VYPR

Aix

by IBM

CVEs (402)

  • CVE-2002-1201Oct 28, 2002
    risk 0.00cvss epss 0.02

    IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.

  • CVE-2002-1041Oct 4, 2002
    risk 0.00cvss epss 0.01

    Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

  • CVE-2002-1040Oct 4, 2002
    risk 0.00cvss epss 0.01

    Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.

  • CVE-2002-0745Aug 12, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in uucp in AIX 4.3.3.

  • CVE-2002-0746Aug 12, 2002
    risk 0.00cvss epss 0.02

    Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.

  • CVE-2002-0790Aug 12, 2002
    risk 0.00cvss epss 0.00

    clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.

  • CVE-2002-0743Aug 12, 2002
    risk 0.00cvss epss 0.01

    mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.

  • CVE-2002-0744Aug 12, 2002
    risk 0.00cvss epss 0.01

    namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.

  • CVE-2002-0742Aug 12, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in pioout on AIX 4.3.3.

  • CVE-2002-1619Mar 8, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump).

  • CVE-2001-1079Feb 13, 2002
    risk 0.00cvss epss 0.00

    create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.

  • CVE-2002-1594Jan 2, 2002
    risk 0.00cvss epss 0.01

    Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.

  • CVE-2001-1554Dec 31, 2001
    risk 0.00cvss epss 0.01

    IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.

  • CVE-2001-1529Dec 31, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

  • CVE-2001-1557Dec 31, 2001
    risk 0.00cvss epss 0.01

    Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.

  • CVE-2001-1440Dec 21, 2001
    risk 0.00cvss epss 0.05

    Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.

  • CVE-2001-0671Dec 6, 2001
    risk 0.00cvss epss 0.05

    Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

  • CVE-2001-1096Oct 9, 2001
    risk 0.00cvss epss 0.00

    Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.

  • CVE-2001-1095Oct 9, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.

  • CVE-2001-0998Sep 24, 2001
    risk 0.00cvss epss 0.03

    IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd.

Page 17 of 21