Aix
by IBM
CVEs (402)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1468 | 0.03 | — | 0.04 | Apr 22, 2003 | Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | |||
| CVE-2003-0087 | 0.03 | — | 0.01 | Mar 3, 2003 | Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. | |||
| CVE-2002-0747 | 0.03 | — | 0.06 | Aug 12, 2002 | Buffer overflow in lsmcode in AIX 4.3.3. | |||
| CVE-2001-1080 | 0.03 | — | 0.06 | Jun 19, 2001 | diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program. | |||
| CVE-2000-1119 | 0.03 | — | 0.01 | Jan 9, 2001 | Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. | |||
| CVE-2000-1124 | 0.03 | — | 0.01 | Jan 9, 2001 | Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables. | |||
| CVE-2000-1120 | 0.03 | — | 0.01 | Jan 9, 2001 | Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. | |||
| CVE-2000-1121 | 0.03 | — | 0.01 | Jan 9, 2001 | Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument. | |||
| CVE-2000-0873 | 0.03 | — | 0.01 | Nov 14, 2000 | netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||
| CVE-1999-0693 | 0.03 | — | 0.01 | Mar 2, 2000 | Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||
| CVE-1999-1117 | 0.03 | — | 0.01 | Dec 31, 1999 | lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. | |||
| CVE-1999-0789 | 0.03 | — | 0.03 | Sep 28, 1999 | Buffer overflow in AIX ftpd in the libc library. | |||
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-1999-0745 | 0.03 | — | 0.03 | Aug 18, 1999 | Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. | |||
| CVE-1999-1405 | 0.03 | — | 0.03 | Feb 17, 1999 | snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd… | |||
| CVE-1999-0118 | 0.03 | — | 0.01 | Nov 1, 1998 | AIX infod allows local users to gain root access through an X display. | |||
| CVE-1999-0014 | 0.03 | — | 0.01 | Jan 21, 1998 | Unauthorized privileged access or denial of service via dtappgather program in CDE. | |||
| CVE-1999-0092 | 0.03 | — | 0.01 | Oct 29, 1997 | Various vulnerabilities in the AIX portmir command allows local users to obtain root access. | |||
| CVE-1999-0115 | 0.03 | — | 0.01 | Sep 1, 1997 | AIX bugfiler program allows local users to gain root access. | |||
| CVE-1999-0122 | 0.03 | — | 0.01 | Jul 21, 1997 | Buffer overflow in AIX lchangelv gives root access. |
- CVE-2002-1468Apr 22, 2003risk 0.03cvss —epss 0.04
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.
- CVE-2003-0087Mar 3, 2003risk 0.03cvss —epss 0.01
Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm.
- CVE-2002-0747Aug 12, 2002risk 0.03cvss —epss 0.06
Buffer overflow in lsmcode in AIX 4.3.3.
- CVE-2001-1080Jun 19, 2001risk 0.03cvss —epss 0.06
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
- CVE-2000-1119Jan 9, 2001risk 0.03cvss —epss 0.01
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
- CVE-2000-1124Jan 9, 2001risk 0.03cvss —epss 0.01
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
- CVE-2000-1120Jan 9, 2001risk 0.03cvss —epss 0.01
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
- CVE-2000-1121Jan 9, 2001risk 0.03cvss —epss 0.01
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
- CVE-2000-0873Nov 14, 2000risk 0.03cvss —epss 0.01
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
- CVE-1999-0693Mar 2, 2000risk 0.03cvss —epss 0.01
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
- CVE-1999-1117Dec 31, 1999risk 0.03cvss —epss 0.01
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
- CVE-1999-0789Sep 28, 1999risk 0.03cvss —epss 0.03
Buffer overflow in AIX ftpd in the libc library.
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-1999-0745Aug 18, 1999risk 0.03cvss —epss 0.03
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
- CVE-1999-1405Feb 17, 1999risk 0.03cvss —epss 0.03
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd…
- CVE-1999-0118Nov 1, 1998risk 0.03cvss —epss 0.01
AIX infod allows local users to gain root access through an X display.
- CVE-1999-0014Jan 21, 1998risk 0.03cvss —epss 0.01
Unauthorized privileged access or denial of service via dtappgather program in CDE.
- CVE-1999-0092Oct 29, 1997risk 0.03cvss —epss 0.01
Various vulnerabilities in the AIX portmir command allows local users to obtain root access.
- CVE-1999-0115Sep 1, 1997risk 0.03cvss —epss 0.01
AIX bugfiler program allows local users to gain root access.
- CVE-1999-0122Jul 21, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX lchangelv gives root access.
Page 4 of 21