Buffer overflows in lpsched in IRIX 6.5.13f and previous versions allow remote malicious users to execute arbitrary commands via a long argument.
sgi irix
Vulmon