CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2011-1384
https://notcve.org/view.php?id=CVE-2011-1384
04 Jan 2012 — The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. El programa (1) bin/invscoutClient_VPD_Survey y (2) sbin/invscout_lsvpd en invscout.rte antes de v2.2.0.19 en IBM AIX v7.1, v6.1, v5.3, y anteriores, permite a usuarios locales borrar archivos de su elección o lanzar la... • http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 28%CPEs: 1EXPL: 7CVE-2010-3187 – AIX5l with FTP-Server - Hash Disclosure
https://notcve.org/view.php?id=CVE-2010-3187
30 Aug 2010 — Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. Desbordamiento de buffer en ftpd de IBM AIX v5.3 y versiones anteriores. Permite a atacantes remotos ejecutar código de su elección a través de un comando NLST extenso. • https://www.exploit-db.com/exploits/14409 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 25%CPEs: 45EXPL: 1CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
20 May 2010 — Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 ... • https://www.exploit-db.com/exploits/14407 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2003-0285
https://notcve.org/view.php?id=CVE-2003-0285
14 May 2003 — IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. IBM AIX 5.2 y anteriores, distribuyen Sendmail con un fichero de configuración (sendmail.cf) con varias caracteristicas habilitadas, lo que permite a Sendmail ser utilizado como emisor de correo para spam. Las caracteristicas hab... • http://marc.info/?l=bugtraq&m=105284689228961&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1096
https://notcve.org/view.php?id=CVE-2001-1096
09 Oct 2001 — Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. • http://archives.neohapsis.com/archives/aix/2001-q4/0000.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1095
https://notcve.org/view.php?id=CVE-2001-1095
09 Oct 2001 — Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. • http://archives.neohapsis.com/archives/aix/2001-q4/0000.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2001-0573
https://notcve.org/view.php?id=CVE-2001-0573
02 Aug 2001 — lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory. • http://archives.neohapsis.com/archives/aix/2001-q2/0000.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2000-1222
https://notcve.org/view.php?id=CVE-2000-1222
10 Dec 2000 — AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. • http://www.kb.cert.org/vuls/id/17566 •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13CVE-2000-0844 – Immunix OS 6.2 - LC glibc format string
https://notcve.org/view.php?id=CVE-2000-0844
14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2000-0441
https://notcve.org/view.php?id=CVE-2000-0441
24 May 2000 — Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. • http://archives.neohapsis.com/archives/bugtraq/2000-05/0275.html •