Published: 26/05/1997 Updated: 03/05/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sgi irix 6.2
sgi irix 6.3
sgi irix 5.1
sgi irix 5.2
sgi irix 5.3
sgi irix 6.0
sgi irix 6.1
sgi irix 6.4

/* source: wwwsecurityfocuscom/bid/392/info A buffer overflow exists in the /bin/login program supplied by Silicon Graphics, as part of their Irix operating system By supplying a carefully crafted, log buffer to the -h option of login, a local user can obtain root privileges */ /* /bin/login exploit by DCRH 24/5/97 * * Tested on: R ...

/* /bin/login exploit by DCRH 24/5/97 * * Tested on: R3000 Indigo (Irix 53) * R4400 Indy (Irix 53) * R5000 O2 (Irix 63) * R8000 Power Challenge (Irix 62) * * Compile as: cc -n32 loginc (for Irix 6x) * cc loginc (for Irix 5x) * * Press enter when prompted for a passw ...

NVD-CWE-Other http://www.ciac.org/ciac/bulletins/h-106.shtml ftp://patches.sgi.com/support/free/security/advisories/19970508-02-PX http://www.osvdb.org/990 https://exchange.xforce.ibmcloud.com/vulnerabilities/557 https://nvd.nist.gov https://www.exploit-db.com/exploits/19310/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-0036

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect