Vulnerabilities > IBM > AIX > 3.2.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-30 | CVE-2010-3187 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. | 10.0 |
2010-05-20 | CVE-2010-1039 | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. | 10.0 |
2003-06-16 | CVE-2003-0285 | Unspecified vulnerability in IBM AIX IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. | 5.0 |
2002-12-31 | CVE-2002-1690 | Remote Security vulnerability in IBM AIX 3.2.5 Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225. | 10.0 |
2002-12-31 | CVE-2002-1689 | Remote Security vulnerability in IBM AIX 3.2.5 Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | 10.0 |
2000-12-10 | CVE-2000-1222 | Unspecified vulnerability in IBM AIX AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. | 7.2 |
2000-11-14 | CVE-2000-0844 | Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | 10.0 |
2000-05-24 | CVE-2000-0441 | Unspecified vulnerability in IBM AIX Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. | 5.0 |
1999-08-18 | CVE-1999-0745 | Unspecified vulnerability in IBM AIX Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. | 10.0 |
1999-05-06 | CVE-1999-1079 | Unspecified vulnerability in IBM AIX Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. | 4.6 |