Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
SGI Irix rmail Utility Arbitrary Command Execution Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Irix
by:
Unknown
7.5
CVSS
HIGH
Arbitrary Command Execution
78
CWE
Product Name: Irix
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-1999-1170
CPE: o:sgi:irix
Metasploit:
Other Scripts:
Platforms Tested: SGI Irix operating system
Unknown

SGI Irix rmail Utility Arbitrary Command Execution Vulnerability

The rmail utility included in SGI Irix operating system is vulnerable to arbitrary command execution. This vulnerability occurs due to a lack of input validation on the contents of an environment variable. An attacker can exploit this vulnerability to execute arbitrary commands with the gid mail privilege level. The rmail utility is commonly used with uucp.

Mitigation:

Apply the necessary patches provided by SGI. Additionally, restrict the use of the rmail utility and limit access to privileged accounts.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/460/info

A vulnerability exists in the rmail utility, included by SGI with it's Irix operating system. By failing to sanity check the contents of an environment variable, arbitrary commands may be executed with gid mail. rmail is used with uucp.


The following example is provided:

setenv LOGNAME blah; command-to-execute

Navigation

Suggest Exploit

Services By CQR