsd 3.4
CVE-2001-0248 HIGH

Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-131,

Products Affected

Vendor Product Version
hp hp-ux 11.00
sgi irix 6.5.2
sgi irix 6.5.1
sgi irix 6.5
CVE-2001-0249 HIGH

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-131,

Products Affected

Vendor Product Version
hp hp-ux 11.00
sgi irix *
oracle solaris 8
CVE-2001-0331 HIGH

Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.5
sgi irix *
CVE-2001-0485 HIGH

Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.2
CVE-2001-0554 HIGH

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
openbsd openbsd 2.1
freebsd freebsd 2.2.1
mit kerberos_5 1.2
sun sunos 5.5
freebsd freebsd 2.1
netbsd netbsd 1.2
openbsd openbsd 2.4
freebsd freebsd 2.2.8
freebsd freebsd 2.2
freebsd freebsd 2.1.5
mit kerberos_5 1.1
netkit linux_netkit 0.10
freebsd freebsd 2.0.5
mit kerberos 1.0
netbsd netbsd 1.5
freebsd freebsd 4.0
ibm aix 5.1
netkit linux_netkit 0.11
openbsd openbsd 2.8
openbsd openbsd 2.0
ibm aix 4.3.3
netbsd netbsd 1.4
freebsd freebsd 2.2.6
netbsd netbsd 1.3
freebsd freebsd 3.2
freebsd freebsd 2.2.3
openbsd openbsd 2.3
freebsd freebsd 3.1
mit kerberos_5 1.2.1
freebsd freebsd 2.1.6
ibm aix 4.3.1
freebsd freebsd 3.5.1
netbsd netbsd 1.3.2
mit kerberos_5 1.1.1
freebsd freebsd 2.1.7.1
sun sunos 5.3
freebsd freebsd 2.2.5
sun sunos 5.8
freebsd freebsd 3.3
netbsd netbsd 1.0
sun solaris 2.6
freebsd freebsd 2.2.4
freebsd freebsd 2.1.0
sun sunos 5.4
netbsd netbsd 1.1
sun sunos 5.7
netbsd netbsd 1.4.1
netkit linux_netkit 0.12
netbsd netbsd 1.5.1
freebsd freebsd 4.3
ibm aix 4.3.2
openbsd openbsd 2.2
freebsd freebsd 4.1.1
sun sunos 5.1
sun sunos 5.2
freebsd freebsd 3.0
openbsd openbsd 2.6
netbsd netbsd 1.4.2
sun sunos 5.5.1
freebsd freebsd 2.1.6.1
freebsd freebsd 2.1.7
freebsd freebsd 2.2.7
freebsd freebsd 4.1
sun sunos 5.0
freebsd freebsd 2.0.1
openbsd openbsd 2.5
netbsd netbsd 1.2.1
netbsd netbsd 1.3.1
ibm aix 4.3
freebsd freebsd 2.0
freebsd freebsd 4.2
mit kerberos_5 1.2.2
openbsd openbsd 2.7
freebsd freebsd 2.2.2
netbsd netbsd 1.4.3
netbsd netbsd 1.3.3
freebsd freebsd 3.5
freebsd freebsd 3.4
debian debian_linux 2.2
sgi irix 6.5
CVE-2001-0796 MEDIUM

SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 3.0
sgi irix *
sgi irix 6.5
CVE-2001-0797 HIGH

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 10.01
hp hp-ux 10.20
sun sunos 5.5
sun sunos 5.4
sgi irix 3.3.1
sgi irix 3.3.3
sun solaris 2.5.1
sun sunos 5.7
sgi irix 3.3
ibm aix 4.3.2
sun sunos -
sun sunos 5.1
sun sunos 5.2
sun solaris 8.0
ibm aix 5.1
sco openserver 5.0.5
sun sunos 5.5.1
ibm aix 4.3.3
sun solaris 2.5
hp hp-ux 10.00
sun sunos 5.0
hp hp-ux 11.11
hp hp-ux 10.10
sun solaris 7.0
ibm aix 4.3
sgi irix 3.2
ibm aix 4.3.1
sgi irix 3.3.2
sun sunos 5.3
sco openserver 5.0.2
hp hp-ux 11.00
sun sunos 5.8
sco openserver 5.0.3
sco openserver 5.0.1
sco openserver 5.0.4
sco openserver 5.0.6a
hp hp-ux 11.0.4
sun solaris 2.6
sun solaris 2.4
sco openserver 5.0
hp hp-ux 10.24
sco openserver 5.0.6
CVE-2001-0799 HIGH

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-2001-0800 HIGH

lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-2001-0801 HIGH

lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-2001-0823 HIGH

The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi performance_co-pilot 2.1.9
sgi performance_co-pilot 2.1.7
sgi performance_co-pilot 2.1.5
sgi performance_co-pilot 2.1.2
sgi performance_co-pilot 2.1.11
sgi performance_co-pilot 2.1.6
sgi performance_co-pilot 2.1.1
sgi performance_co-pilot 2.1.10
sgi performance_co-pilot 2.1.4
sgi performance_co-pilot 2.1.3
sgi performance_co-pilot 2.1.8
sgi performance_co-pilot 2.2
CVE-2001-0891 HIGH

Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi nqsdaemon 3.3.0.16
cray unicos *
CVE-2001-1456 HIGH

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
network_associates mcafee_e-ppliance 120_series
sgi irix 6.2
sgi irix 6.4
mcafee webshield_smtp 4.1
pgp e-ppliance_300 1.0
network_associates gauntlet_firewall unix_5.0
sgi irix 6.3
pgp e-ppliance_300 2.0
network_associates gauntlet_firewall 4.2
network_associates gauntlet_firewall unix_6.0
mcafee webshield_smtp 4.0
network_associates mcafee_e-ppliance 100_series
pgp e-ppliance_300 1.5
network_associates gauntlet_firewall unix_5.5
sgi irix 6.5
CVE-2002-0017 HIGH

Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.15m
sgi irix 6.5.14f
sgi irix 6.5.13f
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.12m
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
CVE-2002-0038 MEDIUM

Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.8
sgi irix 6.5.4
sgi irix 6.5.5
CVE-2002-0039 MEDIUM

rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.15m
sgi irix 6.5.14f
sgi irix 6.5.13f
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.12m
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
CVE-2002-0040 LOW

Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.15m
sgi irix 6.5.14f
sgi irix 6.5.13f
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.12m
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
CVE-2002-0041 MEDIUM

Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.15m
sgi irix 6.5.14f
sgi irix 6.5.13f
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.12m
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
CVE-2002-0042 LOW

Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
CVE-2002-0171 HIGH

IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irisconsole 2.0
CVE-2002-0172 LOW

/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption).

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.2
sgi irix 6.5.9
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.4
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
CVE-2002-0173 HIGH

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 5.0
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 5.1.1
sgi irix 6.1
sgi irix 6.5.10m
sgi irix 5.2
sgi irix 6.5.10f
sgi irix 6.5.2
sgi irix 5.0.1
sgi irix 6.5.3f
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.7f
sgi irix 6.5.7m
sgi irix 5.3
sgi irix 6.5.6f
sgi irix 6.5.8f
sgi irix 6.0.1
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.2
sgi irix 6.5.9
sgi irix 6.4
sgi irix 6.5.4f
sgi irix 6.5.4
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.3m
sgi irix 6.5.5m
sgi irix 6.3
sgi irix 6.0
sgi irix 6.5.3
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 5.1
sgi irix 6.5
CVE-2002-0174 HIGH

nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.2
sgi irix 6.5.9
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.4
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
CVE-2002-0213 LOW

xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.13
xinet k-ashare 11.01
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0355 LOW

netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
CVE-2002-0356 HIGH

Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.2
sgi irix 6.5.3f
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.7f
sgi irix 6.5.7m
sgi irix 6.5.6f
sgi irix 6.5.8f
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.9
sgi irix 6.5.4f
sgi irix 6.5.4
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.3m
sgi irix 6.5.5m
sgi irix 6.5.3
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
CVE-2002-0357 HIGH

Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.2f
sgi irix 6.5.13
sgi irix 6.5.9f
sgi irix 6.5.15m
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.13f
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.15
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.7m
sgi irix 6.5.6f
sgi irix 6.5.8f
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.4f
sgi irix 6.5.4
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.5m
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0358 MEDIUM

MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi mediamail *
CVE-2002-0359 HIGH

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.8f
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.2
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.4
sgi irix 6.5.4f
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.5m
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.7m
sgi irix 6.5.7
sgi irix 6.5.15f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.3
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0631 HIGH

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0632 MEDIUM

Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0652 HIGH

xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0677 HIGH

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
hp hp-ux 10.20
caldera unixware 7
compaq tru64 4.0f
sgi irix 6.5.13
compaq tru64 5.1a
sun sunos 5.7
sgi irix 6.1
sgi irix 5.2
sgi irix 6.5.2
ibm aix 5.1
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sun sunos 5.5.1
ibm aix 4.3.3
sgi irix 5.3
hp hp-ux 11.11
caldera unixware 7.1_.0
compaq tru64 5.0a
sgi irix 6.0.1
hp hp-ux 10.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.2
sgi irix 6.5.9
sgi irix 6.4
sgi irix 6.5.4
compaq tru64 5.1
caldera unixware 7.1.1
caldera openunix 8.0
sgi irix 6.3
sgi irix 6.0
compaq tru64 4.0g
hp hp-ux 11.00
sun sunos 5.8
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sun solaris 2.6
sgi irix 6.5.1
hp hp-ux 10.24
xi_graphics dextop 2.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0678 HIGH

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
hp hp-ux 10.20
compaq tru64 4.0f
sgi irix 6.5.13
compaq tru64 5.1a
sun sunos 5.7
sgi irix 6.1
sgi irix 5.2
sgi irix 6.5.2
ibm aix 5.1
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sun sunos 5.5.1
ibm aix 4.3.3
sgi irix 5.3
hp hp-ux 11.11
compaq tru64 5.0a
sgi irix 6.0.1
hp hp-ux 10.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.2
sgi irix 6.5.9
sgi irix 6.4
caldera unixware 7.1.0
sgi irix 6.5.4
compaq tru64 5.1
caldera unixware 7.1.1
caldera openunix 8.0
sgi irix 6.3
sgi irix 6.0
sun solaris 9.0
compaq tru64 4.0g
hp hp-ux 11.00
sun sunos 5.8
sgi irix 6.5.3
sgi irix 6.5.14
caldera unixware 7.0
sgi irix 6.5.5
sun solaris 2.6
sgi irix 6.5.1
hp hp-ux 10.24
xi_graphics dextop 2.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-0875 LOW

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi fam 2.6.6
sgi irix 6.5.17
debian debian_linux 3.0
sgi irix 6.5.16
sgi irix 6.5.15
sgi fam 2.6.8
CVE-2002-1265 MEDIUM

The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apple mac_os_x 10.1.3
apple mac_os_x_server 10.2
apple mac_os_x_server 10.2.1
gnu glibc 2.0.2
gnu glibc 2.2.2
sgi irix 6.5.13
apple mac_os_x_server 10.0
gnu glibc 2.2.1
sgi irix 6.5.15m
apple mac_os_x 10.0
sgi irix 6.5.14m
gnu glibc 2.2
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 2.3.1
gnu glibc 2.0
apple mac_os_x 10.0.4
apple mac_os_x 10.1.2
sgi irix 6.5.5
gnu glibc 2.0.4
gnu glibc 2.3
gnu glibc 2.1.3
gnu glibc 2.0.1
sgi irix 6.5.10
gnu glibc 2.0.3
sgi irix 6.5.16f
gnu glibc 2.0.5
gnu glibc 2.1.1.6
gnu glibc 2.2.5
apple mac_os_x 10.0.3
gnu glibc 2.1.1
sgi irix 6.5.2
gnu glibc 2.2.3
gnu glibc 2.1.3.10
sgi irix 6.5.8
apple mac_os_x 10.1
apple mac_os_x 10.1.4
sgi irix 6.5.7
gnu glibc 2.2.4
gnu glibc 2.0.6
apple mac_os_x 10.0.2
sgi irix 6.5.15f
apple mac_os_x 10.1.1
sgi irix 6.5.4
gnu glibc 2.1.2
apple mac_os_x 10.2
sgi irix 6.5.14f
gnu glibc 2.1
apple mac_os_x 10.0.1
apple mac_os_x 10.2.1
apple mac_os_x 10.1.5
sgi irix 6.5.3
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1317 HIGH

Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
hp hp-ux 10.20
xfree86_project x11r6 3.3.2
xfree86_project x11r6 3.3
hp hp-ux 11.22
sun solaris 2.5.1
sgi irix 6.5.13
sun sunos 5.7
sun sunos -
sgi irix 6.5.2
sun solaris 8.0
xfree86_project x11r6 3.3.4
sgi irix 6.5.8
sun sunos 5.5.1
xfree86_project x11r6 3.3.5
hp hp-ux 11.11
hp hp-ux 10.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sun solaris 7.0
sgi irix 6.5.4
xfree86_project x11r6 3.3.3
sun solaris 9.0
hp hp-ux 11.00
sun sunos 5.8
sgi irix 6.5.3
sgi irix 6.5.5
sun solaris 2.6
sgi irix 6.5.1
hp hp-ux 11.04
hp hp-ux 10.24
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1318 HIGH

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
samba samba 2.2.3
hp cifs-9000_server a.01.08
sgi irix 6.5.13
sgi irix 6.5.18
samba samba 2.2.5
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
hp cifs-9000_server a.01.09
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
samba samba 2.2.6
sgi irix 6.5.17
sgi irix 6.5.4
samba samba 2.2.4
sgi irix 6.5.3
sgi irix 6.5.14
samba samba 2.2.2
sgi irix 6.5.5
sgi irix 6.5.1
hp cifs-9000_server a.01.08.01
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1323 MEDIUM

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.22
sgi irix 6.5.13
sgi irix 6.5.18m
sun linux 5.0.7
sco open_unix 8.0
sgi irix 6.5.18
sgi irix 6.5.20f
sgi irix 6.5.2
sun solaris 8.0
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.21f
redhat enterprise_linux 2.1
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.19
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
safe.pm safe.pm 2.0_7
sgi irix 6.5.9
sgi irix 6.5.17
sco unixware 7.1.2
sco unixware 7.1.3
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
redhat linux_advanced_workstation 2.1
sun solaris 9.0
sgi irix 6.5.20m
sun sunos 5.8
sgi irix 6.5.3
sgi irix 6.5.14
safe.pm safe.pm 2.0_6
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1419 HIGH

