Download
| Alert*
|
CVE-2003-0257
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. CVE-2003-0064 The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary ... CVE-1999-0789 Buffer overflow in AIX ftpd in the libc library. CVE-1999-0903 genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. CVE-1999-1079 Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. CVE-1999-0687 The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. CVE-1999-0691 Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. CVE-1999-0055 Buffer overflows in Sun libnsl allow root access. CVE-2000-0873 netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. CVE-2000-1119 Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. CVE-2000-0844 Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. CVE-2000-0249 The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. CVE-2000-0466 AIX cdmount allows local users to gain root privileges via shell metacharacters. CVE-2000-0441 Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. CVE-2000-1120 Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. CVE-2000-0080 AIX techlibss allows local users to overwrite files via a symlink attack. CVE-2000-1121 Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument. CVE-2000-1122 Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument. CVE-2000-1123 Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands. CVE-2000-1124 Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables. CVE-2001-0554 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. CVE-2001-0797 Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. CVE-2002-1621 Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code. CVE-2002-1619 Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump). CVE-2010-1039 Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request cont ... CVE-2010-3187 Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. |
