Description
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Yuri Volobuev · textlocalirix
https://www.exploit-db.com/exploits/19304
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=87602167420921&w=2
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/381
Patch, Vendor Advisory vendor-advisory
x_refsource_sgi
ftp://patches.sgi.com/support/free/security/advisories/20001101-01-I
Scores
EPSS
0.0091
EPSS Percentile
75.9%
Details
Status
published
Products (6)
sgi/irix
5.3
sgi/irix
6.1
sgi/irix
6.2
sgi/irix
6.3
sgi/irix
6.4
sgi/irix
6.5.10
Published
May 07, 1997
Tracked Since
Feb 18, 2026