Vulnerabilities > IBM > AIX > 4.3.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-30 | CVE-2010-3187 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. | 10.0 |
| 2010-05-20 | CVE-2010-1039 | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. | 10.0 |
| 2004-12-31 | CVE-2004-2697 | Race Condition vulnerability in IBM AIX 4.3.3/5.1/5.1L The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). | 6.9 |
| 2004-12-31 | CVE-2004-2388 | Privilege Escalation vulnerability in IBM AIX 4.3.3 rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | 10.0 |
| 2004-12-31 | CVE-2004-2312 | Local Buffer Overflow vulnerability in IBM AIX 4.3.3 Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | 7.2 |
| 2004-08-06 | CVE-2004-0544 | Buffer Overflow vulnerability in IBM AIX 4.3.3/5.1/5.2 Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. | 7.2 |
| 2004-05-04 | CVE-2004-0368 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | 10.0 |
| 2004-04-15 | CVE-2003-0257 | Unspecified vulnerability in IBM AIX Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. | 7.2 |
| 2004-03-29 | CVE-2003-1018 | Local Format String vulnerability in IBM AIX 4.3.3/5.1/5.2 Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. | 7.2 |
| 2004-02-03 | CVE-2003-0119 | Unspecified vulnerability in IBM AIX 4.3.3/5.1/5.2 The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. | 7.5 |