Local user gains root privileges via buffer overflow in rdist, via expstr() function.
7.8CVSS
7.4AI Score
0.001EPSS
8.4CVSS
7.9AI Score
0.0004EPSS
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
7.3AI Score
0.011EPSS
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
7.2AI Score
0.0004EPSS
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
6.8AI Score
0.0004EPSS
6.6AI Score
0.001EPSS
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
7.3AI Score
0.032EPSS
6.9AI Score
0.115EPSS
6.6AI Score
0.019EPSS
6.6AI Score
0.0004EPSS
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
6.9AI Score
0.014EPSS
named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.
7.2AI Score
0.0004EPSS
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
6.8AI Score
0.0004EPSS
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
6.8AI Score
0.0004EPSS
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -...
7.1AI Score
0.002EPSS
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
7.9AI Score
0.0004EPSS
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
6.7AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
6.4AI Score
0.0004EPSS
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
7AI Score
0.002EPSS
6.6AI Score
0.0004EPSS
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
7.7AI Score
0.005EPSS
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
6.8AI Score
0.0004EPSS
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
7.3AI Score
0.0004EPSS
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
7.2AI Score
0.0004EPSS
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
7.3AI Score
0.0004EPSS
Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.
7.3AI Score
0.0004EPSS
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.
7.6AI Score
0.0004EPSS
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
7.1AI Score
0.0004EPSS
Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
7.2AI Score
0.0004EPSS
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
7.1AI Score
0.0004EPSS
Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable.
6.6AI Score
0.0004EPSS
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
7.4AI Score
0.009EPSS
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
6.5AI Score
0.0004EPSS
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
6.8AI Score
0.01EPSS
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
7.4AI Score
0.972EPSS
IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd.
6.8AI Score
0.009EPSS
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
7AI Score
0.01EPSS
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
6.9AI Score
0.0004EPSS
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
7.1AI Score
0.042EPSS
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.
7.8AI Score
0.0004EPSS
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.
7.1AI Score
0.0004EPSS
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
7.3AI Score
0.0004EPSS
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
7.3AI Score
0.0004EPSS
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
7.6AI Score
0.017EPSS
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
7AI Score
0.195EPSS
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
6.8AI Score
0.004EPSS
7.2AI Score
0.003EPSS
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.
6.8AI Score
0.008EPSS
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
6.2AI Score
0.011EPSS