Aix
by IBM
CVEs (402)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0090 | 0.00 | — | 0.00 | Oct 1, 1997 | Buffer overflow in AIX rcp command allows local users to obtain root access. | |||
| CVE-1999-0024 | 0.00 | — | 0.05 | Aug 13, 1997 | DNS cache poisoning via BIND, by predictable query IDs. | |||
| CVE-1999-0566 | 0.00 | — | 0.01 | Aug 1, 1997 | An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||
| CVE-1999-0111 | 0.00 | — | 0.01 | Jul 1, 1997 | RIP v1 is susceptible to spoofing. | |||
| CVE-1999-0628 | 0.00 | — | 0.01 | Jul 1, 1997 | The rwho/rwhod service is running, which exposes machine status and user information. | |||
| CVE-1999-0033 | 0.00 | — | 0.01 | Jun 12, 1997 | Command execution in Sun systems via buffer overflow in the at program. | |||
| CVE-1999-0318 | 0.00 | — | 0.01 | Mar 1, 1997 | Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||
| CVE-1999-0048 | 0.00 | — | 0.03 | Jan 27, 1997 | Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. | |||
| CVE-1999-0345 | 0.00 | — | 0.01 | Jan 1, 1997 | Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. | |||
| CVE-1999-0129 | 0.00 | — | 0.01 | Dec 3, 1996 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||
| CVE-1999-0131 | 0.00 | — | 0.01 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||
| CVE-1999-0085 | 0.00 | — | 0.04 | Aug 21, 1996 | Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||
| CVE-1999-0138 | 0.00 | — | 0.01 | Jun 26, 1996 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||
| CVE-1999-0019 | 0.00 | — | 0.02 | Apr 24, 1996 | Delete or create a file via rpc.statd, due to invalid information. | |||
| CVE-1999-0078 | 0.00 | — | 0.01 | Apr 18, 1996 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | |||
| CVE-1999-0099 | 0.00 | — | 0.03 | Oct 19, 1995 | Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. | |||
| CVE-1999-1552 | 0.00 | — | 0.00 | Jul 20, 1994 | dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. | |||
| CVE-1999-0337 | 0.00 | — | 0.02 | Jun 3, 1994 | AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. | |||
| CVE-1999-0338 | 0.00 | — | 0.00 | Feb 24, 1994 | AIX Licensed Program Product performance tools allow local users to gain root access. | |||
| CVE-1999-1119 | 0.00 | — | 0.04 | Apr 27, 1992 | FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. |
- CVE-1999-0090Oct 1, 1997risk 0.00cvss —epss 0.00
Buffer overflow in AIX rcp command allows local users to obtain root access.
- CVE-1999-0024Aug 13, 1997risk 0.00cvss —epss 0.05
DNS cache poisoning via BIND, by predictable query IDs.
- CVE-1999-0566Aug 1, 1997risk 0.00cvss —epss 0.01
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
- CVE-1999-0111Jul 1, 1997risk 0.00cvss —epss 0.01
RIP v1 is susceptible to spoofing.
- CVE-1999-0628Jul 1, 1997risk 0.00cvss —epss 0.01
The rwho/rwhod service is running, which exposes machine status and user information.
- CVE-1999-0033Jun 12, 1997risk 0.00cvss —epss 0.01
Command execution in Sun systems via buffer overflow in the at program.
- CVE-1999-0318Mar 1, 1997risk 0.00cvss —epss 0.01
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
- CVE-1999-0048Jan 27, 1997risk 0.00cvss —epss 0.03
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
- CVE-1999-0345Jan 1, 1997risk 0.00cvss —epss 0.01
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
- CVE-1999-0129Dec 3, 1996risk 0.00cvss —epss 0.01
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
- CVE-1999-0131Sep 11, 1996risk 0.00cvss —epss 0.01
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
- CVE-1999-0085Aug 21, 1996risk 0.00cvss —epss 0.04
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
- CVE-1999-0138Jun 26, 1996risk 0.00cvss —epss 0.01
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
- CVE-1999-0019Apr 24, 1996risk 0.00cvss —epss 0.02
Delete or create a file via rpc.statd, due to invalid information.
- CVE-1999-0078Apr 18, 1996risk 0.00cvss —epss 0.01
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
- CVE-1999-0099Oct 19, 1995risk 0.00cvss —epss 0.03
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
- CVE-1999-1552Jul 20, 1994risk 0.00cvss —epss 0.00
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
- CVE-1999-0337Jun 3, 1994risk 0.00cvss —epss 0.02
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
- CVE-1999-0338Feb 24, 1994risk 0.00cvss —epss 0.00
AIX Licensed Program Product performance tools allow local users to gain root access.
- CVE-1999-1119Apr 27, 1992risk 0.00cvss —epss 0.04
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
Page 20 of 21