CVE-2005-0464
SGI IRIX 6.5.22 - Unauthenticated Arbitrary File Read via gr_osview Debug Mode
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0464. PoCs published by anonymous.
AI-analyzed exploit summary This exploit leverages a command-line argument vulnerability in gr_osview to disclose sensitive information, specifically the /etc/shadow file, which contains password hashes. The issue is confirmed in SGI IRIX 6.5.22 but may affect other versions.
Description
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
Exploits (1)
This exploit leverages a command-line argument vulnerability in gr_osview to disclose sensitive information, specifically the /etc/shadow file, which contains password hashes. The issue is confirmed in SGI IRIX 6.5.22 but may affect other versions.