Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:54:40 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1951847569&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20IRIX%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Firix%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1951847569.1338191680.1338191680.1338191680.1%3B%2B__utmz%3D32867617.1338191680.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/106996/fwlogwatch-1.3.tar.gz http://packetstormsecurity.org/files/106996/fwlogwatch-1.3.tar.gz http://packetstormsecurity.org/files/106996/Firewall-Log-Watch-1.3.html Tue, 15 Nov 2011 05:42:24 GMT fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface. http://packetstormsecurity.org/files/97358/sa42874.txt http://packetstormsecurity.org/files/97358/sa42874.txt http://packetstormsecurity.org/files/97358/Secunia-Security-Advisory-42874.html Mon, 10 Jan 2011 05:18:17 GMT Secunia Security Advisory - A vulnerability has been reported in SGI IRIX, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). http://packetstormsecurity.org/files/97381/DSEC-2010-0001.txt http://packetstormsecurity.org/files/97381/DSEC-2010-0001.txt http://packetstormsecurity.org/files/97381/IRIX-Local-Kernel-Memory-Disclosure-Denial-Of-Service.html Mon, 10 Jan 2011 03:03:03 GMT IRIX suffers from local kernel memory disclosure and denial of service vulnerabilities. http://packetstormsecurity.org/files/94600/fwlogwatch-1.2.tar.gz http://packetstormsecurity.org/files/94600/fwlogwatch-1.2.tar.gz http://packetstormsecurity.org/files/94600/Firewall-Log-Watch-1.2.html Mon, 11 Oct 2010 05:29:32 GMT fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface. http://packetstormsecurity.org/files/89795/rpcpcnfsd-format.txt http://packetstormsecurity.org/files/89795/rpcpcnfsd-format.txt http://packetstormsecurity.org/files/89795/rpc.pcnfsd-Syslog-Format-String.html Sat, 22 May 2010 17:30:00 GMT rpc.pcnfsd suffers from a syslog related format string vulnerability. IBM AIX versions 6.1.0 and below, IRIX 6.5 and HP-UX versions 11.11, 11.23 and 11.31 are all affected. http://packetstormsecurity.org/files/82229/tagprinter_exec.rb.txt http://packetstormsecurity.org/files/82229/tagprinter_exec.rb.txt http://packetstormsecurity.org/files/82229/Irix-LPD-tagprinter-Command-Execution.html Tue, 27 Oct 2009 16:00:56 GMT This Metasploit module exploits an arbitrary command execution flaw in the in.lpd service shipped with all versions of Irix. http://packetstormsecurity.org/files/57180/IRIX-p_sh-asm.c http://packetstormsecurity.org/files/57180/IRIX-p_sh-asm.c http://packetstormsecurity.org/files/57180/IRIX-p_sh-asm.c.html Thu, 14 Jun 2007 05:16:30 GMT IRIX MIPS processor shellcode. Tested on R12000 process with system IRIX64 6.5.26m. http://packetstormsecurity.org/files/51412/prdelka-vs-SGI-xrunpriv http://packetstormsecurity.org/files/51412/prdelka-vs-SGI-xrunpriv http://packetstormsecurity.org/files/51412/prdelka-vs-SGI-xrunpriv.html Fri, 27 Oct 2006 21:32:01 GMT SGI IRIX 6.5 /usr/sysadm/bin/runpriv local root exploit. http://packetstormsecurity.org/files/44576/irix6local.txt http://packetstormsecurity.org/files/44576/irix6local.txt http://packetstormsecurity.org/files/44576/irix6local.txt.html Sun, 12 Mar 2006 22:05:39 GMT SGI IRIX 6.5 local root exploit that makes use of /usr/sysadm/bin/lezririx. http://packetstormsecurity.org/files/40574/10.10.05.txt http://packetstormsecurity.org/files/40574/10.10.05.txt http://packetstormsecurity.org/files/40574/iDEFENSE-Security-Advisory-2005-10-10.t.html Tue, 11 Oct 2005 04:50:55 GMT iDEFENSE Security Advisory 10.10.05-1 - Local exploitation of a design error vulnerability in the runpriv command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.22 (maintenance). It is suspected that previous and later versions of both the feature and maintenance revisions of IRIX 6.5 are also vulnerable. http://packetstormsecurity.org/files/38772/snaresquid-1.2.tar.gz http://packetstormsecurity.org/files/38772/snaresquid-1.2.tar.gz http://packetstormsecurity.org/files/38772/snaresquid-1.2.tar.gz.html Tue, 19 Jul 2005 15:24:54 GMT Snare for Squid provides a remote distribution facility for Squid proxy server logs, and is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Squid can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival. http://packetstormsecurity.org/files/38771/snaretext-1.1.tar.gz http://packetstormsecurity.org/files/38771/snaretext-1.1.tar.gz http://packetstormsecurity.org/files/38771/snaretext-1.1.tar.gz.html Tue, 19 Jul 2005 15:23:24 GMT Snare for Apache provides a remote distribution facility for Apache Web server logs. It is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Apache can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival. http://packetstormsecurity.org/files/38257/sa15785.txt http://packetstormsecurity.org/files/38257/sa15785.txt http://packetstormsecurity.org/files/38257/Secunia-Security-Advisory-15785.html Fri, 24 Jun 2005 05:21:08 GMT Secunia Security Advisory - SGI has acknowledged a vulnerability in IRIX, which can be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/37924/sa15619.txt http://packetstormsecurity.org/files/37924/sa15619.txt http://packetstormsecurity.org/files/37924/Secunia-Security-Advisory-15619.html