Aix
by IBM
CVEs (402)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1201 | 0.00 | — | 0.02 | Oct 28, 2002 | IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. | |||
| CVE-2002-1041 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | |||
| CVE-2002-1040 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | |||
| CVE-2002-0745 | 0.00 | — | 0.01 | Aug 12, 2002 | Buffer overflow in uucp in AIX 4.3.3. | |||
| CVE-2002-0746 | 0.00 | — | 0.02 | Aug 12, 2002 | Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. | |||
| CVE-2002-0790 | 0.00 | — | 0.00 | Aug 12, 2002 | clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. | |||
| CVE-2002-0743 | 0.00 | — | 0.01 | Aug 12, 2002 | mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | |||
| CVE-2002-0744 | 0.00 | — | 0.01 | Aug 12, 2002 | namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. | |||
| CVE-2002-0742 | 0.00 | — | 0.01 | Aug 12, 2002 | Buffer overflow in pioout on AIX 4.3.3. | |||
| CVE-2002-1619 | 0.00 | — | 0.02 | Mar 8, 2002 | Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump). | |||
| CVE-2001-1079 | 0.00 | — | 0.00 | Feb 13, 2002 | create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | |||
| CVE-2002-1594 | 0.00 | — | 0.01 | Jan 2, 2002 | Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | |||
| CVE-2001-1554 | 0.00 | — | 0.01 | Dec 31, 2001 | IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||
| CVE-2001-1529 | 0.00 | — | 0.01 | Dec 31, 2001 | Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. | |||
| CVE-2001-1557 | 0.00 | — | 0.01 | Dec 31, 2001 | Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges. | |||
| CVE-2001-1440 | 0.00 | — | 0.05 | Dec 21, 2001 | Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. | |||
| CVE-2001-0671 | 0.00 | — | 0.05 | Dec 6, 2001 | Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. | |||
| CVE-2001-1096 | 0.00 | — | 0.00 | Oct 9, 2001 | Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. | |||
| CVE-2001-1095 | 0.00 | — | 0.00 | Oct 9, 2001 | Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. | |||
| CVE-2001-0998 | 0.00 | — | 0.03 | Sep 24, 2001 | IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. |
- CVE-2002-1201Oct 28, 2002risk 0.00cvss —epss 0.02
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
- CVE-2002-1041Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
- CVE-2002-1040Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
- CVE-2002-0745Aug 12, 2002risk 0.00cvss —epss 0.01
Buffer overflow in uucp in AIX 4.3.3.
- CVE-2002-0746Aug 12, 2002risk 0.00cvss —epss 0.02
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
- CVE-2002-0790Aug 12, 2002risk 0.00cvss —epss 0.00
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
- CVE-2002-0743Aug 12, 2002risk 0.00cvss —epss 0.01
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
- CVE-2002-0744Aug 12, 2002risk 0.00cvss —epss 0.01
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
- CVE-2002-0742Aug 12, 2002risk 0.00cvss —epss 0.01
Buffer overflow in pioout on AIX 4.3.3.
- CVE-2002-1619Mar 8, 2002risk 0.00cvss —epss 0.02
Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump).
- CVE-2001-1079Feb 13, 2002risk 0.00cvss —epss 0.00
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
- CVE-2002-1594Jan 2, 2002risk 0.00cvss —epss 0.01
Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.
- CVE-2001-1554Dec 31, 2001risk 0.00cvss —epss 0.01
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
- CVE-2001-1529Dec 31, 2001risk 0.00cvss —epss 0.01
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
- CVE-2001-1557Dec 31, 2001risk 0.00cvss —epss 0.01
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
- CVE-2001-1440Dec 21, 2001risk 0.00cvss —epss 0.05
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
- CVE-2001-0671Dec 6, 2001risk 0.00cvss —epss 0.05
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
- CVE-2001-1096Oct 9, 2001risk 0.00cvss —epss 0.00
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.
- CVE-2001-1095Oct 9, 2001risk 0.00cvss —epss 0.00
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.
- CVE-2001-0998Sep 24, 2001risk 0.00cvss —epss 0.03
IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd.
Page 17 of 21