CVE-1999-0032

SGI Irix - Buffer Overflow

Title source: rule

Description

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

Exploits (2)

exploitdb WORKING POC

clocallinux

https://www.exploit-db.com/exploits/19544

View Code ZIP pw:eip

exploitdb WORKING POC

clocalbsd

https://www.exploit-db.com/exploits/19545

View Code ZIP pw:eip

References (3)

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/i-042.shtml

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/707

[Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/19980402-01-PX

Scores

EPSS 0.0018

EPSS Percentile 39.4%

Details

Status published

Products (21)

bsdi/bsd_os 2.1

freebsd/freebsd 2.0

freebsd/freebsd 2.0.5

freebsd/freebsd 2.1.0

freebsd/freebsd 2.1.5

next/nextstep 4.0

next/nextstep 4.1

sgi/irix 5.0

sgi/irix 5.0.1

sgi/irix 5.1

... and 11 more

Published Oct 25, 1996

Tracked Since Feb 18, 2026