IBM : Security Vulnerabilities, CVEs, Published In 1999 CVSS score >= 1
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
Max CVSS
6.2
EPSS Score
0.04%
Published
1999-12-27
Updated
2008-09-10
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-12-31
Updated
2008-09-05
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-09-30
Updated
2017-07-11
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-01-29
Updated
2017-12-19
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Max CVSS
7.5
EPSS Score
0.41%
Published
1999-11-02
Updated
2016-10-18
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
Max CVSS
5.0
EPSS Score
0.33%
Published
1999-12-31
Updated
2008-09-05
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-05-25
Updated
2016-10-18
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
Max CVSS
10.0
EPSS Score
0.24%
Published
1999-02-17
Updated
2016-10-18
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-31
Updated
2017-10-10
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-05-06
Updated
2016-10-18
named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-09-23
Updated
2016-10-18
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
Max CVSS
7.5
EPSS Score
1.40%
Published
1999-10-26
Updated
2022-08-17
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-12-02
Updated
2008-09-09
Denial of service in BIND named via naptr.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-11-10
Updated
2018-10-30
Denial of service in BIND named via malformed SIG records.
Max CVSS
10.0
EPSS Score
1.92%
Published
1999-11-10
Updated
2018-10-30
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-05-25
Updated
2016-10-18
Buffer overflow in AIX ftpd in the libc library.
Max CVSS
10.0
EPSS Score
11.46%
Published
1999-09-28
Updated
2008-09-09
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
Max CVSS
10.0
EPSS Score
3.17%
Published
1999-08-18
Updated
2008-09-09
Denial of service in AIX ptrace system call allows local users to crash the system.
Max CVSS
2.1
EPSS Score
0.06%
Published
1999-08-11
Updated
2008-09-09
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-09-13
Updated
2018-10-30
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
Max CVSS
7.5
EPSS Score
1.13%
Published
1999-09-13
Updated
2018-10-30
The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.
Max CVSS
7.5
EPSS Score
2.23%
Published
1999-03-01
Updated
2016-10-18
22 vulnerabilities found