Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2002-1041 |
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. Published: October 04, 2002; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2002-0790 |
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. Published: August 12, 2002; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2001-1529 |
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. Published: December 31, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2001-1061 |
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. Published: August 31, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-1222 |
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. Published: December 10, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0844 |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. Published: November 14, 2000; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0441 |
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. Published: May 24, 2000; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0745 |
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. Published: August 18, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-1079 |
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. Published: May 06, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-1405 |
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. Published: February 17, 1999; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0057 |
Vacation program allows command execution by remote users through a sendmail command. Published: November 16, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0513 |
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. Published: January 05, 1998; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0097 |
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). Published: October 29, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0115 |
AIX bugfiler program allows local users to gain root access. Published: September 01, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0566 |
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. Published: August 01, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-1208 |
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. Published: July 21, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0033 |
Command execution in Sun systems via buffer overflow in the at program. Published: June 12, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0064 |
Buffer overflow in AIX lquerylv program gives root access to local users. Published: May 26, 1997; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0041 |
Buffer overflow in NLS (Natural Language Service). Published: February 13, 1997; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0116 |
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. Published: September 19, 1996; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |