Aix
by IBM
CVEs (402)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-1999-0745 | 0.03 | — | 0.03 | Aug 18, 1999 | Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. | |||
| CVE-1999-1405 | 0.03 | — | 0.03 | Feb 17, 1999 | snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd… | |||
| CVE-1999-0118 | 0.03 | — | 0.01 | Nov 1, 1998 | AIX infod allows local users to gain root access through an X display. | |||
| CVE-1999-0014 | 0.03 | — | 0.01 | Jan 21, 1998 | Unauthorized privileged access or denial of service via dtappgather program in CDE. | |||
| CVE-1999-0092 | 0.03 | — | 0.01 | Oct 29, 1997 | Various vulnerabilities in the AIX portmir command allows local users to obtain root access. | |||
| CVE-1999-0115 | 0.03 | — | 0.01 | Sep 1, 1997 | AIX bugfiler program allows local users to gain root access. | |||
| CVE-1999-0122 | 0.03 | — | 0.01 | Jul 21, 1997 | Buffer overflow in AIX lchangelv gives root access. | |||
| CVE-1999-1208 | 0.03 | — | 0.01 | Jul 21, 1997 | Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. | |||
| CVE-1999-0064 | 0.03 | — | 0.01 | May 26, 1997 | Buffer overflow in AIX lquerylv program gives root access to local users. | |||
| CVE-1999-0040 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | |||
| CVE-1999-0112 | 0.03 | — | 0.01 | May 1, 1997 | Buffer overflow in AIX dtterm program for the CDE. | |||
| CVE-1999-1408 | 0.03 | — | 0.01 | Mar 5, 1997 | Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||
| CVE-1999-0130 | 0.03 | — | 0.01 | Nov 16, 1996 | Local users can start Sendmail in daemon mode and gain root privileges. | |||
| CVE-1999-0116 | 0.03 | — | 0.06 | Sep 19, 1996 | Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. | |||
| CVE-1999-0023 | 0.03 | — | 0.01 | Jul 24, 1996 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. | |||
| CVE-2002-0679 | 0.02 | — | 0.23 | Sep 5, 2002 | Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. | |||
| CVE-2012-4817 | 0.01 | — | 0.08 | Sep 14, 2012 | The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | |||
| CVE-2005-4272 | 0.01 | — | 0.09 | Dec 15, 2005 | Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal. | |||
| CVE-2004-0368 | 0.01 | — | 0.11 | May 4, 2004 | Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. |
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-1999-0745Aug 18, 1999risk 0.03cvss —epss 0.03
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
- CVE-1999-1405Feb 17, 1999risk 0.03cvss —epss 0.03
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd…
- CVE-1999-0118Nov 1, 1998risk 0.03cvss —epss 0.01
AIX infod allows local users to gain root access through an X display.
- CVE-1999-0014Jan 21, 1998risk 0.03cvss —epss 0.01
Unauthorized privileged access or denial of service via dtappgather program in CDE.
- CVE-1999-0092Oct 29, 1997risk 0.03cvss —epss 0.01
Various vulnerabilities in the AIX portmir command allows local users to obtain root access.
- CVE-1999-0115Sep 1, 1997risk 0.03cvss —epss 0.01
AIX bugfiler program allows local users to gain root access.
- CVE-1999-0122Jul 21, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX lchangelv gives root access.
- CVE-1999-1208Jul 21, 1997risk 0.03cvss —epss 0.01
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
- CVE-1999-0064May 26, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX lquerylv program gives root access to local users.
- CVE-1999-0040May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
- CVE-1999-0112May 1, 1997risk 0.03cvss —epss 0.01
Buffer overflow in AIX dtterm program for the CDE.
- CVE-1999-1408Mar 5, 1997risk 0.03cvss —epss 0.01
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
- CVE-1999-0130Nov 16, 1996risk 0.03cvss —epss 0.01
Local users can start Sendmail in daemon mode and gain root privileges.
- CVE-1999-0116Sep 19, 1996risk 0.03cvss —epss 0.06
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
- CVE-1999-0023Jul 24, 1996risk 0.03cvss —epss 0.01
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
- CVE-2002-0679Sep 5, 2002risk 0.02cvss —epss 0.23
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
- CVE-2012-4817Sep 14, 2012risk 0.01cvss —epss 0.08
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
- CVE-2005-4272Dec 15, 2005risk 0.01cvss —epss 0.09
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
- CVE-2004-0368May 4, 2004risk 0.01cvss —epss 0.11
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
Page 7 of 21