Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-1384. PoCs published by Tun-Hui Hu.
AI-analyzed exploit summary This exploit leverages a vulnerability in the Systour and OutOfBox subsystems of IRIX 5.x and 6.x to execute arbitrary commands as root. It manipulates the installation process by creating a malicious exit script that sets the SUID bit on a copied shell.
Description
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
Exploits (1)
This exploit leverages a vulnerability in the Systour and OutOfBox subsystems of IRIX 5.x and 6.x to execute arbitrary commands as root. It manipulates the installation process by creating a malicious exit script that sets the SUID bit on a copied shell.