| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. |
| The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. |
| The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. |
| Denial of service in AIX ptrace system call allows local users to crash the system. |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. |
| Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. |
| Buffer overflow in AIX ftpd in the libc library. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
