| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Delete or create a file via rpc.statd, due to invalid information. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program. |
| Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. |
| Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments. |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. |
| ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports. |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. |
| Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. |
| Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. |
| RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. |
| Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. |
| IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. |
