U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:ibm:aix:1.2.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 74 matching records.
Displaying matches 61 through 74.
Vuln ID Summary CVSS Severity
CVE-2002-1041

Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

Published: October 04, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0790

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.

Published: August 12, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2001-1529

Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

Published: December 31, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1061

Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.

Published: August 31, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-1222

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

Published: December 10, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-1589

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

Published: December 31, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command.

Published: November 16, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

Published: August 01, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 0.0 LOW
CVE-1999-0566

An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.

Published: August 01, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0033

Command execution in Sun systems via buffer overflow in the at program.

Published: June 12, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-1552

dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.

Published: July 20, 1994; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0337

AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.

Published: June 03, 1994; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1119

FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.

Published: April 27, 1992; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-1121

The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.

Published: March 19, 1992; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH