| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. |
| named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file. |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. |
| lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
| FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. |
| Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