Thu, 16 Jun 2005 05:01:37 GMT Secunia Security Advisory - A security issue has been reported in SGI IRIX, which potentially can be exploited by malicious users to disclose and modify sensitive information. http://packetstormsecurity.org/files/37074/04.07.05-2.txt http://packetstormsecurity.org/files/37074/04.07.05-2.txt http://packetstormsecurity.org/files/37074/iDEFENSE-Security-Advisory-2005-04-07.2.html Sun, 17 Apr 2005 19:37:10 GMT iDEFENSE Security Advisory 04.07.05 - Local exploitation of a file overwrite vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX operating system could allow for the overwriting of arbitrary files, regardless of permissions. The vulnerability specifically exists in the way that gr_osview opens user specified files without dropping privileges. When a file is specified using the -s option, it will be opened regardless of permissions, and operating system usage information will be written into it. http://packetstormsecurity.org/files/37072/04.07.05-1.txt http://packetstormsecurity.org/files/37072/04.07.05-1.txt http://packetstormsecurity.org/files/37072/iDEFENSE-Security-Advisory-2005-04-07.1.html Sun, 17 Apr 2005 19:35:49 GMT iDEFENSE Security Advisory 04.07.05 - Local exploitation of an information disclosure vulnerability in the gr_osview command included in multiple versions of Silicon Graphics Inc.'s IRIX Operating System could allow for the disclosure of sensitive information such as the root user's password hash. The vulnerability specifically exists in the way that gr_osview opens user-specified description files without dropping privileges. When this is combined with the debug option, it is possible to dump a line from an arbitrary file, regardless of its protection. http://packetstormsecurity.org/files/37043/sa14875.txt http://packetstormsecurity.org/files/37043/sa14875.txt http://packetstormsecurity.org/files/37043/Secunia-Security-Advisory-14875.html Sun, 17 Apr 2005 18:55:16 GMT Secunia Security Advisory - Two vulnerabilities have been reported in SGI IRIX, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and disclose some sensitive information. http://packetstormsecurity.org/files/35746/01.13.05-3.txt http://packetstormsecurity.org/files/35746/01.13.05-3.txt http://packetstormsecurity.org/files/35746/iDEFENSE-Security-Advisory-2005-01-13.3.html Sun, 16 Jan 2005 05:55:12 GMT iDEFENSE Security Advisory 01.13.05-3 - Local exploitation of a design error vulnerability in the inpview command included in multiple versions of Silicon Graphics Inc.'s IRIX could allow for arbitrary code execution as the root user. iDEFENSE has confirmed the existence of this vulnerability in SGI IRIX version 6.5.9 (feature) and 6.5.22 (maintenance). http://packetstormsecurity.org/files/35382/NetBSD-2004-010.txt http://packetstormsecurity.org/files/35382/NetBSD-2004-010.txt http://packetstormsecurity.org/files/35382/NetBSD-Security-Advisory-2004.10.html Thu, 30 Dec 2004 09:10:46 GMT NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall. http://packetstormsecurity.org/files/33563/20040601-01-P.txt http://packetstormsecurity.org/files/33563/20040601-01-P.txt http://packetstormsecurity.org/files/33563/HexView-Security-Advisory-2004-06-01.01.html Fri, 18 Jun 2004 00:25:00 GMT SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible. http://packetstormsecurity.org/files/33431/20040507-01-P.txt http://packetstormsecurity.org/files/33431/20040507-01-P.txt http://packetstormsecurity.org/files/33431/HexView-Security-Advisory-2004-05-07.01.html Wed, 26 May 2004 21:33:25 GMT SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected. http://packetstormsecurity.org/files/33364/20040503-01-P.asc http://packetstormsecurity.org/files/33364/20040503-01-P.asc http://packetstormsecurity.org/files/33364/HexView-Security-Advisory-2004-05-03.01.html Tue, 18 May 2004 23:46:47 GMT SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x. http://packetstormsecurity.org/files/33204/lboeg.pl.txt http://packetstormsecurity.org/files/33204/lboeg.pl.txt http://packetstormsecurity.org/files/33204/lboeg.pl.txt.html Sat, 01 May 2004 15:48:41 GMT Local buffer overflow exploit generator for Linux, BSD, BSDi, HP-UX, UnixWare, IRIX and SCO. http://packetstormsecurity.org/files/32993/20040401-01-P http://packetstormsecurity.org/files/32993/20040401-01-P http://packetstormsecurity.org/files/32993/HexView-Security-Advisory-2004-04-01.01.html Fri, 02 Apr 2004 09:29:00 GMT SGI Security Advisory 20040401-01-P - It has been reported that there are several security issues affecting ftpd on IRIX. There is an ftpd DoS that is possible during PORT mode (SGI BUG 899364) not to mention that ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG 909172). http://packetstormsecurity.org/files/31672/20030901-01-P http://packetstormsecurity.org/files/31672/20030901-01-P http://packetstormsecurity.org/files/31672/HexView-Security-Advisory-2003-09-01.01.html Thu, 18 Sep 2003 21:23:41 GMT SGI Security Advisory 20030901-01-P - It has been reported that under certain conditions a NFS client can avoid read-only restrictions on filesystems exported via NFS from a server running IRIX 6.5.21 and mount them in read/write mode.