CVE-2004-2312 – GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-2312
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. • https://www.exploit-db.com/exploits/23838 http://archives.neohapsis.com/archives/fulldisclosure/2004-03/0997.html http://archives.neohapsis.com/archives/fulldisclosure/2004-03/1124.html http://secunia.com/advisories/11158 http://www.osvdb.org/4391 http://www.securityfocus.com/bid/9903 https://exchange.xforce.ibmcloud.com/vulnerabilities/15554 •
CVE-2004-0544 – AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0544
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. Múltiples desbordamientos de búfer en LVM de AIX 5.1 y 5.2 permite a usuarios locales ganar privilegios mediante comandos (1)putlvcb o (2) getlvcb. • https://www.exploit-db.com/exploits/23840 https://www.exploit-db.com/exploits/23841 http://secunia.com/advisories/11158 http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0544.2 http://www-1.ibm.com/support/docview.wss?uid=isg1IY55681 http://www-1.ibm.com/support/docview.wss?uid=isg1IY55682 http://www.ciac.org/ciac/bulletins/o-131.shtml http://www.osvdb.org/4392 http://www.osvdb.org/4393 http://www.securityfocus.com/bid/9905 http& •
CVE-2004-0368
https://notcve.org/view.php?id=CVE-2004-0368
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. Vulnerabilidad de doble liberación de memora en dtlogin de CDE sobre Solaris, y posiblemente otros sistemas operativos, permite a atacantes remotos ejecutar código arbitrario mediante cierto paquete UDP. • ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0064.html http://lists.immunitysec.com/pipermail/dailydave/2004-March/000402.html http://secunia.com/advisories/11210 http://secunia.com/advisories/11214 http://secunia.com/advisories/11495 http://secunia.com/advisories/11614 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101478-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57539-1&se • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2004-0243
https://notcve.org/view.php?id=CVE-2004-0243
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods. Cuando está deshabilitado el login remoto en AiX4.3.3 hasta AIX5.1 muestra un mensaje diferencte si la contraseña es correcta, lo que permite que atacantes remotos adivinen la contraseña por métodos de fuerza bruta. • http://archives.neohapsis.com/archives/bugtraq/2004-02/0313.html http://marc.info/?l=bugtraq&m=107583269206044&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15172 • CWE-203: Observable Discrepancy •
CVE-2003-0257
https://notcve.org/view.php?id=CVE-2003-0257
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. Vulnerabilidad de cadena de formato en la capacídad de impresión de IBM AIX .3, 5.1 y 5.2 pemite a usuarios locales ganar privilegios de printq o de root • http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2003.0660.1 https://exchange.xforce.ibmcloud.com/vulnerabilities/12000 •