[[-irix 6.2-]]
 
[-local-] [-description-] [-author-]
addnetpr.sh addnetpr race condition jaechul choe
at users can mail themselves /etc/shadow j.a. gutierrez
cdplayer race conditions allow local root shell unknown
crazymonkey.sh users can save a rootshell into /tmp loneguard
csetup csetup follows symlinks, allows local root exploit jay
daynotify.sh bad/insecure execve() call mike neuman
df.c / df2.c / df3.c command line parsing buffer overflow [multiple]
dmplay.c command line parsing buffer overflow lsd
dp.c command line parsing buffer overflow dcrh
dutman.c unchecked argument control exploit unknown
eject.c / eject2.c / eject3.c command line parsing buffer overflow [multiple]
gmemusage.sh gmemusage libc system() function vulnerability lsd
gr_osview.c -D command line parsing buffer overflow lsd
libc.c libc.so library NLSPATH environment buffer overflow lsd
libgl.c libgl.so library HOME environment buffer overflow lsd
libxaw.c libXaw.so library X environment buffer overflow lsd
libxt.c / libxt2.c libXt.so library buffer overflow vulnerability lsd
login.c command line parsing buffer overflow lsd
mail.c mail LOGNAME environment buffer overflow lsd
netprint bad system() call allows priveledge lp gain yuri volobuev
ordist.c command line parsing buffer overflow lsd
perm.c permissions enviroment overflow dcrh
permissions.c command line parsing buffer overflow lsd
printers.c -xrm argument overflow dcrh
pset.c / pset2.c pset -s argument overflow [multiple]
rlogin.c term environment buffer overflow vulnerability lsd
rmail system() call allows command execution as root yuri volobuev
serialport.sh race conditions with suid administration scripts unknown
sexec.sh suid_exec environment exploit unknown
spaceware.sh enviroment HOSTNAME local exploit j.a. gutierrez
systour.sh race condition allows command execution unknown
xlock.c / xlock2.c command line parsing buffer overflow [multiple]
xterm.c command line parsing buffer overflow dcrh
 
[-remote-] [-description-] [-author-]
arrayd.c arrayd service authentication vulnerability lsd
binds.c / named.c / named2.c dns iquery buffer overflow vulnerability lsd
handler handle.cgi allows remote command execution unknown
irixpop.tgz remote exploit for ucb pop server (version 1.831) lsd
objectserver.c / objectserver2.c objectserver protocol remote management vulnerability lsd
pfdispaly allows users to view files remotely j.a. gutierrez
rpc_ttdbserverd.c rpc.ttdbserverd daemon buffer overflow vulnerability lsd
telnetd.c format strings vulnerability lsd
pmap.tools.tgz users can insert and delete entries by spoofing a source address patrick gilbert

webdist-cgi

webdest.cgi allows remote command execution unknown
 
[-dos-] [-description-] [-author-]
truncate.c does'nt check privileges correctly before truncating files lsd