| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities. |
| Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. |
| Buffer overflow in statd allows root privileges. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. |
| Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. |
| Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. |
| netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions. |
| MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privileges. |
| Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group. |
| The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
| The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. |
| scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. |
| Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption). |
