SGI IRIX versions 6.4.x and below run-time linker (rld) arbitrary file creation exploit.
6f90ee10780f9ce1e84434cd416d1bb52ce40db82cd9f3b32770f230eec3040cfwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
784c667fc4b2cb45a551290aa31e176a98eedf87686e8f45e5e50794aa951c79Sites designed by IRIX suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
2e1d97b25f5cf62f82dd3038d4d74f2fdf27973b47773218d61fd699c2992eebfwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
da806dbaaa56fdfd36a208b15bfeccaa0531f0789ad1355e43c047523ea60a48Secunia Security Advisory - A vulnerability has been reported in SGI IRIX, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service).
bf97ee2df1b30c808b1fe824dcd7f7fefc5abe895cfdc424e8aa0ce46ec088f6IRIX suffers from local kernel memory disclosure and denial of service vulnerabilities.
0cecddc322fe604057e9e42e8390e2b8b117401e3fd067e622f698e7eadfb1eefwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
37fdfb49085fc7871b2bda30c4f334732cc552c1451aede94d96976e9122a92crpc.pcnfsd suffers from a syslog related format string vulnerability. IBM AIX versions 6.1.0 and below, IRIX 6.5 and HP-UX versions 11.11, 11.23 and 11.31 are all affected.
78d8496b11da0be50a94a9121549a259d6a954ea9337ad9e3d7cd651348c21b2This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix.
e9b94c7b39094f786cf93481c5471c76f60e78b4c1f1ebf64aff58eaed537f5dIRIX MIPS processor shellcode. Tested on R12000 process with system IRIX64 6.5.26m.
a44477ca1f8cd02261ab5c90a11b65a2d02cc650a4771be9db30638bfc80f798SGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit.
87ee2433cea6d25492bbf29d76ac2dddfffb1036915de7f4e24d87a028286cbeSGI IRIX 6.5 local root exploit that makes use of /usr/sysadm/bin/lezririx.
9e782c3248720f5c96b198b4d71e6be19f6122f33549f5c9a73407a910e5dbf2iDEFENSE Security Advisory 10.10.05-1 - Local exploitation of a design error vulnerability in the runpriv command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.22 (maintenance). It is suspected that previous and later versions of both the feature and maintenance revisions of IRIX 6.5 are also vulnerable.
1c012fe38982c56bc23fed6348942a17603277d23ed1b3e06be34b0c10278c98Snare for Squid provides a remote distribution facility for Squid proxy server logs, and is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Squid can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival.
85e084194e7c2a32f392552b2b3871997c9ecf13ca413825aa483139a8f78b00Snare for Apache provides a remote distribution facility for Apache Web server logs. It is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Apache can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival.
9dcabe60749e90b6acdd79c63bdceb5abfb7796c105386c53b9a80c5f97095fcSecunia Security Advisory - SGI has acknowledged a vulnerability in IRIX, which can be exploited by malicious people to compromise a vulnerable system.
4ea34ef44b3a59e40bf864693791767592303c7d6e0cfe32c49397af362eca71Secunia Security Advisory - A security issue has been reported in SGI IRIX, which potentially can be exploited by malicious users to disclose and modify sensitive information.
f124f7a851330600a1b71a01f3abe98b29b215e215d36cd096a98fb059146821iDEFENSE Security Advisory 04.07.05 - Local exploitation of a file overwrite vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX operating system could allow for the overwriting of arbitrary files, regardless of permissions. The vulnerability specifically exists in the way that gr_osview opens user specified files without dropping privileges. When a file is specified using the -s option, it will be opened regardless of permissions, and operating system usage information will be written into it.
29a70daef98009d4fa1ecd712df21886a85b1073f4c94150aff6fcc84691906ciDEFENSE Security Advisory 04.07.05 - Local exploitation of an information disclosure vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX Operating System could allow for the disclosure of sensitive information such as the root user's password hash. The vulnerability specifically exists in the way that gr_osview opens user-specified description files without dropping privileges. When this is combined with the debug option, it is possible to dump a line from an arbitrary file, regardless of its protection.
33fd95497c6279b174df0ba9d86a06c156ff31e8632e7ad7b59db900e31cdda0Secunia Security Advisory - Two vulnerabilities have been reported in SGI IRIX, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and disclose some sensitive information.
82e6544970c3a21a5afeccf883a7d574eeb03edeecd6dd09457073fedac09581iDEFENSE Security Advisory 01.13.05-3 - Local exploitation of a design error vulnerability in the inpview command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.9 (feature) and 6.5.22 (maintenance).
6fc74e29d221906b5702bda5d63a1aa554f4996f982c5cdfd0f9e76df8802420NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall.
05546d49f053bc61209d8c580436a808dbef16beb496554eb15265e595aea34fSGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.
c311575509d77e140256db203b3431dabc5c01cfb4dd8d1e624c66a52ee8d789SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.
7d950166788412a4f59d5667daca8545e4ae1aefd11cc0225a8adfe941090883SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.
60b6fab3dcc07e154a22aa2c18072a5e408070846522782d959a9681d25da497
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed