| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. |
| Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument. |
| The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. |
| lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
| Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames. |
| Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames. |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. |
| named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file. |
| genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767. |
| Denial of service in BIND named via malformed SIG records. |
| The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument. |
| Buffer overflow in lsmcode in AIX 4.3.3. |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. |
| Buffer overflow in uucp in AIX 4.3.3. |
| namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow. |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. |
| Buffer overflow in pioout on AIX 4.3.3. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
