| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Buffer overflow in statd allows root privileges. |
| Some implementations of rlogin allow root access if given a -froot parameter. |
| Buffer overflow in AIX lchangelv gives root access. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. |
| Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. |
| Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. |
| Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. |
| The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. |
| RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. |
| Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. |
| dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. |
