Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
Max CVSS
10.0
EPSS Score
7.65%
Published
2010-08-30
Updated
2018-11-28
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Max CVSS
10.0
EPSS Score
22.69%
Published
2010-05-20
Updated
2018-10-10
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.
Max CVSS
5.0
EPSS Score
0.67%
Published
2003-06-16
Updated
2017-07-11
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-10
Updated
2017-07-11
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Max CVSS
10.0
EPSS Score
0.48%
Published
2000-11-14
Updated
2018-10-30
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
Max CVSS
5.0
EPSS Score
0.20%
Published
2000-05-24
Updated
2008-09-10
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-01-21
Updated
2008-09-05
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
1998-02-25
Updated
2017-10-10
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
Max CVSS
2.1
EPSS Score
0.04%
Published
1997-03-05
Updated
2016-10-18
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-05-06
Updated
2016-10-18
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-09-13
Updated
2018-10-30
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
Max CVSS
7.5
EPSS Score
1.13%
Published
1999-09-13
Updated
2018-10-30
Buffer overflow in AIX lchangelv gives root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-07-21
Updated
2022-08-17
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
Max CVSS
10.0
EPSS Score
6.01%
Published
1997-10-29
Updated
2022-08-17
AIX piodmgrsu command allows local users to gain additional group privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
1997-10-29
Updated
2022-08-17
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-10-29
Updated
2022-08-17
Buffer overflow in AIX writesrv command allows local users to obtain root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-10-28
Updated
2022-08-17
Buffer overflow in AIX rcp command allows local users to obtain root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-10-01
Updated
2022-08-17
Buffer overflow in AIX xdat gives root access to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-10-22
Updated
2022-08-17
Buffer overflow in AIX lquerylv program gives root access to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-05-26
Updated
2022-08-17
Buffer overflow of rlogin program using TERM environmental variable.
Max CVSS
10.0
EPSS Score
0.94%
Published
1997-02-06
Updated
2024-02-09
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-07-03
Updated
2018-10-30
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Max CVSS
10.0
EPSS Score
9.01%
Published
1998-04-08
Updated
2018-10-30
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
Max CVSS
10.0
EPSS Score
4.41%
Published
1998-04-01
Updated
2018-10-30
24 vulnerabilities found