| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. |
| Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries. |
| Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
| Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program. |
| Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable. |
| Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. |
| Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. |
|
IBM AIX 7.1, 7.2, 7.3 and VIOS , 3.1 could allow a non-privileged local user to exploit a vulnerability in X11 to cause a buffer overflow that could result in a denial of service or arbitrary code execution. IBM X-Force ID: 243556.
|
| Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. |
| Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. |
| The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. |
| The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion). |
| Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. |
| lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. |
| Buffer overflow in lscfg of unknown versions of AIX has unknown impact. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
| Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." |
| Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. |
