Multiple vulnerabilities exist in the fsdump program included with Silicon Graphics Inc's IRIX operating system. Each of these holes can be used to obtain root privlilege. Variant 1: An attacker can use the fsdump command to create a dump file of the /etc/passwd file. The attacker can then use the tail command to view the last 8 lines of the file, which includes the encrypted root password. The attacker can then use the vi command to remove the encrypted root password and then use the chgrp and chown commands to change the group and owner of the file. The attacker can then use the su command to gain root access. Variant 2: An attacker can use the fsdump command to create a dump file of the /etc/passwd file. The attacker can then use the cp command to copy the file to the /tmp directory and then use the ln command to create a symbolic link to the /etc/passwd file. The attacker can then use the fsdump command to create a dump file of the /etc/passwd file. Variant 3: An attacker can use the ln command to create a symbolic link to the /.rhosts file. The attacker can then use the fsdump command to create a dump file of the /.rhosts file. The attacker can then use the ls command to view the contents of the /.rhosts file and then use the rm command to remove the dump file.