header-logo
Suggest Exploit
vendor:
IRIX
by:
Unknown
7.5
CVSS
HIGH
Local File Overwrite
276
CWE
Product Name: IRIX
Affected Version From: IRIX 6.5
Affected Version To: IRIX 6.5.22 (maintenance)
Patch Exists: NO
Related CWE:
CPE: sgi:irix:6.5
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Local File Overwrite Vulnerability in SGI IRIX

A local file overwrite vulnerability affects SGI IRIX. This issue is due to a failure of the affected utility to drop privileges prior to carrying out critical functionality. An attacker may leverage this issue to cause the affected utility to write data to any file on the affected computer with superuser privileges. Although unconfirmed, it is possible that this issue may be leveraged for privilege escalation.

Mitigation:

No official patch or mitigation is available for this vulnerability. It is recommended to restrict access to the affected utility and monitor for any unauthorized file modifications.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13058/info

A local file overwrite vulnerability affects SGI IRIX. This issue is due to a failure of the affected utility to drop privileges prior to carrying out critical functionality.

An attacker may leverage this issue to cause the affected utility to write data to any file on the affected computer with superuser privileges. Although unconfirmed, it is possible that this issue may be leveraged for privilege escalation.

It should be noted that although only SGI IRIX 6.5.22(maintenance) has been confirmed vulnerable, it is likely that all IRIX 6.5 versions are affected as well. 

gr_osview -s /etc/shadow

Navigation

Suggest Exploit

Services By CQR

cqrsecured