| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument. |
| Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument. |
| Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |
| Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. |
| CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. |
| Buffer overflow in uucp in AIX 4.3.3. |
| Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
