19 matches found
CVE-1999-0524
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2005-0156
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-1999-0851
Denial of service in BIND named via naptr.
CVE-2004-0828
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.
CVE-2005-2238
ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports.
CVE-2012-4833
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.
CVE-2006-5004
Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.
CVE-2007-6680
Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy.
CVE-1999-1408
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
CVE-2000-0080
AIX techlibss allows local users to overwrite files via a symlink attack.
CVE-1999-1117
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
CVE-2005-3289
LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.
CVE-2005-4273
Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files.
CVE-2005-0261
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.
CVE-1999-0694
Denial of service in AIX ptrace system call allows local users to crash the system.
CVE-2002-1687
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVE-2000-0873
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
CVE-2002-0790
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
CVE-2011-3982
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs.