EUVD-2000-1107

Malware in sbrugna...

EUVD-1999-1564

Malware in sbrugna...

EUVD-2003-0688

Malware in sbrugna...

CVE-2008-0509

Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service crash or possibly gain privileges via a long argument to 1 piox25, related to piox25.c; or 2 piox25remote, related to piox25remote.sh...

CVE-2008-0509

IBM AIX 4.3 contains buffer overflow vulnerabilities in the piox25 component and the piox25remote script. A long argument to either piox25 (piox25.c) or piox25remote.sh can be exploited by remote attackers to cause a denial of service (crash) or potentially gain privileges. The provided documents...

Code injection

rmpvc on IBM AIX 4.3 allows local users to cause a denial of service system crash via long port logical name -l argument...

AIX 4.3 lsmcode local root command execution

It has been reported on http://www.securityfocus.com/bid/18114/ about this vulnerability in AIX 5.1 - 5.3, some exploits is published in milw0rm to exploits this issue http://milw0rm.com/exploits/701 I have an AIX 4.3 box and it seems vulnerable with this issue too bash-2.04$ mkdirhier /tmp/aap/b...

CVE-1999-1574

CVE-1999-1574 concerns a buffer overflow in the lex routines of nslookup on AIX 4.3, which can cause a core dump and potentially allow arbitrary code execution via long input strings. Affected component: nslookup (AIX 4.3). Exploitation details are not explicitly described in the provided documen...

CVE-1999-1583

Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument...

CVE-1999-1583

CVE-1999-1583: Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. Affected: nslookup on AIX 4.3. Root cause: buffer overflow when processing the hostname argument. Impact: local arbitrary code execution (per CVSSv2 vecto...

CVE-1999-1574

Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."...

AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution

Exploit for aix platform in category local exploits ====================================================== AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution ====================================================== mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF...

CVE-2001-1080

CVE-2001-1080 affects AIX 4.3.x and 5.1; diagrpt uses the DIAGDATADIR environment variable to locate and execute programs, allowing local users to gain privileges by pointing the variable to a Trojan horse program. The connected records confirm the affected product/version and the root cause (env...

CVE-2001-0671

CVE-2001-0671 describes buffer overflow vulnerabilities in the AIX 4.3 and 5.1 line printer daemon (lpd), affecting the three functions: send_status(), kill_print(), and chk_fhost(). A successful remote exploit could grant root privileges or cause a DoS. Exploitation generally requires the attack...

Buffer oveflow vulnerability in CDE DtSvc library

IBM SECURITY ADVISORY Mon Oct 29 09:15:39 CST 2001 =========================================================================== VULNERABILITY SUMMARY VULNERABILITY: Buffer oveflow vulnerability in CDE DtSvc library PLATFORMS: IBM AIX 4.3 and 5.1 SOLUTION: Apply the emergency-fixes described below...

CVE-1999-1487

The CVE-1999-1487 entry describes a local privilege escalation in AIX 4.3 where printq users can gain root privileges by creating or modifying any file on the system via the vulnerable digest component. Affected software is AIX 4.3; the advisory notes root/complete impact (as reflected in the NVD...

CVE-1999-1079

CVE-1999-1079 describes a local privilege-escalation vulnerability in AIX 4.3 where an attacker can gain privileges by attaching to a setgid program via ptrace. The description notes the affected component (ptrace on AIX 4.3) and the impact (local privilege escalation) with a CVSS-like metric ind...

CVE-1999-1480

1 acledit and 2 aclput in AIX 4.3 allow local users to create or modify files via a symlink attack...

CVE-1999-1480

Technical details on CVE-1999-1480 are not publicly provided in the supplied documents; no concrete affected products, root cause, or remediation are described here. Monitor for updates.

CVE-2000-1122

IBM AIX setclock is vulnerable to a local buffer overflow in handling the remote timeserver hostname, potentially allowing a local user to gain root privileges. Affected versions include AIX 4.3.x and earlier. IBM provided patches via APARs IY07790 (AIX 4.2) and IY07831 (AIX 4.3). CERT/CC notes t...