Sgi
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Sgi product.
RSS Feeds for Sgi security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Sgi products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Sgi Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2025 there have been 0 vulnerabilities in Sgi. Last year, in 2024 Sgi had 1 security vulnerability published. Right now, Sgi is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 1 | 6.70 |
It may take a day or so for new Sgi vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sgi Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2023-6917 | Feb 28, 2024 |
PCP Priv Esc via symlink (root vs PCP user)A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation. |
Performance Co Pilot
|
| CVE-2004-1142 | Dec 15, 2004 |
Ethereal 0.9.0 through 0.10.7Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. |
Propack
|
| CVE-2004-1139 | Dec 15, 2004 |
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). |
Propack
|
| CVE-2004-0507 | Aug 18, 2004 |
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
Propack
|
| CVE-2004-0506 | Aug 18, 2004 |
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectorsThe SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference. |
Propack
|
| CVE-2004-0505 | Aug 18, 2004 |
The AIM dissector in Ethereal 0.10.3The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors. |
Propack
|
| CVE-2004-0504 | Aug 18, 2004 |
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash)Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients. |
Propack
|
| CVE-2004-0492 | Aug 06, 2004 |
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. |
Propack
|
| CVE-2004-0488 | Jul 07, 2004 |
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, mayStack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. |
Propack
|
| CVE-2003-0174 | May 12, 2003 |
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which couldThe LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. |
Irix
|
| CVE-2001-0554 | Aug 14, 2001 |
Buffer overflow in BSD-based telnetd telnet daemon on various operating systemsBuffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. |
Irix
|
| CVE-2001-0249 | Jun 18, 2001 |
Heap overflow in FTP daemon in Solaris 8Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. |
Irix
|
| CVE-2001-0248 | Jun 18, 2001 |
Buffer overflow in FTP server in HPUX 11Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. |
Irix
|
| CVE-1999-0461 | Jan 28, 1999 |
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbindVersions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
Irix
|
| CVE-1999-0524 | Aug 01, 1997 |
ICMP information such as (1) netmask and (2) timestamp isICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
Irix
|
| CVE-1999-0026 | Jul 16, 1997 |
root privileges via buffer overflow in pset command on SGI IRIX systems.root privileges via buffer overflow in pset command on SGI IRIX systems. |
Irix
|
| CVE-1999-0027 | Jul 16, 1997 |
root privileges via buffer overflow in eject command on SGI IRIX systems.root privileges via buffer overflow in eject command on SGI IRIX systems. |
Irix
|
| CVE-1999-0030 | Jul 16, 1997 |
root privileges via buffer overflow in xlock command on SGI IRIX systems.root privileges via buffer overflow in xlock command on SGI IRIX systems. |
Irix
|
| CVE-1999-0028 | Jul 16, 1997 |
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
Irix
|
| CVE-1999-0029 | Jul 16, 1997 |
root privileges via buffer overflow in ordist command on SGI IRIX systems.root privileges via buffer overflow in ordist command on SGI IRIX systems. |
Irix
|
| CVE-1999-0059 | Jul 14, 1997 |
IRIX fam service allows an attacker to obtain a list of all files on the server.IRIX fam service allows an attacker to obtain a list of all files on the server. |
Irix
|
| CVE-1999-0195 | Jul 01, 1997 |
Denial of service in RPC portmapperDenial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
Irix
|
| CVE-1999-0033 | Jun 12, 1997 |
Command execution in Sun systemsCommand execution in Sun systems via buffer overflow in the at program. |
Irix
|
| CVE-1999-0083 | Jun 11, 1997 |
getcwd() file descriptor leak in FTP.getcwd() file descriptor leak in FTP. |
Irix
|
| CVE-1999-0034 | May 29, 1997 |
Buffer overflow in suidperl (sperl)Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
Freeware
|
| CVE-1999-0035 | May 29, 1997 |
Race condition in signal handling routine in ftpdRace condition in signal handling routine in ftpd, allowing read/write arbitrary files. |
Irix
|
| CVE-1999-0036 | May 26, 1997 |
IRIX login program with a nonzero LOCKOUT parameterIRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
Irix
|
| CVE-1999-0040 | May 01, 1997 |
Buffer overflow in Xt library of X Windowing SystemBuffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
Irix
|
| CVE-1999-0038 | Apr 26, 1997 |
Buffer overflow in xlock programBuffer overflow in xlock program allows local users to execute commands as root. |
Irix
|
| CVE-1999-0049 | Jan 08, 1997 |
Csetup under IRIX allows arbitrary file creation or overwriting.Csetup under IRIX allows arbitrary file creation or overwriting. |
Irix
|
| CVE-1999-0051 | Jan 06, 1997 |
Arbitrary file creation and program execution using FLEXlm LicenseManagerArbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
Irix
License Oeo
|
| CVE-1999-0022 | Jul 03, 1996 |
Local user gains root privilegesLocal user gains root privileges via buffer overflow in rdist, via expstr() function. |
Irix
|
| CVE-1999-0078 | Apr 18, 1996 |
pcnfsd (aka rpc.pcnfsd)pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
Irix
|
| CVE-1999-0208 | Dec 12, 1995 |
rpc.ypupdated (NIS)rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
Irix
|
| CVE-1999-0241 | Nov 01, 1995 |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.gGuessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
Irix
|
| CVE-1999-0073 | Oct 13, 1995 |
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATHTelnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. |
Irix
|