| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Buffer overflow in AIX xdat gives root access to local users. |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| AIX techlibss allows local users to overwrite files via a symlink attack. |
| Buffer overflow in AIX lquerylv program gives root access to local users. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument. |
| Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. |
| diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program. |
| Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands. |
| AIX bugfiler program allows local users to gain root access. |
| Some implementations of rlogin allow root access if given a -froot parameter. |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