The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.13
CVE-2002-1516 MEDIUM

rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.16m
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
sgi irix 6.5.17m
CVE-2002-1517 MEDIUM

fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.13m
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi freeware 1.0
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1518 LOW

mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.16m
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
sgi irix 6.5.17m
CVE-2002-1584 HIGH

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sun solaris 2.5.1
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.19
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.17
sun solaris 7.0
sgi irix 6.5.4f
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.5m
sgi irix 6.5.14
sgi irix 6.5.5
sun solaris 2.6
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.16f
sgi irix 6.5.2f
sun sunos 5.7
sgi irix 6.5.9f
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
sun sunos -
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sun sunos 5.5.1
sgi irix 6.5.7m
sgi irix 6.5.7
sgi irix 6.5.15f
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5.12
CVE-2002-1786 LOW

SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2002-1787 MEDIUM

Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.16m
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
sgi irix 6.5.17m
CVE-2002-1791 LOW

SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.16m
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.2
sgi irix 6.5.14m
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.13m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
sgi irix 6.5.17m
CVE-2002-2093 LOW

The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.11
sgi irix 6.5.11f
sgi irix 6.5.11m
sgi irix 6.5.13
sgi irix 6.5.10m
sgi irix 6.5.14f
sgi irix 6.5.10f
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 6.5.12m
sgi irix 6.5.14
sgi irix 6.5.13m
sgi irix 6.5.12f
sgi irix 6.5.12
CVE-2002-2185 MEDIUM

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.0
sgi irix 6.5.10
mandrakesoft mandrake_linux 8.0
sgi irix 6.5.16f
redhat linux 7.3
redhat linux 7.2
sgi irix 6.5.13
sgi irix 6.5.18m
microsoft windows_xp *
sgi irix 6.5.15m
microsoft windows_98se *
redhat linux 7.1
redhat linux 6.2
sgi irix 6.5.2
sgi irix 6.5.14m
mandrakesoft mandrake_linux 8.2
redhat enterprise_linux 3.0
sgi irix 6.5.8
microsoft windows_98 *
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux 8.1
sgi irix 6.5.17f
sgi irix 6.5.17m
redhat enterprise_linux_desktop 3.0
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
suse suse_linux 6.4
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.14f
redhat linux_advanced_workstation 2.1
redhat linux 7.0
suse suse_linux 8.0
suse suse_linux 7.2
sgi irix 6.5.3
sgi irix 6.5.5
redhat enterprise_linux 4.0
sgi irix 6.5.1
suse suse_linux 7.3
suse suse_linux 7.1
debian debian_linux 2.2
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0028 HIGH

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.2
openafs openafs 1.0.4
mit kerberos_5 1.2.3
openafs openafs 1.0.4a
cray unicos 7.0
hp hp-ux_series_800 10.20
hp hp-ux 11.22
sgi irix 6.5.13
openbsd openbsd 2.4
ibm aix 5.2
sgi irix 6.5.13f
freebsd freebsd 4.0
sgi irix 6.5.14m
cray unicos 8.3
gnu glibc 2.2
ibm aix 5.1
openbsd openbsd 2.8
sgi irix 6.5.13m
openbsd openbsd 3.2
sgi irix 6.5.17m
hp hp-ux 11.11
sgi irix 6.5.19
openafs openafs 1.1
sgi irix 6.5.6
openafs openafs 1.2.2a
openafs openafs 1.2.1
sgi irix 6.5.11f
sgi irix 6.5.17
sun solaris 7.0
mit kerberos_5 1.2.1
mit kerberos_5 1.2.6
sgi irix 6.5.4f
cray unicos 6.0e
sgi irix 6.5.5m
openafs openafs 1.2.4
sgi irix 6.5.20
sgi irix 6.5.5
sun solaris 2.6
gnu glibc 2.3
sgi irix 6.5.10
sgi irix 6.5.16f
openafs openafs 1.2.2
openafs openafs 1.1.1
sun sunos 5.7
sgi irix 6.5.9f
gnu glibc 2.2.5
openafs openafs 1.2.5
openafs openafs 1.0.3
sun sunos -
openbsd openbsd 2.2
freebsd freebsd 4.1.1
gnu glibc 2.1.1
sgi irix 6.5.2
sun solaris 8.0
gnu glibc 2.2.3
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.16
cray unicos 6.1
openbsd openbsd 2.5
sgi irix 6.5.7
freebsd freebsd 4.6.2
gnu glibc 2.2.4
sgi irix 6.5.11m
freebsd freebsd 4.2
sgi irix 6.5.4
openafs openafs 1.3.2
sgi irix 6.5.18f
sgi irix 6.5.3m
openbsd openbsd 2.7
sgi irix 6.5.14f
gnu glibc 2.1
sun solaris 9.0
cray unicos 9.0.2.5
sgi irix 6.5.12f
hp hp-ux_series_700 10.20
hp hp-ux 11.20
openbsd openbsd 2.1
sgi irix 6.5.8m
hp hp-ux 10.20
gnu glibc 2.3.2
gnu glibc 2.2.2
sun solaris 2.5.1
gnu glibc 2.2.1
sgi irix 6.5.15m
sgi irix 6.5.3f
openbsd openbsd 2.0
ibm aix 4.3.3
sgi irix 6.5.7f
mit kerberos_5 1.2.5
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.16m
sgi irix 6.5.8f
cray unicos 9.2.4
openbsd openbsd 2.3
sgi irix 6.5.11
openafs openafs 1.1.1a
sgi irix 6.5.9
openafs openafs 1.2
openafs openafs 1.2.3
freebsd freebsd 5.0
sgi irix 6.5.6m
sgi irix 6.5.9m
cray unicos 9.2
sun sunos 5.8
sgi irix 6.5.14
openafs openafs 1.3
hp hp-ux 10.24
openafs openafs 1.0.1
gnu glibc 2.1.3
sgi irix 6.5.4m
sgi irix 6.5.2f
cray unicos 9.0
sgi irix 6.5.18m
cray unicos 8.0
sgi irix 6.5.18
openbsd openbsd 2.9
sgi irix 6.5.10m
freebsd freebsd 4.3
sgi irix 6.5.10f
openbsd openbsd 3.0
gnu glibc 2.3.1
openbsd openbsd 2.6
sgi irix 6.5.2m
freebsd freebsd 4.7
sgi irix 6.5.15
sun sunos 5.5.1
sgi irix 6.5.7m
freebsd freebsd 4.1
freebsd freebsd 4.5
freebsd freebsd 4.6
openafs openafs 1.2.6
sgi irix 6.5.15f
openafs openafs 1.2.2b
mit kerberos_5 1.2.4
cray unicos 6.0
gnu glibc 2.1.2
openbsd openbsd 3.1
openafs openafs 1.0.2
mit kerberos_5 1.2.7
mit kerberos_5 1.2.2
hp hp-ux 11.00
openafs openafs 1.3.1
sgi irix 6.5.3
sgi irix 6.5.12m
openafs openafs 1.0
sgi irix 6.5.1
hp hp-ux 11.04
freebsd freebsd 4.4
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0064 HIGH

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hp hp-ux 11.20
sgi irix 6.5.8m
hp hp-ux 10.20
hp hp-ux 11.22
sun solaris 2.5.1
sgi irix 6.5.13
sgi irix 6.5.15m
ibm aix 5.2
sgi irix 6.1
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 5.0.1
sgi irix 6.5.3f
ibm aix 5.1
ibm aix 4.3.3
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.17m
hp hp-ux 11.11
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.0.1
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.2
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.17
sun solaris 7.0
sgi irix 6.4
sgi irix 6.5.4f
ibm aix 4.3.1
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.5m
sun sunos 5.8
sgi irix 6.5.14
sgi irix 6.5.5
sun solaris 2.6
hp hp-ux 10.24
sgi irix 5.1
hp hp-ux 10.34
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.16f
sgi irix 5.0
hp hp-ux 10.30
sgi irix 6.5.2f
sun sunos 5.7
sgi irix 6.5.9f
sgi irix 6.5.18m
sgi irix 5.1.1
sgi irix 6.5.18
hp hp-ux 10.26
sgi irix 6.5.10m
sgi irix 5.2
ibm aix 4.3.2
sgi irix 6.5.10f
sun sunos -
sgi irix 6.5.2
sun solaris 8.0
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sun sunos 5.5.1
sgi irix 6.5.7m
sgi irix 5.3
sgi irix 6.5.7
sgi irix 6.5.15f
ibm aix 4.3
sgi irix 6.5.11m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.3
sgi irix 6.0
sun solaris 9.0
hp hp-ux 11.00
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
hp hp-ux 11.04
sgi irix 6.5.12f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0173 HIGH

xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
xfsdump xfsdump 2.0.0
sgi irix 6.5.13
sgi irix 6.5.15m
xfsdump xfsdump 2.0.2
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.19
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.17
sgi irix 6.5.4f
sgi irix 6.5.6m
sgi irix 6.5.9m
xfsdump xfsdump 2.0.1
sgi irix 6.5.5m
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.10
sgi irix 6.5.4m
xfsdump xfsdump 2.0.3
sgi irix 6.5.16f
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
xfsdump xfsdump 2.0.5
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.7m
sgi irix 6.5.7
sgi irix 6.5.15f
sgi irix 6.5.11m
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
xfsdump xfsdump 2.0.4
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0174 HIGH

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-346,

Products Affected

Vendor Product Version
sgi irix *
CVE-2003-0175 LOW

SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.13f
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.19
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.17
sgi irix 6.5.4f
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.5m
sgi irix 6.5.14
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.16f
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.7m
sgi irix 6.5.7
sgi irix 6.5.15f
sgi irix 6.5.11m
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0176 MEDIUM

The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.15m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5.12
CVE-2003-0177 MEDIUM

SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.15m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5.12
CVE-2003-0472 MEDIUM

The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.19
CVE-2003-0473 HIGH

Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.19
CVE-2003-0572 MEDIUM

Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.15m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5.12
CVE-2003-0573 MEDIUM

The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.15m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.15f
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5.12
CVE-2003-0574 HIGH

Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.19
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.18
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0575 HIGH

Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.19
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.17
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.21
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0576 MEDIUM

Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.18f
sgi irix 6.5.2
sgi irix 6.5.3
sgi irix 6.5.8
sgi irix 6.5.14
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.5
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
sgi irix 6.5.17f
sgi irix 6.5.17m
CVE-2003-0679 LOW

Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix *
CVE-2003-0680 HIGH

Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.21
sgi irix 6.5.21f
sgi irix 6.5.21m
CVE-2003-0683 HIGH

NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.21f
sgi irix 6.5.21m
CVE-2003-0688 MEDIUM

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 4.8
compaq tru64 5.0a
sgi irix 6.5.19
redhat sendmail 8.12.8-4
sendmail sendmail 8.12.8
redhat sendmail 8.12.5-7
freebsd freebsd 5.0
compaq tru64 5.1
sendmail sendmail 8.12.2
sendmail sendmail 8.12.6
sendmail sendmail 8.12.4
sgi irix 6.5.21
freebsd freebsd 4.7
sendmail sendmail 8.12.1
sendmail sendmail 8.12.7
sgi irix 6.5.20
sendmail sendmail 8.12.3
openbsd openbsd 3.2
sendmail sendmail 8.12.5
freebsd freebsd 4.6
CVE-2003-0694 HIGH

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sendmail sendmail 8.9.2
apple mac_os_x_server 10.2
sendmail sendmail_switch 3.0.2
apple mac_os_x 10.2.4
hp hp-ux 11.22
compaq tru64 4.0f
sendmail sendmail 8.12.2
sendmail sendmail_switch 2.1.1
sendmail sendmail_switch 2.2.4
ibm aix 5.2
freebsd freebsd 4.0
ibm aix 5.1
compaq tru64 5.1a_pk5_bl23
gentoo linux 1.4
sendmail sendmail 8.8.8
sendmail sendmail 8.12
turbolinux turbolinux_server 6.1
sendmail sendmail 8.10.1
sendmail sendmail_switch 2.1
sendmail sendmail 8.12.1
sgi irix 6.5.17m
hp hp-ux 11.11
compaq tru64 5.1a_pk1_bl1
sun solaris 7.0
compaq tru64 5.1
apple mac_os_x_server 10.2.3
sendmail sendmail 8.10.2
sendmail sendmail_switch 2.2.2
sendmail sendmail 8.11.1
hp hp-ux 11.0.4
compaq tru64 5.1_pk4_bl18
sun solaris 2.6
turbolinux turbolinux_server 7.0
sendmail sendmail 8.11.2
netbsd netbsd 1.6.1
compaq tru64 4.0f_pk8_bl22
sun sunos 5.7
compaq tru64 4.0f_pk7_bl18
gentoo linux 0.7
netbsd netbsd 1.5.1
sun sunos -
sendmail sendmail_switch 2.2.1
sun solaris 8.0
sendmail sendmail 8.12.4
freebsd freebsd 3.0
sgi irix 6.5.16
sendmail sendmail_switch 3.0.3
sendmail sendmail_pro 8.9.3
compaq tru64 5.1b_pk1_bl1
sendmail sendmail_switch 2.1.2
sendmail sendmail_switch 2.2.5
gentoo linux 0.5
sendmail sendmail_pro 8.9.2
sgi irix 6.5.19m
turbolinux turbolinux_workstation 8.0
netbsd netbsd 1.5.2
sgi irix 6.5.18f
apple mac_os_x 10.2
apple mac_os_x 10.2.1
sun solaris 9.0
compaq tru64 4.0g
compaq tru64 5.1_pk5_bl19
sgi irix 6.5.20m
netbsd netbsd 1.4.3
apple mac_os_x_server 10.2.5
netbsd netbsd 1.6
compaq tru64 5.1b_pk2_bl22
sendmail sendmail 8.12.3
turbolinux turbolinux_workstation 6.0
sendmail sendmail 3.0.3
sgi irix 6.5.19f
apple mac_os_x 10.2.6
sendmail sendmail_switch 2.1.5
apple mac_os_x_server 10.2.1
compaq tru64 5.1a
sendmail advanced_message_server 1.2
gentoo linux 1.1a
sendmail sendmail 2.6.2
sendmail sendmail_switch 2.2.3
apple mac_os_x_server 10.2.6
netbsd netbsd 1.5
sendmail sendmail 8.12.6
netbsd netbsd 1.5.3
sendmail sendmail 3.0.1
ibm aix 4.3.3
sendmail sendmail 8.11.6
compaq tru64 5.1a_pk3_bl3
freebsd freebsd 4.9
sgi irix 6.5.17f
freebsd freebsd 4.8
turbolinux turbolinux_server 8.0
sendmail sendmail 8.11.0
sendmail sendmail 8.12.0
sendmail sendmail 3.0
freebsd freebsd 5.0
sendmail sendmail 8.12.9
sendmail sendmail 2.6.1
sun sunos 5.8
sgi irix 6.5.21m
sendmail sendmail 8.11.4
compaq tru64 5.1a_pk2_bl2
sendmail sendmail 8.12.5
sendmail sendmail_switch 2.1.3
sendmail sendmail 3.0.2
compaq tru64 5.1a_pk4_bl21
apple mac_os_x 10.2.2
sgi irix 6.5.18m
compaq tru64 5.1_pk3_bl17
freebsd freebsd 4.3
sgi irix 6.5.20f
turbolinux turbolinux_workstation 7.0
turbolinux turbolinux_server 6.5
freebsd freebsd 4.7
sendmail sendmail_switch 2.2
sendmail sendmail 8.12.7
sgi irix 6.5.15
sgi irix 6.5.21f
sendmail sendmail_switch 2.1.4
sendmail advanced_message_server 1.3
sendmail sendmail 8.11.5
compaq tru64 5.1_pk6_bl20
freebsd freebsd 4.5
freebsd freebsd 4.6
freebsd freebsd 5.1
sendmail sendmail 8.10
compaq tru64 4.0f_pk6_bl17
sendmail sendmail 8.12.8
compaq tru64 5.1b
apple mac_os_x 10.2.3
apple mac_os_x 10.2.5
apple mac_os_x_server 10.2.2
sendmail sendmail 8.9.3
sendmail sendmail_switch 3.0.1
sendmail sendmail 2.6
turbolinux turbolinux_advanced_server 6.0
hp hp-ux 11.00
apple mac_os_x_server 10.2.4
sendmail sendmail 8.9.1
compaq tru64 4.0g_pk3_bl17
sendmail sendmail 8.11.3
gentoo linux 1.2
compaq tru64 4.0g_pk4_bl22
freebsd freebsd 4.4
sendmail sendmail 8.9.0
sendmail sendmail_switch 3.0
CVE-2003-0795 MEDIUM

The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
sgi propack 2.3
gnu zebra 0.93a
sgi propack 2.2.1
quagga quagga 0.96.1
gnu zebra 0.93b
quagga quagga *
quagga quagga 0.95
gnu zebra 0.91a
gnu zebra 0.92a
quagga quagga 0.96
quagga quagga 0.96.2
CVE-2003-0796 HIGH

Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.22
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0797 MEDIUM

Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.22
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.19
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.21
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2003-0859 MEDIUM

The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 2.2.1
gnu glibc 2.3.2
gnu zebra 0.93b
intel ia64 *
gnu zebra 0.91a
sgi propack 2.3
redhat linux_advanced_workstation 2.1
gnu zebra 0.93a
redhat enterprise_linux 3.0
quagga quagga_routing_software_suite 0.96.2
gnu zebra 0.92a
redhat enterprise_linux 2.1
CVE-2003-0991 MEDIUM

Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gnu mailman 2.0
gnu mailman 2.0.3
gnu mailman 2.0.13
gnu mailman 2.0.6
gnu mailman 2.0.9
gnu mailman 1.0
gnu mailman 2.0.8
gnu mailman 2.1
gnu mailman 2.0.10
gnu mailman 2.0.12
gnu mailman 2.0.4
sgi propack 2.3
gnu mailman 2.0.1
gnu mailman 2.0.7
gnu mailman 2.0.11
gnu mailman 2.0.2
gnu mailman 1.1
gnu mailman 2.0.5
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
dell bsafe_ssl-j 3.1
stonesoft stonebeat_fullcluster 3.0
stonesoft stonegate_vpn_client 2.0.8
cisco css_secure_content_accelerator 2.0
securecomputing sidewinder 5.2.0.01
vmware gsx_server 2.5.1_build_5336
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2.0.04
openssl openssl 0.9.6g
openssl openssl 0.9.6k
cisco firewall_services_module 1.1.3
stonesoft stonebeat_fullcluster 2.0
novell edirectory 8.5.27
cisco webns 6.10
vmware gsx_server 2.5.1
redhat enterprise_linux 3.0
avaya intuity_audix s3400
stonesoft stonegate 1.5.17
lite speed_technologies_litespeed_web_server 1.3_rc1
dell bsafe_ssl-j 3.0.1
hp hp-ux 11.11
avaya vsu 5000_r2.0.1
bluecoat cacheos_ca_sa 4.1.10
cisco pix_firewall 6.2.2_.111
stonesoft stonegate 2.2.1
openssl openssl 0.9.6f
hp aaa_server *
bluecoat proxysg *
checkpoint vpn-1 next_generation_fp2
stonesoft stonegate 1.7
hp apache-based_web_server 2.0.43.00
avaya s8300 r2.0.0
4d webstar 5.3.1
cisco webns 7.2_0.0.03
securecomputing sidewinder 5.2.0.03
cisco webns 6.10_b4
cisco pix_firewall_software 6.0(3)
openssl openssl 0.9.7c
stonesoft stonegate 2.0.1
cisco pix_firewall_software 6.2(3.100)
stonesoft stonegate 2.1
sun crypto_accelerator_4000 1.0
hp wbem a.02.00.01
cisco gss_4490_global_site_selector *
avaya vsu 5x
lite speed_technologies_litespeed_web_server 1.1.1
openssl openssl 0.9.7a
stonesoft stonegate 2.2.4
openbsd openbsd 3.4
lite speed_technologies_litespeed_web_server 1.3
cisco pix_firewall_software 6.1(4)
cisco css_secure_content_accelerator 1.0
vmware gsx_server 2.0.1_build_2129
cisco pix_firewall_software 6.1(1)
cisco pix_firewall_software 6.3(3.102)
stonesoft stonebeat_fullcluster 1_2.0
cisco secure_content_accelerator 10000
cisco pix_firewall_software 6.0(2)
cisco pix_firewall_software 6.2(1)
stonesoft stonebeat_webcluster 2.5
hp apache-based_web_server 2.0.43.04
novell edirectory 8.7.1
stonesoft stonegate_vpn_client 2.0.9
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.3(2)
neoteris instant_virtual_extranet 3.0
sco openserver 5.0.7
avaya sg208 4.4
4d webstar 5.2.4
cisco webns 7.1_0.1.02
lite speed_technologies_litespeed_web_server 1.0.1
novell edirectory 8.5.12a
stonesoft stonebeat_fullcluster 2.5
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
lite speed_technologies_litespeed_web_server 1.2.1
cisco ios 12.1(11b)e
cisco pix_firewall_software 6.1(3)
cisco pix_firewall_software 6.2(3)
tarantella tarantella_enterprise 3.40
bluecoat cacheos_ca_sa 4.1.12
avaya s8300 r2.0.1
novell imanager 2.0
novell edirectory 8.7
tarantella tarantella_enterprise 3.20
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.1(2)
openssl openssl 0.9.6h
cisco firewall_services_module 1.1_(3.005)
cisco ios 12.1(19)e1
avaya s8500 r2.0.0
sco openserver 5.0.6
avaya sg203 4.31.29
checkpoint provider-1 4.1
stonesoft stonegate_vpn_client 2.0.7
openssl openssl 0.9.6d
lite speed_technologies_litespeed_web_server 1.1
cisco pix_firewall_software 6.1(5)
avaya vsu 500
lite speed_technologies_litespeed_web_server 1.0.2
openssl openssl 0.9.7
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco content_services_switch_11500 *
freebsd freebsd 5.2.1
stonesoft stonegate 2.0.9
freebsd freebsd 5.1
cisco pix_firewall_software 6.2
checkpoint firewall-1 next_generation_fp1
redhat openssl 0.9.6-15
neoteris instant_virtual_extranet 3.2
redhat linux 8.0
avaya intuity_audix 5.1.46
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco ios 12.2sy
novell edirectory 8.5
cisco ios 12.2za
cisco threat_response *
stonesoft stonegate 1.5.18
cisco css11000_content_services_switch *
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.2_rc1
stonesoft stonegate 2.0.7
checkpoint vpn-1 vsx_ng_with_application_intelligence
tarantella tarantella_enterprise 3.30
novell edirectory 8.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.3.1
openbsd openbsd 3.3
securecomputing sidewinder 5.2.1.02
4d webstar 4.0
avaya converged_communications_server 2.0
lite speed_technologies_litespeed_web_server 1.0.3
4d webstar 5.2.3
4d webstar 5.2.2
avaya sg208 *
avaya vsu 100_r2.0.1
cisco gss_4480_global_site_selector *
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.0(4.101)
stonesoft servercluster 2.5.2
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate 1.6.3
stonesoft stonegate 2.0.8
redhat openssl 0.9.6b-3
stonesoft stonegate 2.2
hp hp-ux 8.05
cisco ios 12.1(11b)e14
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
avaya intuity_audix *
cisco pix_firewall_software 6.3(1)
checkpoint firewall-1 *
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
cisco ios 12.1(11)e
redhat linux 7.2
4d webstar 5.3
sgi propack 2.3
4d webstar 5.2
avaya vsu 2000_r2.0.1
cisco ciscoworks_common_services 2.2
lite speed_technologies_litespeed_web_server 1.3_rc2
apple mac_os_x_server 10.3.3
stonesoft stonegate_vpn_client 1.7
cisco pix_firewall_software 6.0(4)
stonesoft stonebeat_fullcluster 1_3.0
securecomputing sidewinder 5.2
avaya vsu 5
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.0(1)
vmware gsx_server 2.0
avaya vsu 10000_r2.0.1
stonesoft stonegate 1.7.2
avaya intuity_audix s3210
avaya sg203 4.4
cisco okena_stormwatch 3.2
securecomputing sidewinder 5.2.1
avaya sg200 4.31.29
stonesoft stonebeat_securitycluster 2.0
cisco firewall_services_module *
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
sgi propack 2.4
cisco ios 12.1(11b)e12
openssl openssl 0.9.6i
cisco pix_firewall_software 6.3(3.109)
avaya sg5 4.3
vmware gsx_server 3.0_build_7592
openssl openssl 0.9.7b
lite speed_technologies_litespeed_web_server 1.2.2
neoteris instant_virtual_extranet 3.3
cisco webns 7.10_.0.06s
hp hp-ux 11.23
stonesoft stonegate 2.0.4
hp wbem a.02.00.00
avaya sg200 4.4
sgi propack 3.0
freebsd freebsd 4.9
redhat enterprise_linux_desktop 3.0
freebsd freebsd 4.8
cisco webns 7.1_0.2.06
stonesoft stonebeat_webcluster 2.0
cisco call_manager *
avaya s8700 r2.0.1
openssl openssl 0.9.6e
stonesoft stonegate_vpn_client 2.0
checkpoint firewall-1 next_generation_fp0
avaya sg5 4.4
cisco pix_firewall_software 6.0
cisco application_and_content_networking_software *
cisco pix_firewall_software 6.2(2)
symantec clientless_vpn_gateway_4400 5.0
freebsd freebsd 5.2
openssl openssl 0.9.6c
stonesoft stonegate_vpn_client 1.7.2
hp wbem a.01.05.08
neoteris instant_virtual_extranet 3.1
openssl openssl 0.9.6j
4d webstar 5.2.1
cisco pix_firewall_software 6.3
cisco ios 12.2(14)sy1
redhat openssl 0.9.7a-2
stonesoft stonegate 2.0.5
novell edirectory 8.6.2
dell bsafe_ssl-j 3.0
novell imanager 1.5
checkpoint vpn-1 next_generation_fp0
apple mac_os_x 10.3.3
stonesoft stonegate 1.6.2
cisco firewall_services_module 1.1.2
hp hp-ux 11.00
cisco ios 12.1(13)e9
avaya sg5 4.2
cisco webns 7.10
stonesoft stonegate 2.0.6
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
dell bsafe_ssl-j 3.1
stonesoft stonebeat_fullcluster 3.0
stonesoft stonegate_vpn_client 2.0.8
cisco css_secure_content_accelerator 2.0
securecomputing sidewinder 5.2.0.01
vmware gsx_server 2.5.1_build_5336
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2.0.04
openssl openssl 0.9.6g
openssl openssl 0.9.6k
cisco firewall_services_module 1.1.3
stonesoft stonebeat_fullcluster 2.0
novell edirectory 8.5.27
cisco webns 6.10
vmware gsx_server 2.5.1
redhat enterprise_linux 3.0
avaya intuity_audix s3400
stonesoft stonegate 1.5.17
lite speed_technologies_litespeed_web_server 1.3_rc1
dell bsafe_ssl-j 3.0.1
hp hp-ux 11.11
avaya vsu 5000_r2.0.1
bluecoat cacheos_ca_sa 4.1.10
cisco pix_firewall 6.2.2_.111
stonesoft stonegate 2.2.1
openssl openssl 0.9.6f
hp aaa_server *
bluecoat proxysg *
stonesoft stonegate 1.7
hp apache-based_web_server 2.0.43.00
avaya s8300 r2.0.0
4d webstar 5.3.1
cisco webns 7.2_0.0.03
securecomputing sidewinder 5.2.0.03
cisco webns 6.10_b4
cisco pix_firewall_software 6.0(3)
openssl openssl 0.9.7c
stonesoft stonegate 2.0.1
cisco pix_firewall_software 6.2(3.100)
stonesoft stonegate 2.1
sun crypto_accelerator_4000 1.0
hp wbem a.02.00.01
cisco gss_4490_global_site_selector *
avaya vsu 5x
lite speed_technologies_litespeed_web_server 1.1.1
openssl openssl 0.9.7a
stonesoft stonegate 2.2.4
openbsd openbsd 3.4
checkpoint vpn-1 next_generation
lite speed_technologies_litespeed_web_server 1.3
cisco pix_firewall_software 6.1(4)
cisco css_secure_content_accelerator 1.0
vmware gsx_server 2.0.1_build_2129
cisco pix_firewall_software 6.1(1)
cisco pix_firewall_software 6.3(3.102)
stonesoft stonebeat_fullcluster 1_2.0
cisco secure_content_accelerator 10000
cisco pix_firewall_software 6.0(2)
cisco pix_firewall_software 6.2(1)
stonesoft stonebeat_webcluster 2.5
hp apache-based_web_server 2.0.43.04
novell edirectory 8.7.1
stonesoft stonegate_vpn_client 2.0.9
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.3(2)
neoteris instant_virtual_extranet 3.0
sco openserver 5.0.7
avaya sg208 4.4
4d webstar 5.2.4
cisco webns 7.1_0.1.02
lite speed_technologies_litespeed_web_server 1.0.1
novell edirectory 8.5.12a
stonesoft stonebeat_fullcluster 2.5
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
lite speed_technologies_litespeed_web_server 1.2.1
cisco ios 12.1(11b)e
cisco pix_firewall_software 6.1(3)
cisco pix_firewall_software 6.2(3)
tarantella tarantella_enterprise 3.40
bluecoat cacheos_ca_sa 4.1.12
avaya s8300 r2.0.1
novell imanager 2.0
novell edirectory 8.7
tarantella tarantella_enterprise 3.20
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.1(2)
openssl openssl 0.9.6h
cisco firewall_services_module 1.1_(3.005)
cisco ios 12.1(19)e1
avaya s8500 r2.0.0
sco openserver 5.0.6
avaya sg203 4.31.29
checkpoint provider-1 4.1
stonesoft stonegate_vpn_client 2.0.7
openssl openssl 0.9.6d
lite speed_technologies_litespeed_web_server 1.1
cisco pix_firewall_software 6.1(5)
avaya vsu 500
lite speed_technologies_litespeed_web_server 1.0.2
openssl openssl 0.9.7
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco content_services_switch_11500 *
freebsd freebsd 5.2.1
stonesoft stonegate 2.0.9
freebsd freebsd 5.1
cisco pix_firewall_software 6.2
checkpoint firewall-1 next_generation_fp1
redhat openssl 0.9.6-15
neoteris instant_virtual_extranet 3.2
redhat linux 8.0
avaya intuity_audix 5.1.46
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco ios 12.2sy
novell edirectory 8.5
cisco ios 12.2za
cisco threat_response *
stonesoft stonegate 1.5.18
cisco css11000_content_services_switch *
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.2_rc1
stonesoft stonegate 2.0.7
checkpoint vpn-1 vsx_ng_with_application_intelligence
tarantella tarantella_enterprise 3.30
novell edirectory 8.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.3.1
openbsd openbsd 3.3
securecomputing sidewinder 5.2.1.02
4d webstar 4.0
avaya converged_communications_server 2.0
lite speed_technologies_litespeed_web_server 1.0.3
4d webstar 5.2.3
4d webstar 5.2.2
avaya sg208 *
avaya vsu 100_r2.0.1
cisco gss_4480_global_site_selector *
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.0(4.101)
stonesoft servercluster 2.5.2
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate 1.6.3
stonesoft stonegate 2.0.8
redhat openssl 0.9.6b-3
stonesoft stonegate 2.2
hp hp-ux 8.05
cisco ios 12.1(11b)e14
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
avaya intuity_audix *
cisco pix_firewall_software 6.3(1)
checkpoint firewall-1 *
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
cisco ios 12.1(11)e
redhat linux 7.2
4d webstar 5.3
sgi propack 2.3
4d webstar 5.2
avaya vsu 2000_r2.0.1
cisco ciscoworks_common_services 2.2
lite speed_technologies_litespeed_web_server 1.3_rc2
apple mac_os_x_server 10.3.3
stonesoft stonegate_vpn_client 1.7
cisco pix_firewall_software 6.0(4)
stonesoft stonebeat_fullcluster 1_3.0
securecomputing sidewinder 5.2
avaya vsu 5
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.0(1)
vmware gsx_server 2.0
avaya vsu 10000_r2.0.1
stonesoft stonegate 1.7.2
avaya intuity_audix s3210
avaya sg203 4.4
cisco okena_stormwatch 3.2
securecomputing sidewinder 5.2.1
avaya sg200 4.31.29
stonesoft stonebeat_securitycluster 2.0
cisco firewall_services_module *
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
sgi propack 2.4
cisco ios 12.1(11b)e12
openssl openssl 0.9.6i
cisco pix_firewall_software 6.3(3.109)
avaya sg5 4.3
vmware gsx_server 3.0_build_7592
openssl openssl 0.9.7b
lite speed_technologies_litespeed_web_server 1.2.2
neoteris instant_virtual_extranet 3.3
cisco webns 7.10_.0.06s
hp hp-ux 11.23
stonesoft stonegate 2.0.4
hp wbem a.02.00.00
avaya sg200 4.4
sgi propack 3.0
freebsd freebsd 4.9
redhat enterprise_linux_desktop 3.0
freebsd freebsd 4.8
cisco webns 7.1_0.2.06
stonesoft stonebeat_webcluster 2.0
cisco call_manager *
avaya s8700 r2.0.1
openssl openssl 0.9.6e
stonesoft stonegate_vpn_client 2.0
checkpoint firewall-1 next_generation_fp0
avaya sg5 4.4
cisco pix_firewall_software 6.0
cisco application_and_content_networking_software *
cisco pix_firewall_software 6.2(2)
symantec clientless_vpn_gateway_4400 5.0
freebsd freebsd 5.2
openssl openssl 0.9.6c
stonesoft stonegate_vpn_client 1.7.2
hp wbem a.01.05.08
neoteris instant_virtual_extranet 3.1
openssl openssl 0.9.6j
4d webstar 5.2.1
cisco pix_firewall_software 6.3
cisco ios 12.2(14)sy1
redhat openssl 0.9.7a-2
stonesoft stonegate 2.0.5
novell edirectory 8.6.2
dell bsafe_ssl-j 3.0
novell imanager 1.5
checkpoint vpn-1 next_generation_fp0
apple mac_os_x 10.3.3
stonesoft stonegate 1.6.2
cisco firewall_services_module 1.1.2
hp hp-ux 11.00
cisco ios 12.1(13)e9
avaya sg5 4.2
cisco webns 7.10
stonesoft stonegate 2.0.6
CVE-2004-0104 HIGH

Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 2.3
redhat linux_advanced_workstation 2.1
metamail_corporation metamail *
sgi propack 2.4
redhat enterprise_linux 2.1
CVE-2004-0105 HIGH

Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 2.3
redhat linux_advanced_workstation 2.1
metamail_corporation metamail *
sgi propack 2.4
redhat enterprise_linux 2.1
CVE-2004-0107 MEDIUM

The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sysstat sysstat 4.1.3
sysstat sysstat 4.1.2
sysstat sysstat 4.0.7
sgi propack 2.3
sysstat sysstat 4.1.5
sgi propack 2.4
redhat sysstat 4.0.7-3
sysstat sysstat 4.1.6
sysstat sysstat 4.1.1
sysstat sysstat 4.1.7
sysstat sysstat 5.0.1
sysstat sysstat 4.1.4
CVE-2004-0108 MEDIUM

The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sysstat sysstat 4.1.3
sysstat sysstat 4.1.2
sysstat sysstat 4.0.7
sgi propack 2.3
sysstat sysstat 4.1.5
sgi propack 2.4
redhat sysstat 4.0.7-3
sysstat sysstat 4.1.6
sysstat sysstat 4.1.1
sysstat sysstat 4.1.7
sysstat sysstat 5.0.1
sysstat sysstat 4.1.4
CVE-2004-0110 HIGH

Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xmlsoft libxml 1.8.17
xmlsoft libxml2 2.5.11
xmlsoft libxml2 2.6.4
xmlsoft libxml2 2.6.5
xmlsoft libxml2 2.5.10
xmlsoft libxml2 2.6.1
xmlsoft libxml2 2.4.19
sgi propack 2.3
xmlsoft libxml2 2.6.2
xmlsoft libxml2 2.4.23
xmlsoft libxml2 2.6.3
sgi propack 2.4
xmlsoft libxml2 2.6.0
xmlsoft libxml2 2.5.4
CVE-2004-0111 MEDIUM

gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 2.3
redhat linux_advanced_workstation 2.1
gnome gdkpixbuf 0.20
redhat gdk_pixbuf 0.18.0-7
redhat enterprise_linux 3.0
sgi propack 2.4
gnome gdkpixbuf 0.18
redhat enterprise_linux 2.1
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
dell bsafe_ssl-j 3.1
forcepoint stonegate 2.2.1
stonesoft stonebeat_fullcluster 3.0
cisco css_secure_content_accelerator 2.0
securecomputing sidewinder 5.2.0.01
vmware gsx_server 2.5.1_build_5336
forcepoint stonegate 1.6.3
securecomputing sidewinder 5.2.0.04
openssl openssl 0.9.6g
openssl openssl 0.9.6k
cisco firewall_services_module 1.1.3
stonesoft stonebeat_fullcluster 2.0
novell edirectory 8.5.27
forcepoint stonegate 1.7.1
cisco webns 6.10
vmware gsx_server 2.5.1
redhat enterprise_linux 3.0
avaya intuity_audix s3400
dell bsafe_ssl-j 3.0.1
hp hp-ux 11.11
avaya vsu 5000_r2.0.1
bluecoat cacheos_ca_sa 4.1.10
cisco pix_firewall 6.2.2_.111
openssl openssl 0.9.6f
hp aaa_server *
bluecoat proxysg *
checkpoint vpn-1 next_generation_fp2
litespeedtech litespeed_web_server 1.0.1
hp apache-based_web_server 2.0.43.00
avaya s8300 r2.0.0
4d webstar 5.3.1
cisco webns 7.2_0.0.03
securecomputing sidewinder 5.2.0.03
cisco webns 6.10_b4
cisco pix_firewall_software 6.0(3)
openssl openssl 0.9.7c
cisco pix_firewall_software 6.2(3.100)
sun crypto_accelerator_4000 1.0
hp wbem a.02.00.01
cisco gss_4490_global_site_selector *
avaya vsu 5x
openssl openssl 0.9.7a
openbsd openbsd 3.4
cisco pix_firewall_software 6.1(4)
cisco css_secure_content_accelerator 1.0
vmware gsx_server 2.0.1_build_2129
cisco pix_firewall_software 6.1(1)
cisco pix_firewall_software 6.3(3.102)
stonesoft stonebeat_fullcluster 1_2.0
cisco secure_content_accelerator 10000
cisco pix_firewall_software 6.0(2)
cisco pix_firewall_software 6.2(1)
stonesoft stonebeat_webcluster 2.5
hp apache-based_web_server 2.0.43.04
novell edirectory 8.7.1
avaya s8500 r2.0.1
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.3(2)
neoteris instant_virtual_extranet 3.0
sco openserver 5.0.7
avaya sg208 4.4
4d webstar 5.2.4
cisco webns 7.1_0.1.02
novell edirectory 8.5.12a
stonesoft stonebeat_fullcluster 2.5
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
cisco ios 12.1(11b)e
cisco pix_firewall_software 6.1(3)
forcepoint stonegate 2.0.4
cisco pix_firewall_software 6.2(3)
tarantella tarantella_enterprise 3.40
bluecoat cacheos_ca_sa 4.1.12
avaya s8300 r2.0.1
novell imanager 2.0
novell edirectory 8.7
tarantella tarantella_enterprise 3.20
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.1(2)
openssl openssl 0.9.6h
cisco firewall_services_module 1.1_(3.005)
cisco ios 12.1(19)e1
avaya s8500 r2.0.0
sco openserver 5.0.6
avaya sg203 4.31.29
checkpoint provider-1 4.1
forcepoint stonegate 2.1
openssl openssl 0.9.6d
cisco pix_firewall_software 6.1(5)
avaya vsu 500
openssl openssl 0.9.7
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco content_services_switch_11500 *
freebsd freebsd 5.2.1
freebsd freebsd 5.1
cisco pix_firewall_software 6.2
checkpoint firewall-1 next_generation_fp1
redhat openssl 0.9.6-15
neoteris instant_virtual_extranet 3.2
redhat linux 8.0
avaya intuity_audix 5.1.46
cisco ios 12.2sy
novell edirectory 8.5
cisco ios 12.2za
forcepoint stonegate 2.0.9
cisco threat_response *
cisco css11000_content_services_switch *
stonesoft servercluster 2.5
checkpoint vpn-1 vsx_ng_with_application_intelligence
tarantella tarantella_enterprise 3.30
novell edirectory 8.0
cisco ios 12.2(14)sy
openbsd openbsd 3.3
forcepoint stonegate 2.0.6
securecomputing sidewinder 5.2.1.02
4d webstar 4.0
avaya converged_communications_server 2.0
4d webstar 5.2.3
4d webstar 5.2.2
avaya sg208 *
avaya vsu 100_r2.0.1
cisco gss_4480_global_site_selector *
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.0(4.101)
stonesoft servercluster 2.5.2
forcepoint stonegate 1.5.17
redhat openssl 0.9.6b-3
hp hp-ux 8.05
forcepoint stonegate 2.2.4
cisco ios 12.1(11b)e14
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
avaya intuity_audix *
cisco pix_firewall_software 6.3(1)
checkpoint firewall-1 *
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
cisco ios 12.1(11)e
redhat linux 7.2
forcepoint stonegate 2.0.5
4d webstar 5.3
forcepoint stonegate 1.7.2
sgi propack 2.3
4d webstar 5.2
avaya vsu 2000_r2.0.1
cisco ciscoworks_common_services 2.2
apple mac_os_x_server 10.3.3
cisco pix_firewall_software 6.0(4)
stonesoft stonebeat_fullcluster 1_3.0
forcepoint stonegate 2.0.8
securecomputing sidewinder 5.2
avaya vsu 5
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.0(1)
vmware gsx_server 2.0
avaya vsu 10000_r2.0.1
avaya intuity_audix s3210
avaya sg203 4.4
cisco okena_stormwatch 3.2
securecomputing sidewinder 5.2.1
avaya sg200 4.31.29
stonesoft stonebeat_securitycluster 2.0
forcepoint stonegate 2.2
cisco firewall_services_module *
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
sgi propack 2.4
cisco ios 12.1(11b)e12
openssl openssl 0.9.6i
cisco pix_firewall_software 6.3(3.109)
avaya sg5 4.3
vmware gsx_server 3.0_build_7592
openssl openssl 0.9.7b
forcepoint stonegate 2.0.1
forcepoint stonegate 1.7
forcepoint stonegate 1.5.18
neoteris instant_virtual_extranet 3.3
cisco webns 7.10_.0.06s
hp hp-ux 11.23
hp wbem a.02.00.00
forcepoint stonegate 2.0.7
avaya sg200 4.4
sgi propack 3.0
freebsd freebsd 4.9
redhat enterprise_linux_desktop 3.0
freebsd freebsd 4.8
cisco webns 7.1_0.2.06
stonesoft stonebeat_webcluster 2.0
cisco call_manager *
avaya s8700 r2.0.1
forcepoint stonegate 1.6.2
openssl openssl 0.9.6e
checkpoint firewall-1 next_generation_fp0
avaya sg5 4.4
cisco pix_firewall_software 6.0
cisco application_and_content_networking_software *
cisco pix_firewall_software 6.2(2)
symantec clientless_vpn_gateway_4400 5.0
freebsd freebsd 5.2
openssl openssl 0.9.6c
hp wbem a.01.05.08
neoteris instant_virtual_extranet 3.1
openssl openssl 0.9.6j
4d webstar 5.2.1
cisco pix_firewall_software 6.3
cisco ios 12.2(14)sy1
redhat openssl 0.9.7a-2
novell edirectory 8.6.2
dell bsafe_ssl-j 3.0
novell imanager 1.5
checkpoint vpn-1 next_generation_fp0
apple mac_os_x 10.3.3
cisco firewall_services_module 1.1.2
hp hp-ux 11.00
cisco ios 12.1(13)e9
avaya sg5 4.2
cisco webns 7.10
CVE-2004-0135 HIGH

