Vulnerabilities > CVE-1999-1384 - Unspecified vulnerability in SGI Irix

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

sgi

exploit available

NVD

Published: 1996-10-30

Updated: 2016-10-18

Summary

Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.

Vulnerable Configurations

Part	Description	Count
OS	Sgi SGI Irix 5 SGI Irix 5.0 SGI Irix 5.0.1 SGI Irix 5.1 SGI Irix 5.1.1 SGI Irix 5.2 SGI Irix 5.3 SGI Irix 6.0 SGI Irix 6.0.1 SGI Irix 6.1 SGI Irix 6.2 SGI Irix - SGI Irix 4.0.1 SGI Irix 4.0.1T SGI Irix 4.0.2 SGI Irix 4.0.3 SGI Irix 4.0.4 SGI Irix 4.0.4B SGI Irix 4.0.4T SGI Irix 4.0.5 SGI Irix 4.0.5_Iop SGI Irix 4.0.5A SGI Irix 4.0.5B SGI Irix 4.0.5D SGI Irix 4.0.5E SGI Irix 4.0.5F SGI Irix 4.0.5G SGI Irix 4.0.5H SGI Irix 6.3	31

Exploit-Db

description	SGI IRIX 6.3 Systour and OutOfBox Vulnerabilities. CVE-1999-1384. Local exploit for irix platform
id	EDB-ID:19356
last seen	2016-02-02
modified	1996-10-30
published	1996-10-30
reporter	Tun-Hui Hu
source	https://www.exploit-db.com/download/19356/
title	SGI IRIX <= 6.3 Systour and OutOfBox Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References