Vulnerabilities > CVE-2005-2925 - Local Privilege Escalation vulnerability in SGI Irix 6.5.22

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
sgi
exploit available

Summary

runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.

Vulnerable Configurations

Part Description Count
OS
Sgi
1

Exploit-Db

descriptionSGI IRIX <= 6.5.28 (runpriv) Design Error Vulnerability. CVE-2005-2925. Local exploit for irix platform
idEDB-ID:1577
last seen2016-01-31
modified2005-10-10
published2005-10-10
reporterN/A
sourcehttps://www.exploit-db.com/download/1577/
titleSGI IRIX <= 6.5.28 - runpriv Design Error Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/40574/10.10.05.txt
idPACKETSTORM:40574
last seen2016-12-05
published2005-10-11
reporteriDefense Labs
sourcehttps://packetstormsecurity.com/files/40574/iDEFENSE-Security-Advisory-2005-10-10.t.html
titleiDEFENSE Security Advisory 2005-10-10.t