CVE-1999-0314

ioconfig on SGI IRIX 6.4 S2MP - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0314. PoCs published by Loneguard.

AI-analyzed exploit summary This exploit leverages a PATH environment variable manipulation vulnerability in the ioconfig program on IRIX 6.4 S2MP. By placing a malicious script named 'dvhtool' in /tmp and prepending /tmp to the PATH, the attacker tricks ioconfig into executing arbitrary commands with root privileges.

Description

ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Loneguard · bashlocalirix
https://www.exploit-db.com/exploits/19163

This exploit leverages a PATH environment variable manipulation vulnerability in the ioconfig program on IRIX 6.4 S2MP. By placing a malicious script named 'dvhtool' in /tmp and prepending /tmp to the PATH, the attacker tricks ioconfig into executing arbitrary commands with root privileges.

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: IRIX 6.4 S2MP (ioconfig)
Auth required
Prerequisites: Local access to the vulnerable IRIX system · ioconfig must be present and executable
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/6788
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/213
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/213/exploit
Vendor Advisory vendor-advisory x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/1199

Scores

EPSS 0.0071
EPSS Percentile 48.7%

Details

Status published
Products (1)
sgi/irix 6.4
Published Jul 01, 1998
Tracked Since Feb 18, 2026