Lucene search

[email protected]CVE-2005-0464

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0464

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0464

sgi irix

privilege escalation

local file access

debug mode

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

Affected configurations

NVD

Node

sgiirixMatch6.5.22

CPENameOperatorVersion
sgi:irixsgi irixeq6.5.22

CPE	Name	Operator	Version
sgi:irix	sgi irix	eq	6.5.22

References

ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P

secunia.com/advisories/14875

securitytracker.com/id?1013662

www.idefense.com/application/poi/display?id=226&type=vulnerabilities

www.osvdb.org/15351

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-0464

securityvulns1 nvd1 cvelist1