VYPR

Aix

by IBM

CVEs (402)

  • CVE-2009-3699Oct 15, 2009
    risk 0.08cvss epss 0.62

    Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.

  • CVE-2003-0694Oct 6, 2003
    risk 0.08cvss epss 0.60

    The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

  • CVE-1999-0046Feb 6, 1997
    risk 0.07cvss epss 0.53

    Buffer overflow of rlogin program using TERM environmental variable.

  • CVE-2001-0554Aug 14, 2001
    risk 0.06cvss epss 0.38

    Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

  • CVE-2010-3187Aug 30, 2010
    risk 0.05cvss epss 0.20

    Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.

  • CVE-2010-1039May 20, 2010
    risk 0.05cvss epss 0.20

    Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code…

  • CVE-2009-2727Aug 10, 2009
    risk 0.05cvss epss 0.27

    Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary…

  • CVE-2003-0681Oct 6, 2003
    risk 0.05cvss epss 0.20

    A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

  • CVE-1999-0003Apr 1, 1998
    risk 0.05cvss epss 0.24

    Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

  • CVE-2006-4254Aug 21, 2006
    risk 0.04cvss epss 0.07

    Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.

  • CVE-2000-0844Nov 14, 2000
    risk 0.04cvss epss 0.15

    Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

  • CVE-1999-0009Apr 8, 1998
    risk 0.04cvss epss 0.29

    Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

  • CVE-1999-0018Dec 5, 1997
    risk 0.04cvss epss 0.10

    Buffer overflow in statd allows root privileges.

  • CVE-1999-0042Apr 7, 1997
    risk 0.04cvss epss 0.13

    Buffer overflow in University of Washington's implementation of IMAP and POP servers.

  • CVE-1999-0041Feb 13, 1997
    risk 0.04cvss epss 0.09

    Buffer overflow in NLS (Natural Language Service).

  • CVE-1999-0101Dec 10, 1996
    risk 0.04cvss epss 0.08

    Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.

  • CVE-1999-0208Dec 12, 1995
    risk 0.04cvss epss 0.13

    rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.

  • CVE-1999-0113May 23, 1994
    risk 0.04cvss epss 0.17

    Some implementations of rlogin allow root access if given a -froot parameter.

  • CVE-2023-28528Apr 28, 2023
    risk 0.03cvss epss 0.01

    IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 251207.

  • CVE-2014-8904Jan 15, 2015
    risk 0.03cvss epss 0.01

    lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.

Page 2 of 21