CVE-2005-0464

SGI IRIX 6.5.22 - Info Disclosure

Title source: llm

Description

gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · textlocalirix

https://www.exploit-db.com/exploits/25361

View Code ZIP pw:eip

References (5)

[Patch] ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P

[Patch, Vendor Advisory] http://www.idefense.com/application/poi/display?id=226&type=vulnerabilities

[Third Party Advisory, VDB Entry] http://www.osvdb.org/15351

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1013662

[Third Party Advisory] http://secunia.com/advisories/14875

Scores

EPSS 0.0060

EPSS Percentile 68.9%

Classification

Status draft

Affected Products (1)

sgi/irix

Timeline

Published May 02, 2005

Tracked Since Feb 18, 2026