SGI Security Advisory 20020902-01-I - SGI IRIX 6.5 systems apply world-readable permissions on all coredumps. This can allow local users to disclose sensitive information from system coredumps. This affects IRIX versions prior to 6.5.15.
9315a98001591b774f8fa81e3687ba21SGI Security Advisory 20020901-01-A - It has been found that several operating systems have insecurely implemented the IGMP protocol and several attacks can be used to take down network segments that are being routed by such systems. SGI acknowledged the problem but did not release patches yet.
84dae135b0b8628df90fe803eeda5f2eSGI Security Advisory 20020605-01-I - A vulnerability found in the chunked encoding implementation in Apache versions 1.3.24, 2.0.36 or prior can be used to remotely execute code on systems running this software. This vulnerability affects IRIX systems versions 6.5.12m/f up to and including 6.5.16. SGI IRIX 6.5.17 is not affected.
b44f60e8f0b88e503d01b5125f0524c6SGI Security Advisory 20020605-01-I - A vulnerability found in the IRIX xfsmd can lead to the remote root access on a vulnerable system. Affects Irix v6.5 through 6.5.16.
107bf81f7d77d1a13ba6b90562c60f90SGI Security Advisory 20020602-01-I - "MediaMail" and "MediaMail Pro (/usr/binX11/MediaMail) can be caused to dump core when passed certain user-supplied arguments. Since it is setgid mail, the core dump can be exploited in several ways.
45ebaa94b9598b90bd77ba41dd010573SGI Security Advisory 20020601-01-P - /usr/etc/rpc.passwd has a vulnerability which allows local users to gain root access. The rpc.passwd binary is not installed by default on IRIX 6.5 systems. It is part of the optional subsystem "nfs.sw.nis".
a9f6c3f8bddb276e2347490ed85dd6c5SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.
6ab5d926e943b47fda267a53527c3809SGI Security Advisory 20020409-01-I - A buffer overflow vulnerability found in the /usr/sbin/cpr binary (IRIX Checkpoint and Restart) can allow local user to gain root level privileges. The overflow has been fixed in SGI IRIX 6.5.11 and patches have been made available for previous versions.
1b212fd1910572e509e5b37c2bd49899SGI Security Advisory 20020501-01-I - The name service daemon (nsd) contains a symlink vulnerability that can be used by local users to elevate their privileges. This vulnerability has been fixed in IRIX 6.5.11 and patches are available for older versions.
b7cca256947c54cbaaa2bde4e510fb6cSGI Security Advisory 20020102-02-I - A vulnerability related to the way the IRIX unified name service daemon (nsd) manages its cache files has been reported which allows remote users to fill the disk. The nsd daemon is installed by default on all 6.5.x versions of IRIX, and this vulnerability exists in all versions of IRIX 6.5.4m/f through 6.5.11m/f. The problem has been fixed in IRIX 6.5.12m/f.
bf5faec99bcaf5b2354ef288848a573cSGI Security Advisory 20011101-01-I - Multiple local Sendmail vulnerabilities have been discovered, potentially causing information loss, disclosure of possibly sensitive information, and possible mail system compromise. Affected versions include all Sendmail versions prior to 8.12.1 without the "RestrictQRun" option enabled.
cbbd3c608d512e10cc6136a3f9f8e1f9SGI Security Advisory - A remote vulnerability in the objectserver(1M) daemon has been discovered which can lead to unauthorized non-privileged user accounts being created. IRIX operating systems versions 5.1 through 6.2 are vulnerable. SGI Security page here.
e4343e22781b1c35c49c904155df6f6a11971103
61efc397d487d0a31473278ed68d4d5619940301
362afc0c19beead3025daeba37c4664e19941010
a9b622a2bb4e25f3b7511727d8d456ef19950102
57c3653db6a6a9245fe93101e72367b619950123
866f15a1725060fe9e16ab3dc7663bd119950126
e6690698adf2ba6ca207479e221696a119950201
e452f65b9767894b128de3c723ba8fe519950209
1844db09e43a1a7e4ded0257ddf4e61f19950301
f2f0dc33853985aae0c473e954d0866f19950401
afc5233eccd1864597a2ebfe8b21167219950501
6e1672f81dfff80cced715ad3da942ed19951001
688e142009b47b94c7f1250e5550931719951002
4644e0d52eb43c9703af91aa589d0205
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed