Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.

snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.

Vacation program allows command execution by remote users through a sendmail command.

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.

Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.

AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.

AIX piodmgrsu command allows local users to gain additional group privileges.

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

Buffer overflow in AIX writesrv command allows local users to obtain root access.

Buffer overflow in AIX xdat gives root access to local users.

Buffer overflow in AIX rcp command allows local users to obtain root access.