The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 3.3.1
sgi irix 3.3.3
sgi irix 6.5.13
sgi irix 6.5.13f
sgi irix 6.5_20
sgi irix 4.0.5
sgi irix 6.5.14m
sgi irix 6.5.13m
sgi irix 6.5.17m
sgi irix 6.5.19
sgi irix 6.0.1
sgi irix 4.0.5b
sgi irix 6.5.6
sgi irix 6.2
sgi irix 6.5.11f
sgi irix 6.5.17
sgi irix 6.5.4f
sgi irix 6.5.5m
sgi irix 4.0.3
sgi irix 6.5.21
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 4.0.5_ipr
sgi irix 6.5.9f
sgi irix 5.2
sgi irix 4.0.4
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.24
sgi irix 6.5.7
sgi irix 4.0.1
sgi irix 6.5.11m
sgi irix 6.5.19m
sgi irix 3.3.2
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.20m
sgi irix 6.5.12f
sgi irix 6.5.19f
sgi irix 4.0.5g
sgi irix 6.5.8m
sgi irix 6.5.22
sgi irix 4.0.1t
sgi irix 3.3
sgi irix 4.0.5a
sgi irix 6.5.15m
sgi irix 6.1
sgi irix 5.0.1
sgi irix 6.5.3f
sgi irix 6.5.22m
sgi irix 4.0.5e
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.11
sgi irix 4.0.5h
sgi irix 6.5.9
sgi irix 6.4
sgi irix 3.2
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 4.0.2
sgi irix 4.0.5_iop
sgi irix 6.5.14
sgi irix 6.5.21m
sgi irix 5.1
sgi irix 6.5.4m
sgi irix 5.0
sgi irix 4.0.4t
sgi irix 6.5.2f
sgi irix 6.5.18m
sgi irix 5.1.1
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.20f
sgi irix 4.0.4b
sgi irix 6.5.2m
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.7m
sgi irix 5.3
sgi irix 6.5.23
sgi irix 4.0
sgi irix 4.0.5f
sgi irix 6.5.15f
sgi irix 6.3
sgi irix 6.0
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2004-0136 LOW

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.20f
sgi irix 6.5.22
sgi irix 6.5.20m
sgi irix 6.5.21f
sgi irix 6.5.21m
sgi irix 6.5.23
sgi irix 6.5.25
sgi irix 6.5.24
CVE-2004-0137 LOW

Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.20f
sgi irix 6.5.22
sgi irix 6.5.20m
sgi irix 6.5.21f
sgi irix 6.5.21m
sgi irix 6.5.23
sgi irix 6.5.25
sgi irix 6.5.24
CVE-2004-0139 HIGH

Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.22
sgi irix 6.5.23
sgi irix 6.5.25
sgi irix 6.5.24
CVE-2004-0148 HIGH

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
washington_university wu-ftpd 2.4.2_beta18_vr15
washington_university wu-ftpd 2.4.2_beta18_vr9
washington_university wu-ftpd 2.4.2_beta18_vr8
washington_university wu-ftpd 2.4.2_beta18
washington_university wu-ftpd 2.6.2
washington_university wu-ftpd 2.4.2_vr16
washington_university wu-ftpd 2.4.2_beta18_vr4
washington_university wu-ftpd 2.4.2_beta18_vr12
washington_university wu-ftpd 2.4.2_beta18_vr13
washington_university wu-ftpd 2.4.2_beta18_vr14
washington_university wu-ftpd 2.4.1
sgi propack 2.3
washington_university wu-ftpd 2.4.2_beta18_vr6
washington_university wu-ftpd 2.4.2_beta18_vr11
washington_university wu-ftpd 2.5.0
washington_university wu-ftpd 2.4.2_beta18_vr7
washington_university wu-ftpd 2.6.0
washington_university wu-ftpd 2.4.2_beta18_vr10
washington_university wu-ftpd 2.4.2_beta18_vr5
washington_university wu-ftpd 2.4.2_beta2
sgi propack 2.4
washington_university wu-ftpd 2.4.2_vr17
washington_university wu-ftpd 2.6.1
CVE-2004-0226 HIGH

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.43
gentoo linux 1.1a
midnight_commander midnight_commander 4.5.51
gentoo linux 0.7
sgi propack 2.3
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.49
gentoo linux 1.4
midnight_commander midnight_commander 4.5.44
slackware slackware_linux 9.1
midnight_commander midnight_commander 4.5.45
slackware slackware_linux *
gentoo linux 0.5
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
slackware slackware_linux 9.0
midnight_commander midnight_commander 4.5.48
gentoo linux 1.2
sgi propack 2.4
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.6
CVE-2004-0231 LOW

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.43
gentoo linux 1.1a
midnight_commander midnight_commander 4.5.51
gentoo linux 0.7
sgi propack 2.3
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.49
gentoo linux 1.4
midnight_commander midnight_commander 4.5.44
slackware slackware_linux 9.1
midnight_commander midnight_commander 4.5.45
slackware slackware_linux *
gentoo linux 0.5
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
slackware slackware_linux 9.0
midnight_commander midnight_commander 4.5.48
gentoo linux 1.2
sgi propack 2.4
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.6
CVE-2004-0232 MEDIUM

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
midnight_commander midnight_commander 4.5.42
midnight_commander midnight_commander 4.5.46
midnight_commander midnight_commander 4.5.50
midnight_commander midnight_commander 4.5.43
gentoo linux 1.1a
midnight_commander midnight_commander 4.5.51
gentoo linux 0.7
sgi propack 2.3
midnight_commander midnight_commander 4.5.40
midnight_commander midnight_commander 4.5.49
gentoo linux 1.4
midnight_commander midnight_commander 4.5.44
slackware slackware_linux 9.1
midnight_commander midnight_commander 4.5.45
slackware slackware_linux *
gentoo linux 0.5
midnight_commander midnight_commander 4.5.41
midnight_commander midnight_commander 4.5.52
midnight_commander midnight_commander 4.5.55
slackware slackware_linux 9.0
midnight_commander midnight_commander 4.5.48
gentoo linux 1.2
sgi propack 2.4
midnight_commander midnight_commander 4.5.47
midnight_commander midnight_commander 4.6
CVE-2004-0233 LOW

Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slackware slackware_linux *
sgi propack 2.4
utempter utempter 0.5.3
sgi propack 3.0
slackware slackware_linux 9.1
utempter utempter 0.5.2
CVE-2004-0234 HIGH

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2003
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 4.51
f-secure internet_gatekeeper 6.32
tsugio_okamoto lha 1.17
f-secure f-secure_anti-virus 2004
f-secure f-secure_for_firewalls 6.20
clearswift mailsweeper 4.3.13
f-secure f-secure_internet_security 2004
tsugio_okamoto lha 1.14
clearswift mailsweeper 4.1
f-secure f-secure_personal_express 4.7
clearswift mailsweeper 4.3.6
f-secure f-secure_anti-virus 5.5
f-secure f-secure_personal_express 4.5
stalker cgpmcafee 3.2
clearswift mailsweeper 4.3.6_sp1
sgi propack 3.0
clearswift mailsweeper 4.0
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.21
clearswift mailsweeper 4.2
f-secure f-secure_anti-virus 4.60
clearswift mailsweeper 4.3.5
clearswift mailsweeper 4.3.3
rarlab winrar 3.20
redhat lha 1.14i-9
winzip winzip 9.0
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.11
clearswift mailsweeper 4.3.4
f-secure f-secure_anti-virus 4.52
clearswift mailsweeper 4.3
tsugio_okamoto lha 1.15
f-secure f-secure_anti-virus 5.52
redhat fedora_core core_1.0
sgi propack 2.4
clearswift mailsweeper 4.3.8
f-secure f-secure_anti-virus 5.41
f-secure f-secure_internet_security 2003
clearswift mailsweeper 4.3.10
f-secure f-secure_personal_express 4.6
CVE-2004-0235 MEDIUM

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2003
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 4.51
f-secure internet_gatekeeper 6.32
tsugio_okamoto lha 1.17
f-secure f-secure_anti-virus 2004
f-secure f-secure_for_firewalls 6.20
clearswift mailsweeper 4.3.13
f-secure f-secure_internet_security 2004
tsugio_okamoto lha 1.14
clearswift mailsweeper 4.1
f-secure f-secure_personal_express 4.7
clearswift mailsweeper 4.3.6
f-secure f-secure_anti-virus 5.5
f-secure f-secure_personal_express 4.5
stalker cgpmcafee 3.2
clearswift mailsweeper 4.3.6_sp1
sgi propack 3.0
clearswift mailsweeper 4.0
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.21
clearswift mailsweeper 4.2
f-secure f-secure_anti-virus 4.60
clearswift mailsweeper 4.3.5
clearswift mailsweeper 4.3.3
rarlab winrar 3.20
redhat lha 1.14i-9
winzip winzip 9.0
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.11
clearswift mailsweeper 4.3.4
f-secure f-secure_anti-virus 4.52
clearswift mailsweeper 4.3
tsugio_okamoto lha 1.15
f-secure f-secure_anti-virus 5.52
redhat fedora_core core_1.0
sgi propack 2.4
clearswift mailsweeper 4.3.8
f-secure f-secure_anti-virus 5.41
f-secure f-secure_internet_security 2003
clearswift mailsweeper 4.3.10
f-secure f-secure_personal_express 4.6
CVE-2004-0414 HIGH

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvs cvs 1.11.2
openpkg openpkg 2.0
cvs cvs 1.10.8
cvs cvs 1.11.6
cvs cvs 1.11.5
cvs cvs 1.10.7
cvs cvs 1.11.14
openbsd openbsd 3.4
cvs cvs 1.11.1
gentoo linux 1.4
cvs cvs 1.12.1
openbsd openbsd 3.5
sgi propack 3.0
cvs cvs 1.11.3
cvs cvs 1.11.16
openbsd openbsd *
cvs cvs 1.12.8
cvs cvs 1.12.5
openpkg openpkg 1.3
cvs cvs 1.11.11
cvs cvs 1.11
cvs cvs 1.11.10
sgi propack 2.4
cvs cvs 1.11.4
cvs cvs 1.11.1_p1
cvs cvs 1.12.2
openpkg openpkg *
cvs cvs 1.11.15
cvs cvs 1.12.7
CVE-2004-0416 HIGH

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
cvs cvs 1.11.2
openpkg openpkg 2.0
cvs cvs 1.10.8
cvs cvs 1.11.6
cvs cvs 1.11.5
cvs cvs 1.10.7
cvs cvs 1.11.14
openbsd openbsd 3.4
cvs cvs 1.11.1
gentoo linux 1.4
cvs cvs 1.12.1
openbsd openbsd 3.5
sgi propack 3.0
cvs cvs 1.11.3
cvs cvs 1.11.16
openbsd openbsd *
cvs cvs 1.12.8
cvs cvs 1.12.5
openpkg openpkg 1.3
cvs cvs 1.11.11
cvs cvs 1.11
cvs cvs 1.11.10
sgi propack 2.4
cvs cvs 1.11.4
cvs cvs 1.11.1_p1
cvs cvs 1.12.2
openpkg openpkg *
cvs cvs 1.11.15
cvs cvs 1.12.7
CVE-2004-0417 MEDIUM

Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvs cvs 1.11.2
openpkg openpkg 2.0
cvs cvs 1.10.8
cvs cvs 1.11.6
cvs cvs 1.11.5
cvs cvs 1.10.7
cvs cvs 1.11.14
openbsd openbsd 3.4
cvs cvs 1.11.1
gentoo linux 1.4
cvs cvs 1.12.1
openbsd openbsd 3.5
sgi propack 3.0
cvs cvs 1.11.3
cvs cvs 1.11.16
openbsd openbsd *
cvs cvs 1.12.8
cvs cvs 1.12.5
openpkg openpkg 1.3
cvs cvs 1.11.11
cvs cvs 1.11
cvs cvs 1.11.10
sgi propack 2.4
cvs cvs 1.11.4
cvs cvs 1.11.1_p1
cvs cvs 1.12.2
openpkg openpkg *
cvs cvs 1.11.15
cvs cvs 1.12.7
CVE-2004-0418 HIGH

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvs cvs 1.11.2
openpkg openpkg 2.0
cvs cvs 1.10.8
cvs cvs 1.11.6
cvs cvs 1.11.5
cvs cvs 1.10.7
cvs cvs 1.11.14
openbsd openbsd 3.4
cvs cvs 1.11.1
gentoo linux 1.4
cvs cvs 1.12.1
openbsd openbsd 3.5
sgi propack 3.0
cvs cvs 1.11.3
cvs cvs 1.11.16
openbsd openbsd *
cvs cvs 1.12.8
cvs cvs 1.12.5
openpkg openpkg 1.3
cvs cvs 1.11.11
cvs cvs 1.11
cvs cvs 1.11.10
sgi propack 2.4
cvs cvs 1.11.4
cvs cvs 1.11.1_p1
cvs cvs 1.12.2
openpkg openpkg *
cvs cvs 1.11.15
cvs cvs 1.12.7
CVE-2004-0424 HIGH

Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.4.22
slackware slackware_linux current
linux linux_kernel 2.6.3
linux linux_kernel 2.4.24
linux linux_kernel 2.6.1
linux linux_kernel 2.4.25
linux linux_kernel 2.4.23_ow2
sgi propack 3.0
linux linux_kernel 2.4.23
linux linux_kernel 2.6.2
slackware slackware_linux 9.1
CVE-2004-0483 MEDIUM

Unknown vulnerability in rpc.mountd for SGI IRIX 6.5.24 allows remote attackers to cause a denial of service (infinite loop) via certain RPC requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.24
CVE-2004-0492 HIGH

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openbsd openbsd *
hp vvos 11.04
ibm http_server 1.3.26.2
apache http_server 1.3.28
hp virtualvault 11.0.4
ibm http_server 1.3.26.1
apache http_server 1.3.29
apache http_server 1.3.26
hp webproxy 2.1
apache http_server 1.3.31
hp webproxy 2.0
openbsd openbsd 3.4
ibm http_server 1.3.26
sgi propack 2.4
openbsd openbsd 3.5
ibm http_server 1.3.28
apache http_server 1.3.27
CVE-2004-0504 MEDIUM

Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
sgi propack 2.4
sgi propack 3.0
ethereal_group ethereal 0.10.1
CVE-2004-0505 MEDIUM

The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
sgi propack 2.4
sgi propack 3.0
ethereal_group ethereal 0.10.1
CVE-2004-0506 MEDIUM

The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
sgi propack 2.4
sgi propack 3.0
ethereal_group ethereal 0.10.1
CVE-2004-0507 HIGH

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.3
sgi propack 2.4
sgi propack 3.0
ethereal_group ethereal 0.10.1
CVE-2004-0519 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
squirrelmail squirrelmail 1.2.10
squirrelmail squirrelmail 1.2.11
squirrelmail squirrelmail 1.4.2
squirrelmail squirrelmail 1.2.0
squirrelmail squirrelmail 1.0.4
squirrelmail squirrelmail 1.0.5
squirrelmail squirrelmail 1.2.6
squirrelmail squirrelmail 1.2.5
squirrelmail squirrelmail 1.2.7
squirrelmail squirrelmail 1.4
squirrelmail squirrelmail 1.2.8
squirrelmail squirrelmail 1.2.1
squirrelmail squirrelmail 1.4.1
squirrelmail squirrelmail 1.2.3
sgi propack 3.0
squirrelmail squirrelmail 1.2.2
squirrelmail squirrelmail 1.2.9
squirrelmail squirrelmail 1.2.4
CVE-2004-0520 MEDIUM

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
open_webmail open_webmail 2.31
squirrelmail squirrelmail 1.2.10
open_webmail open_webmail 2.32
squirrelmail squirrelmail 1.2.11
squirrelmail squirrelmail 1.4.2
squirrelmail squirrelmail 1.2.0
squirrelmail squirrelmail 1.4.3_rc1
squirrelmail squirrelmail 1.2.6
squirrelmail squirrelmail 1.2.5
squirrelmail squirrelmail 1.2.7
open_webmail open_webmail 2.30
squirrelmail squirrelmail 1.4
squirrelmail squirrelmail 1.2.8
squirrelmail squirrelmail 1.2.1
squirrelmail squirrelmail 1.4.1
squirrelmail squirrelmail 1.2.3
sgi propack 3.0
squirrelmail squirrelmail 1.2.2
squirrelmail squirrelmail 1.5_dev
squirrelmail squirrelmail 1.2.9
squirrelmail squirrelmail 1.2.4
CVE-2004-0521 HIGH

SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
squirrelmail squirrelmail 1.2.10
squirrelmail squirrelmail 1.2.11
squirrelmail squirrelmail 1.4.2
squirrelmail squirrelmail 1.2.0
squirrelmail squirrelmail 1.0.4
squirrelmail squirrelmail 1.0.5
squirrelmail squirrelmail 1.2.6
squirrelmail squirrelmail 1.2.5
squirrelmail squirrelmail 1.2.7
squirrelmail squirrelmail 1.4
squirrelmail squirrelmail 1.2.8
squirrelmail squirrelmail 1.2.1
squirrelmail squirrelmail 1.4.1
squirrelmail squirrelmail 1.2.3
sgi propack 3.0
squirrelmail squirrelmail 1.2.2
squirrelmail squirrelmail 1.2.9
squirrelmail squirrelmail 1.2.4
CVE-2004-0523 HIGH

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mit kerberos_5 1.2
mit kerberos_5 1.2.3
mit kerberos 1.2.2.beta1
sun seam 1.0
mit kerberos_5 1.1
tinysofa tinysofa_enterprise_server 1.0_u1
mit kerberos_5 1.3
mit kerberos 1.0
sun solaris 8.0
mit kerberos_5 1.0.6
sgi propack 3.0
mit kerberos_5 1.2.5
mit kerberos_5 1.3.3
mit kerberos 1.0.8
mit kerberos_5 1.2.1
mit kerberos_5 1.2.4
mit kerberos_5 1.2.6
mit kerberos_5 1.0
mit kerberos_5 1.2.7
mit kerberos_5 1.1.1
mit kerberos_5 1.2.2
sun solaris 9.0
sun seam 1.0.1
sun seam 1.0.2
sun sunos 5.8
tinysofa tinysofa_enterprise_server 1.0
sgi propack 2.4
CVE-2004-0639 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
open_webmail open_webmail 2.31
squirrelmail squirrelmail 1.2.10
open_webmail open_webmail 2.32
squirrelmail squirrelmail 1.2.11
squirrelmail squirrelmail 1.4.2
squirrelmail squirrelmail 1.2.0
squirrelmail squirrelmail 1.4.3_rc1
squirrelmail squirrelmail 1.2.6
squirrelmail squirrelmail 1.2.5
squirrelmail squirrelmail 1.2.7
open_webmail open_webmail 2.30
squirrelmail squirrelmail 1.4
squirrelmail squirrelmail 1.2.8
squirrelmail squirrelmail 1.2.1
squirrelmail squirrelmail 1.4.1
squirrelmail squirrelmail 1.2.3
sgi propack 3.0
squirrelmail squirrelmail 1.2.2
squirrelmail squirrelmail 1.5_dev
squirrelmail squirrelmail 1.2.9
squirrelmail squirrelmail 1.2.4
CVE-2004-0807 MEDIUM

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
suse suse_linux 9.1
samba samba 3.0.0
samba samba 3.0.2
samba samba 3.0.2a
sgi samba 3.0.1
sgi samba 3.0.6
suse suse_linux 9.0
sgi samba 3.0
sgi samba 3.0.4
samba samba 3.0.6
suse suse_linux 8.1
samba samba 3.0.4
suse suse_linux 8.2
samba samba 3.0.1
conectiva linux 10.0
samba samba 3.0.3
sgi samba 3.0.3
suse suse_linux 8
samba samba 3.0.5
sgi samba 3.0.2
conectiva linux 9.0
sgi samba 3.0.5
CVE-2004-0930 MEDIUM

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samba samba 3.0.0
sgi samba 3.0.1
sgi samba 3.0.6
sgi samba 3.0
sgi samba 3.0.4
gentoo linux *
samba samba 3.0.6
samba samba 3.0.7
samba samba 3.0.4
sgi samba 3.0.7
redhat linux_advanced_workstation 2.1
conectiva linux 10.0
samba samba 3.0.3
sgi samba 3.0.3
redhat fedora_core core_2.0
samba samba 3.0.5
redhat enterprise_linux 3.0
sgi samba 3.0.2
redhat enterprise_linux 2.1
redhat fedora_core core_3.0
sgi samba 3.0.5
redhat enterprise_linux_desktop 3.0
CVE-2004-1139 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.10.1
conectiva linux 10.0
ethereal_group ethereal 0.9.11
redhat enterprise_linux 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.14
sgi propack 3.0
ethereal_group ethereal 0.9.16
suse suse_linux 9.2
redhat enterprise_linux 2.1
redhat enterprise_linux_desktop 3.0
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.10.4
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
altlinux alt_linux 2.3
ethereal_group ethereal 0.10.6
suse suse_linux 8.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10
suse suse_linux 8.0
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.8
CVE-2004-1142 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.10.1
conectiva linux 10.0
ethereal_group ethereal 0.9.11
redhat enterprise_linux 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.14
sgi propack 3.0
ethereal_group ethereal 0.9.16
suse suse_linux 9.2
redhat enterprise_linux 2.1
redhat enterprise_linux_desktop 3.0
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.10.4
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
altlinux alt_linux 2.3
ethereal_group ethereal 0.10.6
suse suse_linux 8.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10
suse suse_linux 8.0
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.8
CVE-2004-1145 MEDIUM

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.10.1
conectiva linux 10.0
ethereal_group ethereal 0.9.11
redhat enterprise_linux 3.0
conectiva linux 9.0
ethereal_group ethereal 0.9.14
sgi propack 3.0
ethereal_group ethereal 0.9.16
suse suse_linux 9.2
redhat enterprise_linux 2.1
redhat enterprise_linux_desktop 3.0
suse suse_linux 9.1
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.10.4
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
altlinux alt_linux 2.3
ethereal_group ethereal 0.10.6
suse suse_linux 8.1
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10
suse suse_linux 8.0
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.8
CVE-2004-1184 MEDIUM

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.0
suse suse_linux 6.3
suse suse_linux 6.1
gnu enscript 1.5
suse suse_linux 5.3
suse suse_linux 1.0
suse suse_linux 3.0
suse suse_linux 4.0
suse suse_linux 4.2
gnu enscript 1.6.1
suse suse_linux 5.0
suse suse_linux 8.2
suse suse_linux 2.0
gnu enscript 1.6
redhat fedora_core core_2.0
suse suse_linux 5.1
sgi propack 3.0
suse suse_linux 9.2
redhat fedora_core core_3.0
suse suse_linux 4.3
suse suse_linux 9.1
suse suse_linux 5.2
suse suse_linux 6.2
suse suse_linux 9.0
suse suse_linux 4.4
gnu enscript 1.4
suse suse_linux 6.4
suse suse_linux 8.1
gnu enscript 1.6.2
suse suse_linux 8.0
suse suse_linux 7.2
suse suse_linux 4.4.1
suse suse_linux 6.0
gnu enscript 1.6.4
suse suse_linux 7.3
gnu enscript 1.6.3
suse suse_linux 7.1
CVE-2004-1307 HIGH

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
avaya interactive_response 1.2.1
libtiff libtiff 3.7.0
avaya intuity_audix_lx *
f5 icontrol_service_manager 1.3.6
libtiff libtiff 3.6.1
libtiff libtiff 3.5.5
apple mac_os_x 10.3.9
apple mac_os_x_server 10.3.9
mandrakesoft mandrake_linux 10.1
libtiff libtiff 3.5.7
apple mac_os_x 10.3.8
conectiva linux 10.0
libtiff libtiff 3.5.3
apple mac_os_x 10.3.1
libtiff libtiff 3.5.2
conectiva linux 9.0
sgi propack 3.0
apple mac_os_x 10.3.5
sco unixware 7.1.4
avaya interactive_response 1.3
avaya modular_messaging_message_storage_server 1.1
apple mac_os_x_server 10.3.7
apple mac_os_x 10.3.2
sun solaris 7.0
apple mac_os_x 10.3
f5 icontrol_service_manager 1.3
libtiff libtiff 3.6.0
apple mac_os_x_server 10.3.2
apple mac_os_x_server 10.3.4
libtiff libtiff 3.5.4
libtiff libtiff 3.5.1
mandrakesoft mandrake_linux_corporate_server 3.0
sun sunos 5.8
avaya mn100 *
avaya call_management_system_server 9.0
avaya call_management_system_server 13.0
avaya integrated_management *
mandrakesoft mandrake_linux 10.0
avaya call_management_system_server 12.0
sun solaris 10.0
apple mac_os_x 10.3.4
apple mac_os_x_server 10.3.1
gentoo linux *
sun sunos 5.7
f5 icontrol_service_manager 1.3.4
avaya call_management_system_server 11.0
apple mac_os_x 10.3.6
sun solaris 8.0
apple mac_os_x_server 10.3.3
avaya cvlan *
avaya modular_messaging_message_storage_server 2.0
apple mac_os_x_server 10.3.5
libtiff libtiff 3.4
avaya call_management_system_server 8.0
apple mac_os_x_server 10.3.8
f5 icontrol_service_manager 1.3.5
apple mac_os_x 10.3.3
apple mac_os_x 10.3.7
sun solaris 9.0
apple mac_os_x_server 10.3.6
avaya interactive_response *
apple mac_os_x_server 10.3
CVE-2004-1471 HIGH

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cvs cvs 1.11.2
openpkg openpkg 2.0
cvs cvs 1.10.8
cvs cvs 1.11.6
cvs cvs 1.11.5
freebsd freebsd 2.2.8
cvs cvs 1.10.7
freebsd freebsd 2.2
freebsd freebsd 2.1.5
freebsd freebsd 2.0.5
cvs cvs 1.11.1
freebsd freebsd 4.0
gentoo linux 1.4
cvs cvs 1.12.1
openbsd openbsd 3.5
sgi propack 3.0
freebsd freebsd 2.2.6
freebsd freebsd 4.9
cvs cvs 1.11.3
freebsd freebsd 4.8
cvs cvs 1.11.16
freebsd freebsd 3.2
freebsd freebsd 2.2.3
freebsd freebsd 3.1
freebsd freebsd 1.1.5.1
openbsd openbsd current
freebsd freebsd 2.1.6
freebsd freebsd 3.5.1
cvs cvs 1.12.5
freebsd freebsd 5.0
freebsd freebsd 2.1.7.1
freebsd freebsd 2.2.5
cvs cvs 1.11
freebsd freebsd 3.3
cvs cvs 1.11.1_p1
cvs cvs 1.11.15
cvs cvs 1.12.7
freebsd freebsd 2.2.4
freebsd freebsd 2.1.0
freebsd freebsd 5.2
cvs cvs 1.11.14
freebsd freebsd 4.3
freebsd freebsd 4.10
openbsd openbsd 3.4
freebsd freebsd 4.1.1
freebsd freebsd 3.0
freebsd freebsd 4.7
freebsd freebsd 2.1.6.1
freebsd freebsd 5.2.1
freebsd freebsd 4.1
freebsd freebsd 4.5
freebsd freebsd 4.6
freebsd freebsd 5.1
freebsd freebsd 4.6.2
cvs cvs 1.12.8
freebsd freebsd 2.0
freebsd freebsd 4.2
openpkg openpkg 1.3
cvs cvs 1.11.11
freebsd freebsd 2.2.2
cvs cvs 1.11.10
sgi propack 2.4
openpkg openpkg current
cvs cvs 1.11.4
cvs cvs 1.12.2
freebsd freebsd 3.5
freebsd freebsd 4.4
freebsd freebsd 3.4
CVE-2004-1613 MEDIUM

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla mozilla 1.7.2
redhat linux 7.3
redhat linux 9.0
redhat fedora_core core_2.0
mozilla mozilla 1.1
mozilla mozilla 1.0.2
redhat enterprise_linux 3.0
mozilla mozilla 1.3
mozilla mozilla 1.4.1
mozilla mozilla 1.4
mozilla mozilla 1.7.3
sgi propack 3.0
redhat enterprise_linux 2.1
mozilla mozilla 1.7.1
mozilla mozilla 1.0
redhat enterprise_linux_desktop 3.0
mozilla mozilla 1.2.1
mozilla mozilla 1.6
mozilla mozilla 1.4.4
mozilla mozilla 1.3.1
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.0.1
redhat fedora_core core_1.0
mozilla mozilla 1.8
mozilla mozilla 1.5
mozilla mozilla 1.7
mozilla mozilla 1.2
mozilla mozilla 1.4.2
CVE-2004-1889 MEDIUM

Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.20f
sgi irix 6.5.22
sgi irix 6.5.20m
sgi irix 6.5.21
sgi irix 6.5.20
sgi irix 6.5.21f
sgi irix 6.5.21m
sgi irix 6.5.23
CVE-2004-1891 MEDIUM

The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.20
CVE-2004-2001 MEDIUM

ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.10
sgi irix 6.5.13
sgi irix 6.5.18m
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.22m
sgi irix 6.5.21f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.7
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.14
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.1
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2004-2002 MEDIUM

Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.8m
sgi irix 6.5.22
sgi irix 6.5.13
sgi irix 6.5.15m
sgi irix 6.5.13f
sgi irix 6.5_20
sgi irix 6.5.14m
sgi irix 6.5.3f
sgi irix 6.5.22m
sgi irix 6.5.13m
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.17m
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.19
sgi irix 6.5.6
sgi irix 6.5.11
sgi irix 6.5.9
sgi irix 6.5.11f
sgi irix 6.5.17
sgi irix 6.5.4f
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 6.5.5m
sgi irix 6.5.21
sgi irix 6.5.14
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.21m
sgi irix 6.5.10
sgi irix 6.5.4m
sgi irix 6.5.16f
sgi irix 6.5.2f
sgi irix 6.5.9f
sgi irix 6.5.18m
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.20f
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.2m
sgi irix 6.5.16
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.7m
sgi irix 6.5.7
sgi irix 6.5.15f
sgi irix 6.5.11m
sgi irix 6.5.19m
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.20m
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5.12f
sgi irix 6.5.19f
sgi irix 6.5
sgi irix 6.5.12
CVE-2005-0005 HIGH

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
imagemagick imagemagick 6.0.5
imagemagick imagemagick 6.1.5
graphicsmagick graphicsmagick 1.1
imagemagick imagemagick 6.1.6
suse suse_linux 8.2
gentoo linux 1.1a
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.1
graphicsmagick graphicsmagick 1.0
graphicsmagick graphicsmagick 1.0.6
gentoo linux 0.7
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.0.4
imagemagick imagemagick 6.0.7
imagemagick imagemagick 5.3.3
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 5.4.3
gentoo linux 1.4
sgi propack 3.0
imagemagick imagemagick 6.1
suse suse_linux 9.2
graphicsmagick graphicsmagick 1.1.4
imagemagick imagemagick 6.1.4
suse suse_linux 9.1
imagemagick imagemagick 6.0.8
suse suse_linux 9.0
gentoo linux 0.5
imagemagick imagemagick 5.4.7
imagemagick imagemagick 6.2.0.4
graphicsmagick graphicsmagick 1.1.3
suse suse_linux 8.1
imagemagick imagemagick 6.0.6
imagemagick imagemagick 6.0
imagemagick imagemagick 6.1.7
imagemagick imagemagick 6.1.2
suse suse_linux 8.0
imagemagick imagemagick 6.1.3
gentoo linux 1.2
debian debian_linux 3.0
imagemagick imagemagick 6.2
imagemagick imagemagick 6.2.0.7
CVE-2005-0113 HIGH

inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5
CVE-2005-0138 HIGH

rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
sgi irix 6.5.27
sgi irix 6.5.26
sgi irix 6.5.25
CVE-2005-0139 HIGH

Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sgi irix 6.5.27
sgi irix 6.5.26
sgi irix 6.5.25
CVE-2005-0156 LOW

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
larry_wall perl 5.8.4.3
suse suse_linux 8.2
ibm aix 5.2
trustix secure_linux 1.5
trustix secure_linux 2.2
larry_wall perl 5.8.1
larry_wall perl 5.8.4.2.3
redhat enterprise_linux 3.0
larry_wall perl 5.8.4.2
sgi propack 3.0
suse suse_linux 9.2
trustix secure_linux 2.1
redhat fedora_core core_3.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 9.1
ibm aix 5.3
suse suse_linux 9.0
larry_wall perl 5.8.3
ubuntu ubuntu_linux 4.1
suse suse_linux 8.1
trustix secure_linux 2.0
larry_wall perl 5.8.4.4
larry_wall perl 5.8.0
suse suse_linux 8.0
larry_wall perl 5.8.4.5
larry_wall perl 5.8.4
larry_wall perl 5.8.4.1
CVE-2005-0206 HIGH

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.2.2
suse suse_linux 3.0
suse suse_linux 8.2
kde koffice 1.3.3
easy_software_products cups 1.1.13
tetex tetex 1.0.6
redhat fedora_core core_2.0
redhat enterprise_linux 3.0
xpdf xpdf 1.1
suse suse_linux 4.3
suse suse_linux 9.1
xpdf xpdf 0.92
easy_software_products cups 1.1.17
suse suse_linux 8.0
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 2.0.1
kde koffice 1.3_beta3
gentoo linux *
suse suse_linux 4.0
tetex tetex 1.0.7
easy_software_products cups 1.1.12
xpdf xpdf 3.0
xpdf xpdf 0.91
kde kde 3.2.1
xpdf xpdf 2.3
suse suse_linux 5.1
redhat enterprise_linux 2.1
easy_software_products cups 1.1.19
kde kpdf 3.2
suse suse_linux 6.2
suse suse_linux 9.0
xpdf xpdf 0.90
pdftohtml pdftohtml 0.35
easy_software_products cups 1.1.6
easy_software_products cups 1.1.4
pdftohtml pdftohtml 0.32a
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.20
easy_software_products cups 1.1.16
pdftohtml pdftohtml 0.32b
easy_software_products cups 1.0.4_8
easy_software_products cups 1.1.7
suse suse_linux 7.3
xpdf xpdf 1.0
suse suse_linux 7.1
kde kde 3.3
suse suse_linux 7.0
suse suse_linux 6.1
easy_software_products cups 1.1.14
suse suse_linux 5.3
xpdf xpdf 0.93
suse suse_linux 2.0
tetex tetex 2.0
redhat linux 9.0
xpdf xpdf 1.0a
easy_software_products cups 1.1.18
sgi propack 3.0
redhat fedora_core core_3.0
gnome gpdf 0.112
redhat enterprise_linux_desktop 3.0
suse suse_linux 5.2
suse suse_linux 4.4
kde kde 3.2.3
kde koffice 1.3_beta1
pdftohtml pdftohtml 0.33a
ascii ptex 3.1.4
ubuntu ubuntu_linux 4.1
suse suse_linux 8.1
gnome gpdf 0.131
suse suse_linux 7.2
redhat fedora_core core_1.0
easy_software_products cups 1.1.4_5
suse suse_linux 6.0
easy_software_products cups 1.1.1
pdftohtml pdftohtml 0.36
xpdf xpdf 2.1
kde kde 3.2
gnome gpdf 0.110
suse suse_linux 6.3
suse suse_linux 1.0
easy_software_products cups 1.1.4_3
pdftohtml pdftohtml 0.34
easy_software_products cups 1.1.15
suse suse_linux 4.2
easy_software_products cups 1.0.4
suse suse_linux 5.0
kde koffice 1.3.1
pdftohtml pdftohtml 0.33
kde koffice 1.3
xpdf xpdf 2.0
easy_software_products cups 1.1.4_2
suse suse_linux 9.2
kde kde 3.3.1
kde koffice 1.3.2
suse suse_linux 6.4
easy_software_products cups 1.1.19_rc5
tetex tetex 2.0.2
kde koffice 1.3_beta2
sgi advanced_linux_environment 3.0
cstex cstetex 2.0.2
debian debian_linux 3.0
suse suse_linux 4.4.1
easy_software_products cups 1.1.10
CVE-2005-0398 MEDIUM

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kame racoon 2004-04-05
kame racoon 2003-07-11
kame racoon 2005-02-28
ipsec-tools ipsec-tools 0.3.3
suse suse_linux *
redhat enterprise_linux 3.0
kame racoon 2004-04-07b
redhat enterprise_linux_desktop 4.0
sgi propack 3.0
suse suse_linux 9.2
kame racoon 2005-02-07
redhat enterprise_linux_desktop 3.0
ipsec-tools ipsec-tools 0.5
kame racoon 2005-03-07
suse suse_linux 9.1
kame racoon 2004-05-03
kame racoon 2005-01-31
altlinux alt_linux 2.3
kame racoon 2005-01-17
kame racoon 2005-01-03
kame racoon 2005-01-10
kame racoon 2005-02-21
kame racoon 2005-02-14
redhat enterprise_linux 4.0
kame racoon 2005-01-24
CVE-2005-0464 LOW

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.22
CVE-2005-0465 LOW

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 3.3.1
sgi irix 3.3.3
sgi irix 6.5.13
sgi irix 6.5.13f
sgi irix 6.5_20
sgi irix 4.0.5
sgi irix 6.5.14m
sgi irix 6.5.13m
sgi irix 6.5.17m
sgi irix 6.5.19
sgi irix 6.0.1
sgi irix 4.0.5b
sgi irix 6.5.6
sgi irix 6.2
sgi irix 6.5.11f
sgi irix 6.5.17
sgi irix 6.5.4f
sgi irix 6.5.5m
sgi irix 4.0.3
sgi irix 6.5.21
sgi irix 6.5.20
sgi irix 6.5.5
sgi irix 6.5.10
sgi irix 6.5.16f
sgi irix 4.0.5_ipr
sgi irix 6.5.9f
sgi irix 5.2
sgi irix 4.0.4
sgi irix 6.5.2
sgi irix 6.5.5f
sgi irix 6.5.8
sgi irix 6.5.16
sgi irix 6.5.7
sgi irix 4.0.1
sgi irix 6.5.11m
sgi irix 6.5.19m
sgi irix 3.3.2
sgi irix 6.5.4
sgi irix 6.5.18f
sgi irix 6.5.3m
sgi irix 6.5.14f
sgi irix 6.5.20m
sgi irix 6.5.12f
sgi irix 6.5.19f
sgi irix 4.0.5g
sgi irix 6.5.8m
sgi irix 6.5.22
sgi irix 4.0.1t
sgi irix 3.3
sgi irix 4.0.5a
sgi irix 6.5.15m
sgi irix 6.1
sgi irix 5.0.1
sgi irix 6.5.3f
sgi irix 4.0.5e
sgi irix 6.5.7f
sgi irix 6.5.6f
sgi irix 6.5.17f
sgi irix 6.5.16m
sgi irix 6.5.8f
sgi irix 6.5.11
sgi irix 4.0.5h
sgi irix 6.5.9
sgi irix 6.4
sgi irix 3.2
sgi irix 6.5.6m
sgi irix 6.5.9m
sgi irix 4.0.2
sgi irix 4.0.5_iop
sgi irix 6.5.14
sgi irix 6.5.21m
sgi irix 5.1
sgi irix 6.5.4m
sgi irix 5.0
sgi irix 4.0.4t
sgi irix 6.5.2f
sgi irix 6.5.18m
sgi irix 5.1.1
sgi irix 6.5.18
sgi irix 6.5.10m
sgi irix 6.5.10f
sgi irix 6.5.20f
sgi irix 4.0.4b
sgi irix 6.5.2m
sgi irix 6.5.15
sgi irix 6.5.21f
sgi irix 6.5.7m
sgi irix 5.3
sgi irix 4.0
sgi irix 4.0.5f
sgi irix 6.5.15f
sgi irix 6.3
sgi irix 6.0
sgi irix 6.5.3
sgi irix 6.5.12m
sgi irix 6.5.1
sgi irix 6.5
sgi irix 6.5.12
CVE-2005-0605 HIGH

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.2
suse suse_linux 7.0
xfree86_project x11r6 3.3.6
suse suse_linux 6.1
xfree86_project x11r6 4.0.1
xfree86_project x11r6 3.3
xfree86_project x11r6 4.0.3
suse suse_linux 8.2
mandrakesoft mandrake_linux 10.1
xfree86_project x11r6 4.2.0
redhat fedora_core core_2.0
redhat enterprise_linux 3.0
xfree86_project x11r6 3.3.4
xfree86_project x11r6 4.3.0.2
sgi propack 3.0
redhat fedora_core core_3.0
redhat enterprise_linux_desktop 3.0
suse suse_linux 9.1
xfree86_project x11r6 4.3.0.1
x.org x11r6 6.7.0
xfree86_project x11r6 4.3.0
xfree86_project x11r6 4.0
suse suse_linux 8.1
xfree86_project x11r6 3.3.3
xfree86_project x11r6 4.0.2.11
suse suse_linux 8.0
mandrakesoft mandrake_linux_corporate_server 3.0
suse suse_linux 7.2
mandrakesoft mandrake_linux_corporate_server 2.1
redhat enterprise_linux 4.0
xfree86_project x11r6 4.1.12
x.org x11r6 6.8.1
mandrakesoft mandrake_linux 10.0
suse suse_linux 6.3
xfree86_project x11r6 4.1.11
xfree86_project x11r6 3.3.2
xfree86_project x11r6 4.2.1
x.org x11r6 6.8
redhat enterprise_linux_desktop 4.0
suse suse_linux 9.2
xfree86_project x11r6 3.3.5
xfree86_project x11r6 4.1.0
suse suse_linux 6.2
suse suse_linux 9.0
altlinux alt_linux 2.3
suse suse_linux 6.4
lesstif lesstif 0.93.94
suse suse_linux 7.3
suse suse_linux 7.1
CVE-2005-0759 MEDIUM

ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
imagemagick imagemagick 5.4.8.2.1.1.0
imagemagick imagemagick 5.3.8
imagemagick imagemagick 5.4.7
imagemagick imagemagick 5.4.8
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.5.4
imagemagick imagemagick 5.5.6
imagemagick imagemagick 5.3.3
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.5.3.2.1.2.0
sgi propack 3.0
imagemagick imagemagick 5.5.6.0_2003-04-09
CVE-2005-0761 MEDIUM

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
imagemagick imagemagick 5.4.8.2.1.1.0
imagemagick imagemagick 6.0.5
imagemagick imagemagick 6.1.5
imagemagick imagemagick 6.1.6
imagemagick imagemagick 6.0.3
imagemagick imagemagick 6.0.2
imagemagick imagemagick 6.0.1
imagemagick imagemagick 6.1.1.6
imagemagick imagemagick 6.0.4
imagemagick imagemagick 6.0.7
imagemagick imagemagick 5.5.7
imagemagick imagemagick 5.5.6
imagemagick imagemagick 5.3.3
imagemagick imagemagick 6.0.2.5
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.5.3.2.1.2.0
sgi propack 3.0
imagemagick imagemagick 6.1
imagemagick imagemagick 6.1.4
imagemagick imagemagick 6.0.8
imagemagick imagemagick 5.3.8
imagemagick imagemagick 5.4.7
imagemagick imagemagick 6.0.6
imagemagick imagemagick 6.0
imagemagick imagemagick 6.1.7
imagemagick imagemagick 5.4.8
imagemagick imagemagick 6.1.2
imagemagick imagemagick 5.4.4.5
imagemagick imagemagick 5.5.4
imagemagick imagemagick 6.1.3
imagemagick imagemagick 5.5.6.0_2003-04-09
CVE-2005-1043 MEDIUM

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.0
suse suse_linux 6.1
suse suse_linux 5.3
suse suse_linux 3.0
apple mac_os_x 10.3.9
suse suse_linux 8.2
apple mac_os_x_server 10.3.9
suse suse_linux 2.0
conectiva linux 10.0
conectiva linux 9.0
sgi propack 3.0
apple mac_os_x_server 10.4.1
php php 4.3.10
suse suse_linux 4.3
suse suse_linux 9.1
suse suse_linux 5.2
apple mac_os_x 10.4.1
suse suse_linux 4.4
suse suse_linux 9.3
suse suse_linux 8.1
php php 4.3.6
php php 4.3.7
suse suse_linux 8.0
php php 4.3.0
suse suse_linux 7.2
suse suse_linux 6.0
php php 4.3.5
suse suse_linux 6.3
peachtree peachtree_linux release_1
suse suse_linux 1.0
suse suse_linux 4.0
suse suse_linux 4.2
suse suse_linux 5.0
php php 4.3.1
suse suse_linux 5.1
php php 4.3.4
suse suse_linux 9.2
suse suse_linux 6.2
suse suse_linux 9.0
suse suse_linux 6.4
php php 4.3.3
php php 4.3.9
apple mac_os_x 10.4
suse suse_linux 4.4.1
php php 4.3.8
apple mac_os_x_server 10.4
suse suse_linux 7.3
php php 4.3.2
suse suse_linux 7.1
CVE-2005-1859 HIGH

Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 4.0
sgi propack 3.0
CVE-2005-2925 HIGH

runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi irix 6.5.22
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
mandrakesoft mandrake_linux 2006
turbolinux turbolinux_appliance_server 1.0_hosting_edition
slackware slackware_linux 10.0
tetex tetex 2.0
sco openserver 6.0
redhat linux 9.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 10.0
turbolinux turbolinux_personal *
conectiva linux 10.0
trustix secure_linux 2.2
redhat fedora_core core_2.0
redhat enterprise_linux 3.0
kde kword 1.4.2
sgi propack 3.0
kde kpdf 3.4.3
redhat fedora_core core_3.0
redhat enterprise_linux_desktop 3.0
slackware slackware_linux 9.1
suse suse_linux 9.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.3
ubuntu ubuntu_linux 4.1
trustix secure_linux 2.0
redhat fedora_core core_4.0
libextractor libextractor *
kde koffice 1.4
turbolinux turbolinux_multimedia *
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 3.0
ubuntu ubuntu_linux 5.10
slackware slackware_linux 9.0
redhat fedora_core core_1.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux_corporate_server 2.1
redhat enterprise_linux 4.0
turbolinux turbolinux_home *
easy_software_products cups 1.1.23
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.23_rc1
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
ubuntu ubuntu_linux 5.04
kde kdegraphics 3.2
suse suse_linux 1.0
redhat linux 7.3
gentoo linux *
turbolinux turbolinux_server 10.0
tetex tetex 1.0.7
kde koffice 1.4.1
xpdf xpdf 3.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
debian debian_linux 3.1
turbolinux turbolinux fuji
redhat enterprise_linux_desktop 4.0
suse suse_linux 9.2
redhat enterprise_linux 2.1
kde koffice 1.4.2
kde kpdf 3.2
suse suse_linux 9.0
turbolinux turbolinux 10
slackware slackware_linux 10.2
turbolinux turbolinux_workstation 8.0
tetex tetex 2.0.2
poppler poppler 0.4.2
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.22
debian debian_linux 3.0
sco openserver 5.0.7
turbolinux turbolinux_server 10.0_x86
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
mandrakesoft mandrake_linux 2006
turbolinux turbolinux_appliance_server 1.0_hosting_edition
slackware slackware_linux 10.0
tetex tetex 2.0
sco openserver 6.0
redhat linux 9.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 10.0
turbolinux turbolinux_personal *
conectiva linux 10.0
trustix secure_linux 2.2
redhat fedora_core core_2.0
redhat enterprise_linux 3.0
kde kword 1.4.2
sgi propack 3.0
kde kpdf 3.4.3
redhat fedora_core core_3.0
redhat enterprise_linux_desktop 3.0
slackware slackware_linux 9.1
suse suse_linux 9.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.3
ubuntu ubuntu_linux 4.1
trustix secure_linux 2.0
redhat fedora_core core_4.0
libextractor libextractor *
kde koffice 1.4
turbolinux turbolinux_multimedia *
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 3.0
ubuntu ubuntu_linux 5.10
slackware slackware_linux 9.0
redhat fedora_core core_1.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux_corporate_server 2.1
redhat enterprise_linux 4.0
turbolinux turbolinux_home *
easy_software_products cups 1.1.23
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.23_rc1
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
ubuntu ubuntu_linux 5.04
kde kdegraphics 3.2
suse suse_linux 1.0
redhat linux 7.3
gentoo linux *
turbolinux turbolinux_server 10.0
tetex tetex 1.0.7
kde koffice 1.4.1
xpdf xpdf 3.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
debian debian_linux 3.1
turbolinux turbolinux fuji
redhat enterprise_linux_desktop 4.0
suse suse_linux 9.2
redhat enterprise_linux 2.1
kde koffice 1.4.2
kde kpdf 3.2
suse suse_linux 9.0
turbolinux turbolinux 10
slackware slackware_linux 10.2
turbolinux turbolinux_workstation 8.0
tetex tetex 2.0.2
poppler poppler 0.4.2
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.22
debian debian_linux 3.0
sco openserver 5.0.7
turbolinux turbolinux_server 10.0_x86
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
mandrakesoft mandrake_linux 2006
turbolinux turbolinux_appliance_server 1.0_hosting_edition
slackware slackware_linux 10.0
tetex tetex 2.0
sco openserver 6.0
redhat linux 9.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 10.0
turbolinux turbolinux_personal *
conectiva linux 10.0
trustix secure_linux 2.2
redhat fedora_core core_2.0
redhat enterprise_linux 3.0
kde kword 1.4.2
sgi propack 3.0
kde kpdf 3.4.3
redhat fedora_core core_3.0
redhat enterprise_linux_desktop 3.0
slackware slackware_linux 9.1
suse suse_linux 9.1
turbolinux turbolinux_server 8.0
suse suse_linux 9.3
ubuntu ubuntu_linux 4.1
trustix secure_linux 2.0
redhat fedora_core core_4.0
libextractor libextractor *
kde koffice 1.4
turbolinux turbolinux_multimedia *
mandrakesoft mandrake_linux_corporate_server 3.0
tetex tetex 3.0
ubuntu ubuntu_linux 5.10
slackware slackware_linux 9.0
redhat fedora_core core_1.0
kde kdegraphics 3.4.3
mandrakesoft mandrake_linux_corporate_server 2.1
redhat enterprise_linux 4.0
turbolinux turbolinux_home *
easy_software_products cups 1.1.23
turbolinux turbolinux_desktop 10.0
easy_software_products cups 1.1.23_rc1
easy_software_products cups 1.1.22_rc1
tetex tetex 2.0.1
ubuntu ubuntu_linux 5.04
kde kdegraphics 3.2
suse suse_linux 1.0
redhat linux 7.3
gentoo linux *
turbolinux turbolinux_server 10.0
tetex tetex 1.0.7
kde koffice 1.4.1
xpdf xpdf 3.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
debian debian_linux 3.1
turbolinux turbolinux fuji
redhat enterprise_linux_desktop 4.0
suse suse_linux 9.2
redhat enterprise_linux 2.1
kde koffice 1.4.2
kde kpdf 3.2
suse suse_linux 9.0
turbolinux turbolinux 10
slackware slackware_linux 10.2
turbolinux turbolinux_workstation 8.0
tetex tetex 2.0.2
poppler poppler 0.4.2
redhat linux_advanced_workstation 2.1
easy_software_products cups 1.1.22
debian debian_linux 3.0
sco openserver 5.0.7
turbolinux turbolinux_server 10.0_x86
CVE-2006-1167 LOW

SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi propack 3
CVE-2010-1039 HIGH

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-134,

Products Affected

Vendor Product Version
ibm aix 4.1.4
ibm aix 4.1.5
ibm aix 2.2.1
ibm aix *
ibm aix 4.1
ibm vios 2.1
ibm aix 5.2
ibm aix 4.1.2
ibm aix 430
ibm aix 4.3.2
ibm aix 3.2.0
ibm aix 4.1.1
ibm aix 5.1
ibm aix 4.3.0
ibm aix 4.0
ibm aix 1.3
ibm aix 4.3.3
ibm aix 6.1
ibm aix 4.2
ibm vios 1.4
ibm aix 4.2.1
ibm aix 5.1l
ibm aix 5.2.0.50
ibm aix 5.2.0.54
ibm aix 4
ibm aix 4.3
ibm aix 4.2.0
ibm aix 4.2.1.12
ibm aix 3.1
ibm aix 4.3.1
ibm aix 5.2_l
ibm aix 5.2.0
ibm aix 3.2.4
ibm aix 5.2.2
ibm aix 5.1.0.10
ibm aix 3.2
ibm aix 1.2.1
ibm aix 3.2.5
hp nfs/oncplus *
ibm aix 4.1.3
sgi irix 6.5
ibm vios *
CVE-2012-3418 MEDIUM

libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
sgi performance_co-pilot 2.1.9
sgi performance_co-pilot 2.1.7
sgi performance_co-pilot 2.1.5
sgi performance_co-pilot 2.1.2
sgi performance_co-pilot 2.1.11
sgi performance_co-pilot 2.1.6
sgi performance_co-pilot 2.1.1
sgi performance_co-pilot 2.1.10
sgi performance_co-pilot 2.1.4
sgi performance_co-pilot *
sgi performance_co-pilot 2.1.3
sgi performance_co-pilot 2.1.8
sgi performance_co-pilot 2.2
CVE-2012-3419 MEDIUM

Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
sgi performance_co-pilot 2.1.9
sgi performance_co-pilot 2.1.7
sgi performance_co-pilot 2.1.5
sgi performance_co-pilot 2.1.2
sgi performance_co-pilot 2.1.6
sgi performance_co-pilot 2.1.1
sgi performance_co-pilot 2.1.10
sgi performance_co-pilot 2.1.4
sgi performance_co-pilot *
sgi performance_co-pilot 2.1.3
sgi performance_co-pilot 2.1.8
sgi performance_co-pilot 2.2
CVE-2012-3420 MEDIUM

Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
sgi performance_co-pilot 2.1.9
sgi performance_co-pilot 2.1.7
sgi performance_co-pilot 2.1.5
sgi performance_co-pilot 2.1.2
sgi performance_co-pilot 2.1.11
sgi performance_co-pilot 2.1.6
sgi performance_co-pilot 2.1.1
sgi performance_co-pilot 2.1.10
sgi performance_co-pilot 2.1.4
sgi performance_co-pilot *
sgi performance_co-pilot 2.1.3
sgi performance_co-pilot 2.1.8
sgi performance_co-pilot 2.2
CVE-2012-3421 MEDIUM

The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi performance_co-pilot 2.1.9
sgi performance_co-pilot 2.1.7
sgi performance_co-pilot 2.1.5
sgi performance_co-pilot 2.1.2
sgi performance_co-pilot 2.1.11
sgi performance_co-pilot 2.1.6
sgi performance_co-pilot 2.1.1
sgi performance_co-pilot 2.1.10
sgi performance_co-pilot 2.1.4
sgi performance_co-pilot *
sgi performance_co-pilot 2.1.3
sgi performance_co-pilot 2.1.8
sgi performance_co-pilot 2.2
CVE-2023-6917

A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 0.8 5.2

Products Affected

Vendor Product Version
redhat enterprise_linux 9.0
sgi performance_co-pilot *