CVE-1999-0025

SGI IRIX - Buffer Overflow in df Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0025. PoCs published by David Hedley.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the IRIX 'df' utility (CVE-1999-0025) by supplying a long argument to the -f option. It uses shellcode to execute arbitrary commands as root, leveraging stack manipulation and NOP sleds.

Description

root privileges via buffer overflow in df command on SGI IRIX systems.

Exploits (1)

exploitdb WORKING POC VERIFIED

by David Hedley · clocalirix

https://www.exploit-db.com/exploits/19274

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the IRIX 'df' utility (CVE-1999-0025) by supplying a long argument to the -f option. It uses shellcode to execute arbitrary commands as root, leveraging stack manipulation and NOP sleds.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IRIX 5.x and 6.x 'df' utility

No auth needed

Prerequisites: Access to the target system · Ability to execute the 'df' command

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/20851

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/440

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/346

US Government Resource third-party-advisory x_refsource_cert

http://www.cert.org/advisories/CA-1997-21.html

Scores

EPSS 0.1226

EPSS Percentile 95.7%

Details

Status published

Products (1)

sgi/irix

Published Jul 16, 1997

Tracked Since Feb 18, 2026