| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program. |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. |
| Buffer overflow in lscfg of unknown versions of AIX has unknown impact. |
| Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. |
| Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
| Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called." |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. |
| Denial of service in AIX ptrace system call allows local users to crash the system. |
| clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. |
| Buffer overflow in lsmcode in AIX 4.3.3. |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. |
| Buffer overflow in AIX lquerylv program gives root access to local users. |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. |
| Buffer overflows in Sun libnsl allow root access. |
| Buffer overflow in uucp in AIX 4.3.3. |