SGI Security Advisory 20020902-01-I - SGI IRIX 6.5 systems apply world-readable permissions on all coredumps. This can allow local users to disclose sensitive information from system coredumps. This affects IRIX versions prior to 6.5.15.
8865c4316b71f35b8b1d3a39f7a567c21b5039bfae4604de43980cfb6abfae49SGI Security Advisory 20020901-01-A - It has been found that several operating systems have insecurely implemented the IGMP protocol and several attacks can be used to take down network segments that are being routed by such systems. SGI acknowledged the problem but did not release patches yet.
08b944c933f57062e0415a18cfab72760323dd032a31c138c3794625199b5b1cSGI Security Advisory 20020605-01-I - A vulnerability found in the chunked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects IRIX systems versions 6.5.12m/f up to and including 6.5.16. SGI IRIX 6.5.17 is not affected.
76bb676c215a49fb99134bfa0b2bd17ffce8884666531a51a9bc18221c6c10b1SGI Security Advisory 20020605-01-I - A vulnerability found in the IRIX xfsmd can lead to the remote root access on a vulnerable system. Affects Irix v6.5 through 6.5.16.
c8508fa83da8c2672e55dc46dd4d9131c93d5bae6d08fe32083d3464562b427eSGI Security Advisory 20020602-01-I - "MediaMail" and "MediaMail Pro (/usr/binX11/MediaMail) can be caused to dump core when passed certain user-supplied arguments. Since it is setgid mail, the core dump can be exploited in several ways.
5ccb902fd1c5669a7201417a5c2470d5e7b7e6963fadec467cdb57ed27b596a2SGI Security Advisory 20020601-01-P - /usr/etc/rpc.passwd has a vulnerability which allows local users to gain root access. The rpc.passwd binary is not installed by default on IRIX 6.5 systems. It is part of the optional subsystem "nfs.sw.nis".
6e15a663869db717fab24ccc54db4d83319ab67ce789bdd0c2ede9b37f07e1c9SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.
ecfddfe1a5d66662e1eacb3e599522d5cc271ef9922a8b2cb650afd55c1f66d3SGI Security Advisory 20020409-01-I - A buffer overflow vulnerability found in the /usr/sbin/cpr binary (IRIX Checkpoint and Restart) can allow local user to gain root level privileges. The overflow has been fixed in SGI IRIX 6.5.11 and patches have been made available for previous versions.
4f2b6cad39b01f6b18e6056ce1678da489b4ec172ed6d052a6b777d61347616aSGI Security Advisory 20020501-01-I - The name service daemon (nsd) contains a symlink vulnerability that can be used by local users to elevate their privileges. This vulnerability has been fixed in IRIX 6.5.11 and patches are available for older versions.
e21e400ab5d66314a3149dd6b20aaa81db2e5c9859e2cf50ed81e6d737e78d4aSGI Security Advisory 20020102-02-I - A vulnerability related to the way the IRIX unified name service daemon (nsd) manages its cache files has been reported which allows remote users to fill the disk. The nsd daemon is installed by default on all 6.5.x versions of IRIX, and this vulnerability exists in all versions of IRIX 6.5.4m/f through 6.5.11m/f. The problem has been fixed in IRIX 6.5.12m/f.
44d2dcae3a1ebef95b52d69bf3a53fea80ae607bc6bbf4571c42ecb9a5b47610SGI Security Advisory 20011101-01-I - Multiple local Sendmail vulnerabilities have been discovered, potentially causing information loss, disclosure of possibly sensitive information, and possible mail system compromise. Affected versions include all Sendmail versions prior to 8.12.1 without the "RestrictQRun" option enabled.
0bb90dd02aa4d1ebe8eecbb55fa74f395f0e1610f305f926cc0eb9b53a9475d0SGI Security Advisory - A remote vulnerability in the objectserver(1M) daemon has been discovered which can lead to unauthorized non-privileged user accounts being created. IRIX operating systems versions 5.1 through 6.2 are vulnerable. SGI Security page here.
62bd2d1d51a462ebca4fd8887d85a6f4a333ec705b12f8d65fdd2ccbeaaecfbfThis advisory has the title IRIX syserr and permissions programs.
9deac57b977ae04d6d4b5ff194bb99e7123527c6456b5f826cdee10d7656ce91This advisory has the title Network Snooping and Promiscuous Network Interfaces.
5eeb5859d1c9ac237bb5f5ea826340ab953858d572bf45e8b0618de98cd50468This advisory has the title Visual Serial Port Manager for IRIX 4.x.
ab2ba641716ea6ec41e81583ee5284fb7beaf9a8f6d47e2de8c0728c52ba7739This advisory has the title CERT CA-95:02 Vulnerabilities in /bin/mail.
0b97f3bf60702e0c72a70ffc48389a2d2133c49acd579c17b94237a18c5b7b46This advisory has the title CERT CA-95:01 IP Spoofing Attacks and Hijacked Terminal.
2f66ae5b7da5b429e4874a4b4050ebb2cc2b51a73bc21af42229ecae7df6214aThis advisory has the title CERT CA-95:02 Vulnerabilities in /bin/mail.
a669e5105ba324fb3596ec7c5d1f4e94300c7c1bf7ba76a2b9591fcd4c087649This advisory has the title Sendmail Vulnerabilities CERT 95:05.
d180ab819f0e54c741cb19b41e60c4a09488b54d9ec4c44a208a02e6e5805636This advisory has the title colorview program allows reading of any file.
08e689b6d8c8c757ea20a963ebd8bb653df78ab733692521261a389519f632d6This advisory has the title IRIX 5.2, 6.0, 6.0.1 Desktop Permissions Tool.
e896dfc92ee3f2aa74e0f8cf6c53d35306e7c8a8e899928a43d3406646d867aeThis advisory has the title Release of SANTA/SATAN tool and SGI specifics.
1063fb5e48a8e641267ef458950469486d60533ae9e7e053a67e9f7bf50389d7This advisory has the title Good Times Virus is Hoax.
cea32bec1d3410e6847e896a87d33e05eb48d3969a291857948029eb3c43787bThis advisory has the title sendmail issues with syslog vulnerability.
555b5e2dbafee23e8cc0c55d35f4234e691ae262557699c70549b913f5419766This advisory has the title Password-less accounts.
72ac157f43c3f110fa9281382551fd19bdf77398148c226cf0dfb69259a4ed0e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed