Vulnerabilities > SGI > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-08-14 | CVE-2001-0554 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | 10.0 |
| 2001-06-18 | CVE-2001-0249 | Incorrect Calculation of Buffer Size vulnerability in multiple products Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | 9.8 |
| 2001-06-18 | CVE-2001-0248 | Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | 9.8 |
| 2001-06-18 | CVE-2001-0247 | Buffer Overflow vulnerability in Multiple Vendor BSD ftpd glob() Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | 10.0 |
| 2000-11-14 | CVE-2000-0844 | Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | 10.0 |
| 2000-10-20 | CVE-2000-0733 | Unspecified vulnerability in SGI Irix Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | 10.0 |
| 2000-01-08 | CVE-2000-1221 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. | 10.0 |
| 2000-01-08 | CVE-2000-1220 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | 10.0 |
| 1999-07-19 | CVE-1999-0692 | The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. | 10.0 |
| 1999-05-19 | CVE-1999-0765 | Unspecified vulnerability in SGI Irix 6.0 SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. | 10.0 |