CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45167 – IBM AIX denial of service
https://notcve.org/view.php?id=CVE-2023-45167
10 Nov 2023 — IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965. La implementación Python 7.3 de IBM AIX podría permitir que un usuario local sin privilegios aproveche una vulnerabilidad para provocar una denegación de servicio. ID de IBM X-Force: 267965. • https://aix.software.ibm.com/aix/efixes/security/python_advisory6.asc • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 0CVE-2022-42439 – IBM App Connect Enterprise information disclosure
https://notcve.org/view.php?id=CVE-2022-42439
06 Feb 2023 — IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2011-1384
https://notcve.org/view.php?id=CVE-2011-1384
04 Jan 2012 — The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. El programa (1) bin/invscoutClient_VPD_Survey y (2) sbin/invscout_lsvpd en invscout.rte antes de v2.2.0.19 en IBM AIX v7.1, v6.1, v5.3, y anteriores, permite a usuarios locales borrar archivos de su elección o lanzar la... • http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 79%CPEs: 1EXPL: 7CVE-2010-3187 – AIX5l with FTP-Server - Hash Disclosure
https://notcve.org/view.php?id=CVE-2010-3187
30 Aug 2010 — Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. Desbordamiento de buffer en ftpd de IBM AIX v5.3 y versiones anteriores. Permite a atacantes remotos ejecutar código de su elección a través de un comando NLST extenso. • https://www.exploit-db.com/exploits/14409 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 26%CPEs: 45EXPL: 1CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
20 May 2010 — Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 ... • https://www.exploit-db.com/exploits/14407 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.1EPSS: 0%CPEs: 32EXPL: 2CVE-2005-0156 – Setuid perl - 'PerlIO_Debug()' Local Overflow
https://notcve.org/view.php?id=CVE-2005-0156
07 Feb 2005 — Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. • https://www.exploit-db.com/exploits/791 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2003-0285
https://notcve.org/view.php?id=CVE-2003-0285
14 May 2003 — IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. IBM AIX 5.2 y anteriores, distribuyen Sendmail con un fichero de configuración (sendmail.cf) con varias caracteristicas habilitadas, lo que permite a Sendmail ser utilizado como emisor de correo para spam. Las caracteristicas hab... • http://marc.info/?l=bugtraq&m=105284689228961&w=2 •
CVSS: 9.8EPSS: 56%CPEs: 165EXPL: 1CVE-2003-0028
https://notcve.org/view.php?id=CVE-2003-0028
21 Mar 2003 — Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Desbordamiento de entero en la función xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representación de datos externos) derivadas de SunRPC, incluyendo l... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2000-1222
https://notcve.org/view.php?id=CVE-2000-1222
10 Dec 2000 — AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. • http://www.kb.cert.org/vuls/id/17566 •