Vendor CVEs
IBM
All CVEs
8,287 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1689 | 0.00 | — | 0.02 | Dec 31, 2002 | Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | |||
| CVE-2002-2372 | 0.00 | — | 0.02 | Dec 31, 2002 | The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | |||
| CVE-2002-1687 | 0.00 | — | 0.00 | Dec 31, 2002 | Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | |||
| CVE-2002-1822 | 0.00 | — | 0.02 | Dec 31, 2002 | IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||
| CVE-2002-1624 | 0.00 | — | 0.04 | Dec 31, 2002 | Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters. | |||
| CVE-2002-1622 | 0.00 | — | 0.03 | Dec 31, 2002 | Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type." | |||
| CVE-2002-1201 | 0.00 | — | 0.02 | Oct 28, 2002 | IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. | |||
| CVE-2002-1203 | 0.00 | — | 0.02 | Oct 28, 2002 | IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set. | |||
| CVE-2002-1153 | 0.00 | — | 0.03 | Oct 11, 2002 | IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". | |||
| CVE-2002-1041 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. | |||
| CVE-2002-1011 | 0.00 | — | 0.03 | Oct 4, 2002 | Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | |||
| CVE-2002-1040 | 0.00 | — | 0.01 | Oct 4, 2002 | Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. | |||
| CVE-2002-1012 | 0.00 | — | 0.03 | Oct 4, 2002 | Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | |||
| CVE-2002-0742 | 0.00 | — | 0.01 | Aug 12, 2002 | Buffer overflow in pioout on AIX 4.3.3. | |||
| CVE-2002-0743 | 0.00 | — | 0.01 | Aug 12, 2002 | mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. | |||
| CVE-2002-0746 | 0.00 | — | 0.02 | Aug 12, 2002 | Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. | |||
| CVE-2002-0745 | 0.00 | — | 0.01 | Aug 12, 2002 | Buffer overflow in uucp in AIX 4.3.3. | |||
| CVE-2002-0744 | 0.00 | — | 0.01 | Aug 12, 2002 | namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. | |||
| CVE-2002-0790 | 0.00 | — | 0.00 | Aug 12, 2002 | clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. | |||
| CVE-2002-1450 | 0.00 | — | 0.01 | Jul 31, 2002 | IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. | |||
| CVE-2002-0541 | 0.00 | — | 0.04 | Jul 3, 2002 | Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port… | |||
| CVE-2002-0555 | 0.00 | — | 0.02 | Jul 3, 2002 | IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it. | |||
| CVE-2002-0245 | 0.00 | — | 0.03 | May 29, 2002 | Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP… | |||
| CVE-2002-0037 | 0.00 | — | 0.03 | Apr 22, 2002 | Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. | |||
| CVE-2002-1620 | 0.00 | — | 0.02 | Apr 1, 2002 | Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection. | |||
| CVE-2002-0087 | 0.00 | — | 0.00 | Mar 15, 2002 | bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | |||
| CVE-2002-0086 | 0.00 | — | 0.00 | Mar 15, 2002 | Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. | |||
| CVE-2002-1619 | 0.00 | — | 0.02 | Mar 8, 2002 | Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump). | |||
| CVE-2001-1079 | 0.00 | — | 0.00 | Feb 13, 2002 | create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | |||
| CVE-2002-1594 | 0.00 | — | 0.01 | Jan 2, 2002 | Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument. | |||
| CVE-2001-1567 | 0.00 | — | 0.02 | Dec 31, 2001 | Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are… | |||
| CVE-2001-1557 | 0.00 | — | 0.01 | Dec 31, 2001 | Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges. | |||
| CVE-2001-1504 | 0.00 | — | 0.02 | Dec 31, 2001 | Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. | |||
| CVE-2001-1529 | 0.00 | — | 0.01 | Dec 31, 2001 | Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779. | |||
| CVE-2001-1554 | 0.00 | — | 0.01 | Dec 31, 2001 | IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets. | |||
| CVE-2001-1440 | 0.00 | — | 0.05 | Dec 21, 2001 | Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. | |||
| CVE-2001-1189 | 0.00 | — | 0.00 | Dec 13, 2001 | IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | |||
| CVE-2001-1191 | 0.00 | — | 0.01 | Dec 11, 2001 | WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | |||
| CVE-2001-0954 | 0.00 | — | 0.02 | Dec 7, 2001 | Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory. | |||
| CVE-2001-0671 | 0.00 | — | 0.05 | Dec 6, 2001 | Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. | |||
| CVE-2001-0824 | 0.00 | — | 0.02 | Dec 6, 2001 | Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. | |||
| CVE-2001-1095 | 0.00 | — | 0.00 | Oct 9, 2001 | Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. | |||
| CVE-2001-1096 | 0.00 | — | 0.00 | Oct 9, 2001 | Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. | |||
| CVE-2001-0998 | 0.00 | — | 0.03 | Sep 24, 2001 | IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd. | |||
| CVE-2000-1215 | 0.00 | — | 0.02 | Sep 19, 2001 | The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||
| CVE-2001-0962 | 0.00 | — | 0.02 | Sep 19, 2001 | IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. | |||
| CVE-2001-1061 | 0.00 | — | 0.02 | Aug 31, 2001 | Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. | |||
| CVE-2000-1202 | 0.00 | — | 0.01 | Aug 31, 2001 | ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. | |||
| CVE-2001-0533 | 0.00 | — | 0.00 | Aug 14, 2001 | Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable. | |||
| CVE-2001-0573 | 0.00 | — | 0.00 | Aug 2, 2001 | lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. |
- CVE-2002-1689Dec 31, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
- CVE-2002-2372Dec 31, 2002risk 0.00cvss —epss 0.02
The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow.
- CVE-2002-1687Dec 31, 2002risk 0.00cvss —epss 0.00
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
- CVE-2002-1822Dec 31, 2002risk 0.00cvss —epss 0.02
IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP).
- CVE-2002-1624Dec 31, 2002risk 0.00cvss —epss 0.04
Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters.
- CVE-2002-1622Dec 31, 2002risk 0.00cvss —epss 0.03
Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."
- CVE-2002-1201Oct 28, 2002risk 0.00cvss —epss 0.02
IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers.
- CVE-2002-1203Oct 28, 2002risk 0.00cvss —epss 0.02
IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set.
- CVE-2002-1153Oct 11, 2002risk 0.00cvss —epss 0.03
IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host".
- CVE-2002-1041Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
- CVE-2002-1011Oct 4, 2002risk 0.00cvss —epss 0.03
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
- CVE-2002-1040Oct 4, 2002risk 0.00cvss —epss 0.01
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
- CVE-2002-1012Oct 4, 2002risk 0.00cvss —epss 0.03
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
- CVE-2002-0742Aug 12, 2002risk 0.00cvss —epss 0.01
Buffer overflow in pioout on AIX 4.3.3.
- CVE-2002-0743Aug 12, 2002risk 0.00cvss —epss 0.01
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
- CVE-2002-0746Aug 12, 2002risk 0.00cvss —epss 0.02
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
- CVE-2002-0745Aug 12, 2002risk 0.00cvss —epss 0.01
Buffer overflow in uucp in AIX 4.3.3.
- CVE-2002-0744Aug 12, 2002risk 0.00cvss —epss 0.01
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
- CVE-2002-0790Aug 12, 2002risk 0.00cvss —epss 0.00
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
- CVE-2002-1450Jul 31, 2002risk 0.00cvss —epss 0.01
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.
- CVE-2002-0541Jul 3, 2002risk 0.00cvss —epss 0.04
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port…
- CVE-2002-0555Jul 3, 2002risk 0.00cvss —epss 0.02
IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it.
- CVE-2002-0245May 29, 2002risk 0.00cvss —epss 0.03
Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP…
- CVE-2002-0037Apr 22, 2002risk 0.00cvss —epss 0.03
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.
- CVE-2002-1620Apr 1, 2002risk 0.00cvss —epss 0.02
Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows remote attackers to read arbitrary files from a file collection.
- CVE-2002-0087Mar 15, 2002risk 0.00cvss —epss 0.00
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.
- CVE-2002-0086Mar 15, 2002risk 0.00cvss —epss 0.00
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.
- CVE-2002-1619Mar 8, 2002risk 0.00cvss —epss 0.02
Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of service (crash and core dump).
- CVE-2001-1079Feb 13, 2002risk 0.00cvss —epss 0.00
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
- CVE-2002-1594Jan 2, 2002risk 0.00cvss —epss 0.01
Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AIX documentation, may allow local users to gain privileges via a long command line argument.
- CVE-2001-1567Dec 31, 2001risk 0.00cvss —epss 0.02
Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are…
- CVE-2001-1557Dec 31, 2001risk 0.00cvss —epss 0.01
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
- CVE-2001-1504Dec 31, 2001risk 0.00cvss —epss 0.02
Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.
- CVE-2001-1529Dec 31, 2001risk 0.00cvss —epss 0.01
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
- CVE-2001-1554Dec 31, 2001risk 0.00cvss —epss 0.01
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
- CVE-2001-1440Dec 21, 2001risk 0.00cvss —epss 0.05
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
- CVE-2001-1189Dec 13, 2001risk 0.00cvss —epss 0.00
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
- CVE-2001-1191Dec 11, 2001risk 0.00cvss —epss 0.01
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
- CVE-2001-0954Dec 7, 2001risk 0.00cvss —epss 0.02
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.
- CVE-2001-0671Dec 6, 2001risk 0.00cvss —epss 0.05
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
- CVE-2001-0824Dec 6, 2001risk 0.00cvss —epss 0.02
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
- CVE-2001-1095Oct 9, 2001risk 0.00cvss —epss 0.00
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.
- CVE-2001-1096Oct 9, 2001risk 0.00cvss —epss 0.00
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.
- CVE-2001-0998Sep 24, 2001risk 0.00cvss —epss 0.03
IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd.
- CVE-2000-1215Sep 19, 2001risk 0.00cvss —epss 0.02
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
- CVE-2001-0962Sep 19, 2001risk 0.00cvss —epss 0.02
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
- CVE-2001-1061Aug 31, 2001risk 0.00cvss —epss 0.02
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
- CVE-2000-1202Aug 31, 2001risk 0.00cvss —epss 0.01
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.
- CVE-2001-0533Aug 14, 2001risk 0.00cvss —epss 0.00
Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable.
- CVE-2001-0573Aug 2, 2001risk 0.00cvss —epss 0.00
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
Page 164 of 166