CVE-2000-0798

IRIX 6.x - Unauthenticated Arbitrary File Truncation via xfs File System

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0798. PoCs published by Last Stage of Delirium.

AI-analyzed exploit summary This exploit leverages a permission bypass vulnerability in the truncate() system call on IRIX systems with XFS filesystems, allowing unprivileged users to truncate files they do not have write access to. The code is a simple proof-of-concept that demonstrates the flaw by truncating a specified file to zero bytes.

Description

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Last Stage of Delirium · clocalirix
https://www.exploit-db.com/exploits/20137

This exploit leverages a permission bypass vulnerability in the truncate() system call on IRIX systems with XFS filesystems, allowing unprivileged users to truncate files they do not have write access to. The code is a simple proof-of-concept that demonstrates the flaw by truncating a specified file to zero bytes.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: IRIX 6.2, 6.3, 6.4 with XFS filesystem
No auth needed
Prerequisites: Access to an IRIX system with XFS filesystem · Knowledge of the target file path
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/8569
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1540

Scores

EPSS 0.0321
EPSS Percentile 86.5%

Details

Status published
Products (3)
sgi/irix 6.2
sgi/irix 6.3
sgi/irix 6.4
Published Oct 20, 2000
Tracked Since Feb 18, 2026