Vulnerabilities > CVE-1999-1461 - Unspecified vulnerability in SGI Irix

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

sgi

exploit available

NVD

Published: 1997-05-07

Updated: 2016-10-18

Summary

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

Vulnerable Configurations

Part	Description	Count
OS	Sgi SGI Irix 5.3 SGI Irix 6.1 SGI Irix 6.2 SGI Irix 6.3 SGI Irix 6.4 SGI Irix 6.5.10	6

Exploit-Db

description	SGI IRIX 6.4 inpview Vulnerability. CVE-1999-1461 . Local exploit for irix platform
id	EDB-ID:19304
last seen	2016-02-02
modified	1997-05-07
published	1997-05-07
reporter	Yuri Volobuev
source	https://www.exploit-db.com/download/19304/
title	SGI IRIX <= 6.4 inpview Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References