CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SGI : Security Vulnerabilities (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-3418 189 DoS Exec Code Overflow 2012-08-27 2013-10-08
5.0
None Remote Low Not required None None Partial
libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.
2 CVE-2010-1039 134 Exec Code 2010-05-20 2011-07-25
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
3 CVE-2007-4938 119 DoS Exec Code Overflow 2007-09-18 2008-11-15
7.6
Admin Remote High Not required Complete Complete Complete
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
4 CVE-2005-2925 Exec Code Bypass 2005-10-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.
5 CVE-2005-0605 Exec Code Overflow 2005-03-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
6 CVE-2005-0156 Exec Code Overflow 2005-02-07 2013-10-23
2.1
None Local Low Not required None Partial None
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
7 CVE-2005-0113 Exec Code 2005-01-14 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
8 CVE-2005-0005 Exec Code Overflow 2005-05-02 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
9 CVE-2004-1471 DoS Exec Code 2004-12-31 2008-09-05
7.1
Admin Remote High Single system Complete Complete Complete
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
10 CVE-2004-1307 Exec Code Overflow 2004-12-21 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
11 CVE-2004-1184 Exec Code 2005-01-21 2010-08-21
4.6
User Local Low Not required Partial Partial Partial
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
12 CVE-2004-0523 Exec Code Overflow 2004-08-18 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
13 CVE-2004-0507 DoS Exec Code Overflow 2004-08-18 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
14 CVE-2004-0492 DoS Exec Code Overflow 2004-08-06 2011-09-06
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
15 CVE-2004-0488 Exec Code Overflow 2004-07-07 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
16 CVE-2004-0424 DoS Exec Code Overflow 2004-07-07 2010-08-21
7.2
Admin Local Low Not required Complete Complete Complete
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
17 CVE-2004-0418 Exec Code 2004-08-06 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
18 CVE-2004-0416 119 Exec Code Overflow 2004-08-06 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
19 CVE-2004-0414 DoS Exec Code 2004-08-06 2010-08-21
10.0
Admin Remote Low Not required Complete Complete Complete
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
20 CVE-2004-0234 119 Exec Code Overflow 2004-08-18 2013-08-18
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
21 CVE-2004-0232 DoS Exec Code 2004-08-18 2008-09-10
5.0
None Remote Low Not required None None Partial
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
22 CVE-2004-0226 DoS Exec Code Overflow 2004-08-18 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
23 CVE-2004-0110 Exec Code Overflow 2004-03-15 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
24 CVE-2004-0105 Exec Code Overflow 2004-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
25 CVE-2004-0104 Exec Code 2004-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
26 CVE-2003-0694 Exec Code Overflow 2003-10-06 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
27 CVE-2003-0064 Exec Code 2003-03-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
28 CVE-2003-0028 Exec Code Overflow 2003-03-25 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
29 CVE-2002-1787 Exec Code Overflow 2002-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.
30 CVE-2002-1337 Exec Code Overflow 2003-03-07 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
31 CVE-2002-1318 DoS Exec Code Overflow 2002-12-11 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
32 CVE-2002-1317 DoS Exec Code Overflow 2002-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
33 CVE-2002-0652 Exec Code 2002-07-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
34 CVE-2002-0017 Exec Code Overflow 2002-04-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
35 CVE-2001-1456 119 Exec Code Overflow 2001-09-04 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
36 CVE-2001-0800 Exec Code 2001-12-06 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
37 CVE-2001-0799 Exec Code Overflow 2001-12-06 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
38 CVE-2001-0797 Exec Code Overflow 2001-12-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
39 CVE-2001-0554 Exec Code Overflow 2001-08-14 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
40 CVE-2001-0485 Exec Code 2001-06-27 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.
41 CVE-2001-0331 Exec Code Overflow 2001-06-27 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands.
42 CVE-2001-0247 Exec Code Overflow 2001-06-18 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
43 CVE-2000-1220 Exec Code +Priv 2000-01-08 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
44 CVE-2000-0844 264 Exec Code 2000-11-14 2009-01-20
10.0
Admin Remote Low Not required Complete Complete Complete
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
45 CVE-2000-0733 Exec Code 2000-10-20 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
46 CVE-2000-0207 Exec Code 2000-03-01 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.
47 CVE-1999-1501 Exec Code 1998-04-08 2008-09-10
4.6
None Local Low Not required Partial Partial Partial
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.
48 CVE-1999-1399 Exec Code +Priv 1997-08-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.
49 CVE-1999-1384 Exec Code +Priv 1996-10-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
50 CVE-1999-1232 Exec Code 1997-05-16 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.
Total number of vulnerabilities : 61   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.