U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:ibm:aix:4:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 74 matching records.
Displaying matches 61 through 74.
Vuln ID Summary CVSS Severity
CVE-2002-1041

Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

Published: October 04, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0790

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.

Published: August 12, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2001-1529

Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

Published: December 31, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2001-1061

Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.

Published: August 31, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2001-0573

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.

Published: August 02, 2001; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-1222

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

Published: December 10, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0693

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

Published: March 02, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command.

Published: November 16, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

Published: August 01, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 0.0 LOW
CVE-1999-0566

An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.

Published: August 01, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0033

Command execution in Sun systems via buffer overflow in the at program.

Published: June 12, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

Published: March 01, 1997; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0138

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

Published: June 26, 1996; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-1119

FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.

Published: April 27, 1992; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH