CVE-2005-0465 : Detail

CVE-2005-0465

0.04%V3
Local
2005-04-08
02h00 +00:00
2006-04-14
07h00 +00:00
CVE.org
NVD
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
EPSS First.org

Exploit information

Exploit Database EDB-ID : 25362

Publication date : 2005-04-06 22h00 +00:00
Author : anonymous
EDB Verified : Yes

source: https://www.securityfocus.com/bid/13058/info A local file overwrite vulnerability affects SGI IRIX. This issue is due to a failure of the affected utility to drop privileges prior to carrying out critical functionality. An attacker may leverage this issue to cause the affected utility to write data to any file on the affected computer with superuser privileges. Although unconfirmed, it is possible that this issue may be leveraged for privilege escalation. It should be noted that although only SGI IRIX 6.5.22(maintenance) has been confirmed vulnerable, it is likely that all IRIX 6.5 versions are affected as well. gr_osview -s /etc/shadow

Products Mentioned

Configuraton 0

Sgi>>Irix >> Version 3.2

    Sgi>>Irix >> Version 3.3

      Sgi>>Irix >> Version 3.3.1

        Sgi>>Irix >> Version 3.3.2

          Sgi>>Irix >> Version 3.3.3

            Sgi>>Irix >> Version 4.0

              Sgi>>Irix >> Version 4.0.1

              Sgi>>Irix >> Version 4.0.1t

              Sgi>>Irix >> Version 4.0.2

              Sgi>>Irix >> Version 4.0.3

              Sgi>>Irix >> Version 4.0.4

              Sgi>>Irix >> Version 4.0.4b

              Sgi>>Irix >> Version 4.0.4t

              Sgi>>Irix >> Version 4.0.5

              Sgi>>Irix >> Version 4.0.5_iop

              Sgi>>Irix >> Version 4.0.5_ipr

                Sgi>>Irix >> Version 4.0.5a

                Sgi>>Irix >> Version 4.0.5b

                Sgi>>Irix >> Version 4.0.5e

                Sgi>>Irix >> Version 4.0.5f

                Sgi>>Irix >> Version 4.0.5g

                Sgi>>Irix >> Version 4.0.5h

                Sgi>>Irix >> Version 5.0

                  Sgi>>Irix >> Version 5.0.1

                  Sgi>>Irix >> Version 5.1

                  Sgi>>Irix >> Version 5.1.1

                  Sgi>>Irix >> Version 5.2

                  Sgi>>Irix >> Version 5.3

                  Sgi>>Irix >> Version 5.3

                  Sgi>>Irix >> Version 6.0

                  Sgi>>Irix >> Version 6.0.1

                  Sgi>>Irix >> Version 6.0.1

                  Sgi>>Irix >> Version 6.1

                  Sgi>>Irix >> Version 6.2

                  Sgi>>Irix >> Version 6.3

                  Sgi>>Irix >> Version 6.4

                  Sgi>>Irix >> Version 6.5

                  Sgi>>Irix >> Version 6.5.1

                  Sgi>>Irix >> Version 6.5.2

                  Sgi>>Irix >> Version 6.5.2f

                  Sgi>>Irix >> Version 6.5.2m

                  Sgi>>Irix >> Version 6.5.3

                  Sgi>>Irix >> Version 6.5.3f

                  Sgi>>Irix >> Version 6.5.3m

                  Sgi>>Irix >> Version 6.5.4

                  Sgi>>Irix >> Version 6.5.4f

                  Sgi>>Irix >> Version 6.5.4m

                  Sgi>>Irix >> Version 6.5.5

                  Sgi>>Irix >> Version 6.5.5f

                  Sgi>>Irix >> Version 6.5.5m

                  Sgi>>Irix >> Version 6.5.6

                  Sgi>>Irix >> Version 6.5.6f

                  Sgi>>Irix >> Version 6.5.6m

                  Sgi>>Irix >> Version 6.5.7

                  Sgi>>Irix >> Version 6.5.7f

                  Sgi>>Irix >> Version 6.5.7m

                  Sgi>>Irix >> Version 6.5.8

                  Sgi>>Irix >> Version 6.5.8f

                  Sgi>>Irix >> Version 6.5.8m

                  Sgi>>Irix >> Version 6.5.9

                  Sgi>>Irix >> Version 6.5.9f

                  Sgi>>Irix >> Version 6.5.9m

                  Sgi>>Irix >> Version 6.5.10

                  Sgi>>Irix >> Version 6.5.10f

                  Sgi>>Irix >> Version 6.5.10m

                  Sgi>>Irix >> Version 6.5.11

                  Sgi>>Irix >> Version 6.5.11f

                  Sgi>>Irix >> Version 6.5.11m

                  Sgi>>Irix >> Version 6.5.12

                  Sgi>>Irix >> Version 6.5.12f

                  Sgi>>Irix >> Version 6.5.12m

                  Sgi>>Irix >> Version 6.5.13

                  Sgi>>Irix >> Version 6.5.13f

                  Sgi>>Irix >> Version 6.5.13m

                  Sgi>>Irix >> Version 6.5.14

                  Sgi>>Irix >> Version 6.5.14f

                  Sgi>>Irix >> Version 6.5.14m

                  Sgi>>Irix >> Version 6.5.15

                  Sgi>>Irix >> Version 6.5.15f

                  Sgi>>Irix >> Version 6.5.15m

                  Sgi>>Irix >> Version 6.5.16

                  Sgi>>Irix >> Version 6.5.16f

                  Sgi>>Irix >> Version 6.5.16m

                  Sgi>>Irix >> Version 6.5.17

                  Sgi>>Irix >> Version 6.5.17f

                  Sgi>>Irix >> Version 6.5.17m

                  Sgi>>Irix >> Version 6.5.18

                  Sgi>>Irix >> Version 6.5.18f

                  Sgi>>Irix >> Version 6.5.18m

                  Sgi>>Irix >> Version 6.5.19

                  Sgi>>Irix >> Version 6.5.19f

                  Sgi>>Irix >> Version 6.5.19m

                  Sgi>>Irix >> Version 6.5.20

                  Sgi>>Irix >> Version 6.5.20f

                  Sgi>>Irix >> Version 6.5.20m

                  Sgi>>Irix >> Version 6.5.21

                  Sgi>>Irix >> Version 6.5.21f

                  Sgi>>Irix >> Version 6.5.21m

                  Sgi>>Irix >> Version 6.5.22

                  Sgi>>Irix >> Version 6.5_20

                    References

                    http://securitytracker.com/id?1013662
                    Tags : vdb-entry, x_refsource_SECTRACK
                    http://secunia.com/advisories/14875
                    Tags : third-party-advisory, x_refsource_SECUNIA