Vulnerabilities > IBM > AIX > 4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2010-08-30	CVE-2010-3187	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. network low complexity ibm CWE-119 critical	10.0
2010-05-20	CVE-2010-1039	USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. network low complexity hp ibm sgi CWE-134 critical	10.0
2003-06-16	CVE-2003-0285	Unspecified vulnerability in IBM AIX IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. network low complexity ibm	5.0
2000-12-10	CVE-2000-1222	Unspecified vulnerability in IBM AIX AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. local low complexity ibm	7.2
2000-11-14	CVE-2000-0844	Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. network low complexity caldera immunix conectiva sgi debian ibm mandrakesoft redhat slackware sun suse trustix turbolinux CWE-264 critical	10.0
2000-05-24	CVE-2000-0441	Unspecified vulnerability in IBM AIX Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. network low complexity ibm	5.0
1999-12-31	CVE-1999-1117	Unspecified vulnerability in IBM AIX 4.1/4.2 lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. local low complexity ibm	2.1
1999-09-13	CVE-1999-0691	Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. local low complexity cde digital ibm sun	7.2
1999-09-13	CVE-1999-0687	The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. network low complexity cde digital ibm sun	7.5
1999-05-06	CVE-1999-1079	Unspecified vulnerability in IBM AIX Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. local low complexity ibm	4.6