# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2010-1039 |
134 |
|
Exec Code |
2010-05-20 |
2018-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. |
2 |
CVE-2000-0844 |
264 |
|
Exec Code |
2000-11-14 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
3 |
CVE-2000-0441 |
|
|
|
2000-05-24 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. |
4 |
CVE-1999-1487 |
|
|
+Priv |
1998-01-21 |
2008-09-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. |
5 |
CVE-1999-1486 |
|
|
|
1998-02-25 |
2017-10-10 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. |
6 |
CVE-1999-1408 |
|
|
DoS |
1997-03-05 |
2016-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. |
7 |
CVE-1999-1405 |
|
|
Exec Code |
1999-02-17 |
2016-10-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. |
8 |
CVE-1999-1208 |
|
|
Overflow +Priv |
1997-07-21 |
2017-10-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. |
9 |
CVE-1999-1117 |
|
|
|
1999-12-31 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
10 |
CVE-1999-1079 |
|
|
+Priv |
1999-05-06 |
2016-10-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. |
11 |
CVE-1999-0691 |
|
|
Overflow +Priv |
1999-09-13 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
12 |
CVE-1999-0687 |
|
|
Exec Code |
1999-09-13 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
13 |
CVE-1999-0345 |
|
|
DoS |
1997-01-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
14 |
CVE-1999-0208 |
|
|
Exec Code |
1995-12-12 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
15 |
CVE-1999-0131 |
|
|
DoS Overflow |
1996-09-11 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
16 |
CVE-1999-0129 |
|
|
|
1996-12-03 |
2018-10-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
17 |
CVE-1999-0128 |
|
|
DoS |
1996-12-18 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
18 |
CVE-1999-0122 |
|
|
Overflow |
1997-07-21 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX lchangelv gives root access. |
19 |
CVE-1999-0118 |
|
|
|
1998-11-01 |
2016-10-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
AIX infod allows local users to gain root access through an X display. |
20 |
CVE-1999-0116 |
|
|
DoS |
1996-09-19 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. |
21 |
CVE-1999-0112 |
|
|
Overflow |
1997-05-01 |
2018-05-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX dtterm program for the CDE. |
22 |
CVE-1999-0111 |
|
|
|
1997-07-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
RIP v1 is susceptible to spoofing. |
23 |
CVE-1999-0101 |
|
|
Overflow |
1996-12-10 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. |
24 |
CVE-1999-0099 |
|
|
Overflow +Priv |
1995-10-19 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
25 |
CVE-1999-0097 |
|
|
Exec Code |
1997-10-29 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
26 |
CVE-1999-0094 |
|
|
+Priv |
1997-10-29 |
2008-09-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
AIX piodmgrsu command allows local users to gain additional group privileges. |
27 |
CVE-1999-0093 |
|
|
|
1997-10-29 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
28 |
CVE-1999-0091 |
|
|
Overflow |
1997-10-28 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX writesrv command allows local users to obtain root access. |
29 |
CVE-1999-0090 |
|
|
Overflow |
1997-10-01 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX rcp command allows local users to obtain root access. |
30 |
CVE-1999-0087 |
|
|
DoS |
1998-02-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
31 |
CVE-1999-0086 |
|
|
|
1998-01-08 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
AIX routed allows remote users to modify sensitive files. |
32 |
CVE-1999-0078 |
|
|
Exec Code |
1996-04-18 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
33 |
CVE-1999-0072 |
|
|
Overflow |
1997-10-22 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX xdat gives root access to local users. |
34 |
CVE-1999-0064 |
|
|
Overflow |
1997-05-26 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX lquerylv program gives root access to local users. |
35 |
CVE-1999-0048 |
|
|
Exec Code |
1997-01-27 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. |
36 |
CVE-1999-0046 |
|
|
Overflow |
1997-02-06 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow of rlogin program using TERM environmental variable. |
37 |
CVE-1999-0041 |
|
|
Overflow |
1997-02-13 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in NLS (Natural Language Service). |
38 |
CVE-1999-0040 |
|
|
Exec Code Overflow |
1997-05-01 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
39 |
CVE-1999-0038 |
|
|
Exec Code Overflow |
1997-04-26 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in xlock program allows local users to execute commands as root. |
40 |
CVE-1999-0024 |
|
|
|
1997-08-13 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
DNS cache poisoning via BIND, by predictable query IDs. |
41 |
CVE-1999-0023 |
|
|
Overflow +Priv |
1996-07-24 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
42 |
CVE-1999-0022 |
|
|
Overflow +Priv |
1996-07-03 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
43 |
CVE-1999-0019 |
|
|
|
1996-04-24 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Delete or create a file via rpc.statd, due to invalid information. |
44 |
CVE-1999-0018 |
|
|
Overflow |
1997-12-05 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in statd allows root privileges. |
45 |
CVE-1999-0017 |
|
|
|
1997-12-10 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
46 |
CVE-1999-0014 |
|
|
DoS |
1998-01-21 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Unauthorized privileged access or denial of service via dtappgather program in CDE. |
47 |
CVE-1999-0011 |
|
|
DoS |
1998-04-08 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
48 |
CVE-1999-0010 |
|
|
DoS |
1998-04-08 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
49 |
CVE-1999-0009 |
|
|
Overflow |
1998-04-08 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
50 |
CVE-1999-0003 |
|
|
Exec Code Overflow |
1998-04-01 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |