Vendor CVEs
IBM
All CVEs
8,287 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0055 | 0.00 | — | 0.00 | May 14, 1998 | Buffer overflows in Sun libnsl allow root access. | |||
| CVE-1999-0010 | 0.00 | — | 0.02 | Apr 8, 1998 | Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||
| CVE-1999-1075 | 0.00 | — | 0.01 | Mar 18, 1998 | inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1,… | |||
| CVE-1999-1486 | 0.00 | — | 0.00 | Feb 25, 1998 | sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-1999-0087 | 0.00 | — | 0.01 | Feb 1, 1998 | Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | |||
| CVE-1999-1487 | 0.00 | — | 0.00 | Jan 21, 1998 | Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. | |||
| CVE-1999-0086 | 0.00 | — | 0.02 | Jan 8, 1998 | AIX routed allows remote users to modify sensitive files. | |||
| CVE-1999-0017 | 0.00 | — | 0.02 | Dec 10, 1997 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | |||
| CVE-1999-0094 | 0.00 | — | 0.00 | Oct 29, 1997 | AIX piodmgrsu command allows local users to gain additional group privileges. | |||
| CVE-1999-0093 | 0.00 | — | 0.00 | Oct 29, 1997 | AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. | |||
| CVE-1999-0097 | 0.00 | — | 0.04 | Oct 29, 1997 | The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). | |||
| CVE-1999-0089 | 0.00 | — | 0.00 | Oct 28, 1997 | Buffer overflow in AIX libDtSvc library can allow local users to gain root access. | |||
| CVE-1999-0091 | 0.00 | — | 0.00 | Oct 28, 1997 | Buffer overflow in AIX writesrv command allows local users to obtain root access. | |||
| CVE-1999-0072 | 0.00 | — | 0.00 | Oct 22, 1997 | Buffer overflow in AIX xdat gives root access to local users. | |||
| CVE-1999-0090 | 0.00 | — | 0.00 | Oct 1, 1997 | Buffer overflow in AIX rcp command allows local users to obtain root access. | |||
| CVE-1999-1275 | 0.00 | — | 0.00 | Sep 8, 1997 | Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||
| CVE-1999-0024 | 0.00 | — | 0.05 | Aug 13, 1997 | DNS cache poisoning via BIND, by predictable query IDs. | |||
| CVE-1999-0566 | 0.00 | — | 0.01 | Aug 1, 1997 | An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | |||
| CVE-1999-0628 | 0.00 | — | 0.01 | Jul 1, 1997 | The rwho/rwhod service is running, which exposes machine status and user information. | |||
| CVE-1999-0111 | 0.00 | — | 0.01 | Jul 1, 1997 | RIP v1 is susceptible to spoofing. | |||
| CVE-1999-0033 | 0.00 | — | 0.01 | Jun 12, 1997 | Command execution in Sun systems via buffer overflow in the at program. | |||
| CVE-1999-0318 | 0.00 | — | 0.01 | Mar 1, 1997 | Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||
| CVE-1999-0048 | 0.00 | — | 0.03 | Jan 27, 1997 | Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. | |||
| CVE-1999-0345 | 0.00 | — | 0.01 | Jan 1, 1997 | Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. | |||
| CVE-1999-0129 | 0.00 | — | 0.01 | Dec 3, 1996 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||
| CVE-1999-0131 | 0.00 | — | 0.01 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||
| CVE-1999-0085 | 0.00 | — | 0.04 | Aug 21, 1996 | Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. | |||
| CVE-1999-0138 | 0.00 | — | 0.01 | Jun 26, 1996 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | |||
| CVE-1999-0019 | 0.00 | — | 0.02 | Apr 24, 1996 | Delete or create a file via rpc.statd, due to invalid information. | |||
| CVE-1999-0078 | 0.00 | — | 0.01 | Apr 18, 1996 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | |||
| CVE-1999-0099 | 0.00 | — | 0.03 | Oct 19, 1995 | Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. | |||
| CVE-1999-1552 | 0.00 | — | 0.00 | Jul 20, 1994 | dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. | |||
| CVE-1999-0337 | 0.00 | — | 0.02 | Jun 3, 1994 | AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. | |||
| CVE-1999-0338 | 0.00 | — | 0.00 | Feb 24, 1994 | AIX Licensed Program Product performance tools allow local users to gain root access. | |||
| CVE-1999-1119 | 0.00 | — | 0.04 | Apr 27, 1992 | FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. | |||
| CVE-1999-0117 | 0.00 | — | 0.00 | Mar 31, 1992 | AIX passwd allows local users to gain root access. | |||
| CVE-1999-1121 | 0.00 | — | 0.01 | Mar 19, 1992 | The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges. |
- CVE-1999-0055May 14, 1998risk 0.00cvss —epss 0.00
Buffer overflows in Sun libnsl allow root access.
