SGI IRIX inpview command allows elevated privileges
| irix-inpview-gain-privileges (18894) |  High Risk |
Description:
SGI IRIX could allow a local attacker to gain elevated privileges, caused by a vulnerability in the inpview program, which is installed setuid root. inpview fails to drop privileges when executing commands specified in the SUN_TTSESSION_CMD environment variable. A local attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges.
Consequences:
Gain Privileges
Remedy:
No remedy available as of July 9, 2011.
References:
- iDEFENSE Security Advisory 01.13.05: SGI IRIX inpview Design Error Vulnerability.
- BID-12259: SGI InPerson Local Privilege Escalation Vulnerability
- CVE-2005-0113: inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
- OSVDB ID: 12915: IRIX inpview Environment Variable Local Privilege Escalation
- SA13858: SGI IRIX inpview Privilege Escalation Vulnerability
- SECTRACK ID: 1012894: SGI InPerson inpview Environment Variable Input Validation Error Lets Local Users Gain Root Privileges
Platforms Affected:
- SGI IRIX 6.5.22
- SGI IRIX 6.5.9
Reported:
Jan 14, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net