CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

IBM » AIX : Security Vulnerabilities (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-3187 119 2 Exec Code Overflow 2010-08-30 2011-07-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
2 CVE-2010-1039 134 Exec Code 2010-05-20 2011-07-25
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
3 CVE-2009-3699 119 Exec Code Overflow 2009-10-15 2009-10-15
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
4 CVE-2009-3517 Bypass 2009-10-01 2010-08-21
10.0
None Remote Low Not required Complete Complete Complete
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors.
5 CVE-2009-2727 119 Exec Code Overflow 2009-08-10 2009-08-11
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.
6 CVE-2006-5008 Exec Code 2006-09-26 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.
7 CVE-2005-4272 Exec Code Overflow 2005-12-15 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
8 CVE-2005-1037 +Priv 2005-05-02 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
9 CVE-2004-2388 2004-12-31 2009-03-25
10.0
Admin Remote Low Not required Complete Complete Complete
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
10 CVE-2004-0368 119 Exec Code Overflow 2004-05-04 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
11 CVE-2003-0784 +Priv 2003-10-06 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.
12 CVE-2003-0694 Exec Code Overflow 2003-10-06 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
13 CVE-2003-0170 +Priv 2004-03-29 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors.
14 CVE-2002-1690 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
15 CVE-2002-1689 Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.
16 CVE-2002-1686 Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
17 CVE-2002-1621 Exec Code Overflow 2002-04-22 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
18 CVE-2002-1468 Exec Code Overflow 2003-04-22 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.
19 CVE-2002-0747 Overflow 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in lsmcode in AIX 4.3.3.
20 CVE-2002-0746 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
21 CVE-2002-0745 Overflow 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in uucp in AIX 4.3.3.
22 CVE-2002-0744 Overflow 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
23 CVE-2002-0743 Overflow 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
24 CVE-2002-0742 Overflow 2002-08-12 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in pioout on AIX 4.3.3.
25 CVE-2002-0679 Exec Code Overflow 2002-09-05 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
26 CVE-2001-1440 2001-12-21 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
27 CVE-2001-1080 +Priv 2001-06-19 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
28 CVE-2001-1061 2001-08-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
29 CVE-2001-0797 Exec Code Overflow 2001-12-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
30 CVE-2001-0671 Overflow +Priv 2001-12-06 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
31 CVE-2001-0554 Exec Code Overflow 2001-08-14 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
32 CVE-2000-0844 264 Exec Code 2000-11-14 2009-01-20
10.0
Admin Remote Low Not required Complete Complete Complete
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
33 CVE-1999-1405 Exec Code 1999-02-17 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
34 CVE-1999-1119 Exec Code 1992-04-27 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
35 CVE-1999-0835 DoS 1999-11-10 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Denial of service in BIND named via malformed SIG records.
36 CVE-1999-0789 Overflow 1999-09-28 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in AIX ftpd in the libc library.
37 CVE-1999-0745 Overflow 1999-08-18 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
38 CVE-1999-0208 Exec Code 1995-12-12 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
39 CVE-1999-0113 1994-05-23 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Some implementations of rlogin allow root access if given a -froot parameter.
40 CVE-1999-0101 Overflow 1996-12-10 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
41 CVE-1999-0099 Overflow +Priv 1995-10-19 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
42 CVE-1999-0097 Exec Code 1997-10-29 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
43 CVE-1999-0088 Exec Code 1998-10-26 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
44 CVE-1999-0048 Exec Code 1997-01-27 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
45 CVE-1999-0046 Overflow 1997-02-06 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow of rlogin program using TERM environmental variable.
46 CVE-1999-0042 Overflow 1997-04-07 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
47 CVE-1999-0018 Overflow 1997-12-05 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in statd allows root privileges.
48 CVE-1999-0011 DoS 1998-04-08 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
49 CVE-1999-0009 Overflow 1998-04-08 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
50 CVE-1999-0003 Exec Code Overflow 1998-04-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
Total number of vulnerabilities : 50   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.