- CVE-1999-0010Apr 8, 1998risk 0.00cvss —epss 0.02
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
- CVE-1999-1075Mar 18, 1998risk 0.00cvss —epss 0.01
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1,…
- CVE-1999-1486Feb 25, 1998risk 0.00cvss —epss 0.00
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
- CVE-1999-0087Feb 1, 1998risk 0.00cvss —epss 0.01
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.
- CVE-1999-1487Jan 21, 1998risk 0.00cvss —epss 0.00
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
- CVE-1999-0086Jan 8, 1998risk 0.00cvss —epss 0.02
AIX routed allows remote users to modify sensitive files.
- CVE-1999-0017Dec 10, 1997risk 0.00cvss —epss 0.02
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
- CVE-1999-0094Oct 29, 1997risk 0.00cvss —epss 0.00
AIX piodmgrsu command allows local users to gain additional group privileges.
- CVE-1999-0093Oct 29, 1997risk 0.00cvss —epss 0.00
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
- CVE-1999-0097Oct 29, 1997risk 0.00cvss —epss 0.04
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
- CVE-1999-0089Oct 28, 1997risk 0.00cvss —epss 0.00
Buffer overflow in AIX libDtSvc library can allow local users to gain root access.
- CVE-1999-0091Oct 28, 1997risk 0.00cvss —epss 0.00
Buffer overflow in AIX writesrv command allows local users to obtain root access.
- CVE-1999-0072Oct 22, 1997risk 0.00cvss —epss 0.00
Buffer overflow in AIX xdat gives root access to local users.
- CVE-1999-0090Oct 1, 1997risk 0.00cvss —epss 0.00
Buffer overflow in AIX rcp command allows local users to obtain root access.
- CVE-1999-1275Sep 8, 1997risk 0.00cvss —epss 0.00
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.
- CVE-1999-0024Aug 13, 1997risk 0.00cvss —epss 0.05
DNS cache poisoning via BIND, by predictable query IDs.
- CVE-1999-0566Aug 1, 1997risk 0.00cvss —epss 0.01
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
- CVE-1999-0628Jul 1, 1997risk 0.00cvss —epss 0.01
The rwho/rwhod service is running, which exposes machine status and user information.
- CVE-1999-0111Jul 1, 1997risk 0.00cvss —epss 0.01
RIP v1 is susceptible to spoofing.
- CVE-1999-0033Jun 12, 1997risk 0.00cvss —epss 0.01
Command execution in Sun systems via buffer overflow in the at program.
- CVE-1999-0318Mar 1, 1997risk 0.00cvss —epss 0.01
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
- CVE-1999-0048Jan 27, 1997risk 0.00cvss —epss 0.03
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
- CVE-1999-0345Jan 1, 1997risk 0.00cvss —epss 0.01
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
- CVE-1999-0129Dec 3, 1996risk 0.00cvss —epss 0.01
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
- CVE-1999-0131Sep 11, 1996risk 0.00cvss —epss 0.01
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
- CVE-1999-0085Aug 21, 1996risk 0.00cvss —epss 0.04
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
- CVE-1999-0138Jun 26, 1996risk 0.00cvss —epss 0.01
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
- CVE-1999-0019Apr 24, 1996risk 0.00cvss —epss 0.02
Delete or create a file via rpc.statd, due to invalid information.
- CVE-1999-0078Apr 18, 1996risk 0.00cvss —epss 0.01
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
- CVE-1999-0099Oct 19, 1995risk 0.00cvss —epss 0.03
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
- CVE-1999-1552Jul 20, 1994risk 0.00cvss —epss 0.00
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
- CVE-1999-0337Jun 3, 1994risk 0.00cvss —epss 0.02
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
- CVE-1999-0338Feb 24, 1994risk 0.00cvss —epss 0.00
AIX Licensed Program Product performance tools allow local users to gain root access.
- CVE-1999-1119Apr 27, 1992risk 0.00cvss —epss 0.04
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
- CVE-1999-0117Mar 31, 1992risk 0.00cvss —epss 0.00
AIX passwd allows local users to gain root access.
- CVE-1999-1121Mar 19, 1992risk 0.00cvss —epss 0.01
The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.
Page 166 of 166