Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
Max CVSS
10.0
EPSS Score
7.65%
Published
2010-08-30
Updated
2018-11-28
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Max CVSS
10.0
EPSS Score
22.69%
Published
2010-05-20
Updated
2018-10-10
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.
Max CVSS
5.0
EPSS Score
0.67%
Published
2003-06-16
Updated
2017-07-11
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-02
Updated
2017-10-10
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-10
Updated
2017-07-11
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-03-02
Updated
2018-05-03
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-03-01
Updated
2022-08-17
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-06-26
Updated
2022-08-17
8 vulnerabilities found