SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.
c311575509d77e140256db203b3431dabc5c01cfb4dd8d1e624c66a52ee8d789
SGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1
SGI Security Advisory 20030702-01-P - It has been reported that logging into an IRIX 6.5 machine while particular environment variables are set can lead to /usr/lib/iaf/scheme dumping core. Since scheme is suid root, this could potentially lead to a root compromise.
cf55ec3e1e580ca7b85e91d22604fd9c68c6799680b2b730027f68cf4fe308de
SGI Security Advisory 20030701-01-P - Multiple vulnerabilities have been found in the Name Service Daemon, or nsd, on IRIX below version 6.5.21.
b6218821e51de97c515742f76bc0a7393297d398e8dfbefd71584ac16e407bec
SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.
ecfddfe1a5d66662e1eacb3e599522d5cc271ef9922a8b2cb650afd55c1f66d3
SGI Security Advisory 20020409-01-I - A buffer overflow vulnerability found in the /usr/sbin/cpr binary (IRIX Checkpoint and Restart) can allow local user to gain root level privileges. The overflow has been fixed in SGI IRIX 6.5.11 and patches have been made available for previous versions.
4f2b6cad39b01f6b18e6056ce1678da489b4ec172ed6d052a6b777d61347616a
SGI Security Advisory 20020501-01-I - The name service daemon (nsd) contains a symlink vulnerability that can be used by local users to elevate their privileges. This vulnerability has been fixed in IRIX 6.5.11 and patches are available for older versions.
e21e400ab5d66314a3149dd6b20aaa81db2e5c9859e2cf50ed81e6d737e78d4a