CVE-1999-1398

SGI IRIX - Privilege Escalation via xfsdump bck.log Symlink Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1398. PoCs published by Yuri Volobuev.

AI-analyzed exploit summary This exploit leverages a symbolic link vulnerability in xfsdump on Irix 5.x and 6.x to create arbitrary files as root by manipulating the bck.log file in /usr/tmp. An attacker can use this to overwrite critical files like /.rhosts for privilege escalation.

Description

Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Yuri Volobuev · textlocalirix
https://www.exploit-db.com/exploits/19358

This exploit leverages a symbolic link vulnerability in xfsdump on Irix 5.x and 6.x to create arbitrary files as root by manipulating the bck.log file in /usr/tmp. An attacker can use this to overwrite critical files like /.rhosts for privilege escalation.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: xfsdump on Irix 5.x and 6.x
No auth needed
Prerequisites: Access to the target system · Ability to create symbolic links in /usr/tmp
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/472
Various Sources x_refsource_misc
http://www.insecure.org/sploits/irix.xfsdump.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=87602167420921&w=2

Scores

EPSS 0.0080
EPSS Percentile 51.7%

Details

Status published
Products (12)
sgi/irix 5.0
sgi/irix 5.0.1
sgi/irix 5.1
sgi/irix 5.1.1
sgi/irix 5.2
sgi/irix 5.3 (2 CPE variants)
sgi/irix 6.0
sgi/irix 6.0.1 (2 CPE variants)
sgi/irix 6.1
sgi/irix 6.2
... and 2 more
Published May 07, 1997
Tracked Since Feb 18, 2026