CVE-1999-1120

SGI IRIX <6.4 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1120. PoCs published by Yuri Volobuev.

AI-analyzed exploit summary This exploit leverages a path-based vulnerability in the netprint program on Irix 6.x and 5.x, allowing arbitrary command execution as the 'lp' user. It also describes a method to escalate privileges to root by manipulating the BSD printing subsystem.

Description

netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Yuri Volobuev · textlocalirix

https://www.exploit-db.com/exploits/19313

View Code ZIP pw:eip

This exploit leverages a path-based vulnerability in the netprint program on Irix 6.x and 5.x, allowing arbitrary command execution as the 'lp' user. It also describes a method to escalate privileges to root by manipulating the BSD printing subsystem.

Classification

Working Poc 95%

Attack Type

Rce | Lpe

Complexity

Moderate

Reliability

Reliable

Target: Irix 6.x and 5.x netprint

No auth needed

Prerequisites: Access to a vulnerable Irix system · Ability to write files to the filesystem

MITRE ATT&CK