Page 2 of 49 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. • http://archives.neohapsis.com/archives/aix/2002-q1/0005.html •

CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0

create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. create_keyfiles en PSSP 3.2 con autentificación DCE 3.1 en sistemas AIX 3.2.0 crea los directorios de ficheros de claves con permisos de escritura para todo el mundo, lo cual permite que un usuario local borre esos ficheros y provoque una denegación del servicio. • http://archives.neohapsis.com/archives/aix/2001-q3/0000.html http://www.osvdb.org/5473 https://exchange.xforce.ibmcloud.com/vulnerabilities/8923 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. • http://www.kb.cert.org/vuls/id/17566 https://exchange.xforce.ibmcloud.com/vulnerabilities/6432 •

CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 https://www.exploit-db.com/exploits/209 https://www.exploit-db.com/exploits/215 https://www.exploit-db.com/exploits/249 https://www.exploit-db.com/exploits/20185 https://www.exploit-db.com/exploits/210 https://www.exploit-db.com/exploits/20188 https://www.exploit-db.com/exploits/20186 https://www.exploit-db.com/exploits/197 https://www.exploit-db.com/exploits/20189 https://www.exploit-db.com/exploits/20190 ftp: • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. • http://archives.neohapsis.com/archives/bugtraq/2000-05/0275.html http://www.securityfocus.com/bid/1241 •