Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
Max CVSS
10.0
EPSS Score
0.18%
Published
2002-12-31
Updated
2008-09-05
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
Max CVSS
10.0
EPSS Score
0.31%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
Max CVSS
10.0
EPSS Score
0.21%
Published
2002-12-31
Updated
2008-09-05
Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."
Max CVSS
7.5
EPSS Score
0.51%
Published
2002-12-31
Updated
2017-07-11
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
1.97%
Published
2002-04-22
Updated
2008-09-05
Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump).
Max CVSS
5.0
EPSS Score
1.07%
Published
2002-03-08
Updated
2017-07-11
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
Max CVSS
5.0
EPSS Score
5.13%
Published
2002-10-28
Updated
2016-10-18
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
Max CVSS
5.0
EPSS Score
0.29%
Published
2002-10-04
Updated
2011-03-08
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
Max CVSS
5.0
EPSS Score
0.17%
Published
2002-10-04
Updated
2008-09-05
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-08-12
Updated
2008-09-10
Buffer overflow in lsmcode in AIX 4.3.3.
Max CVSS
10.0
EPSS Score
0.45%
Published
2002-08-12
Updated
2008-09-05
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in uucp in AIX 4.3.3.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in pioout on AIX 4.3.3.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
Max CVSS
10.0
EPSS Score
1.72%
Published
2002-09-05
Updated
2018-10-30
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
Max CVSS
7.2
EPSS Score
0.74%
Published
2002-07-23
Updated
2018-10-30
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
Max CVSS
7.5
EPSS Score
0.79%
Published
2002-07-23
Updated
2018-10-30
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
Max CVSS
3.6
EPSS Score
0.04%
Published
2002-02-13
Updated
2017-10-10
21 vulnerabilities found