IRIX systems come with a GUI interface that provides administrators with the ability to monitor the operating system's various activities (such as Load Average, CPU usage, Wait Ratio and so fourth). This program was found to vulnerable to a race condition, which enables a malicious user to overwrite any file he wishes.
Its is possible to create a symbolic link to a predictable file created by the gr_osview program. This is due to the fact the gr_osview create files with a rather simple method of "IP-address.osview.system" scheme, inside the directory '/var/tmp'. By linking the mentioned file symbolically to '/etc/passwd', whenever the administrator runs gr_osview the file '/etc/passwd' will be overwritten with the permissions of "world everything" (also known as 'chmod 777' i.e. -rwxrwxrwx) allowing the malicious modification of the mentioned file.
