| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. |
| Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. |
| Denial of service in BIND named via malformed SIG records. |
| Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code. |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. |
| Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. |
| lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
| Buffer overflow in AIX ftpd in the libc library. |
| Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Buffer overflow in AIX xdat gives root access to local users. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| Denial of service in AIX ptrace system call allows local users to crash the system. |
