Total
701 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0208 | 3 Ibm, Nec, Sgi | 5 Aix, Asl Ux 4800, Ews-ux V and 2 more | 2023-12-10 | 10.0 HIGH | N/A |
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. | |||||
CVE-2004-1330 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | |||||
CVE-1999-1480 | 1 Ibm | 1 Aix | 2023-12-10 | 1.2 LOW | N/A |
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. | |||||
CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2023-12-10 | 7.5 HIGH | N/A |
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||||
CVE-1999-0055 | 2 Ibm, Sun | 3 Aix, Solaris, Sunos | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflows in Sun libnsl allow root access. | |||||
CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2023-12-10 | 10.0 HIGH | N/A |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||||
CVE-2003-0285 | 1 Ibm | 1 Aix | 2023-12-10 | 5.0 MEDIUM | N/A |
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. | |||||
CVE-2004-0368 | 3 Ibm, Open Group, Xi Graphics | 3 Aix, Cde Common Desktop Environment, Dextop | 2023-12-10 | 10.0 HIGH | N/A |
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2023-12-10 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-2003-0954 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. | |||||
CVE-1999-0903 | 1 Ibm | 1 Aix | 2023-12-10 | 7.5 HIGH | N/A |
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. | |||||
CVE-1999-1208 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. | |||||
CVE-1999-1405 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. | |||||
CVE-1999-0019 | 7 Data General, Ibm, Ncr and 4 more | 10 Dg Ux, Aix, Mp-ras and 7 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Delete or create a file via rpc.statd, due to invalid information. | |||||
CVE-1999-1589 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
CVE-2002-0677 | 7 Caldera, Compaq, Hp and 4 more | 9 Openunix, Unixware, Tru64 and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. | |||||
CVE-2001-1061 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. | |||||
CVE-2003-0119 | 1 Ibm | 1 Aix | 2023-12-10 | 7.5 HIGH | N/A |
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. | |||||
CVE-1999-0694 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
Denial of service in AIX ptrace system call allows local users to crash the system. | |||||
CVE-2002-1689 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. |