| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code. |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. |
| Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| AIX infod allows local users to gain root access through an X display. |
| Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. |
| Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN). |
| AIX passwd allows local users to gain root access. |
