Vulnerabilities > IBM > AIX > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1037 | Unspecified vulnerability in IBM AIX 5.3.0 Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. | 10.0 |
| 2004-12-31 | CVE-2004-2388 | Privilege Escalation vulnerability in IBM AIX 4.3.3 rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | 10.0 |
| 2004-05-04 | CVE-2004-0368 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | 10.0 |
| 2004-03-29 | CVE-2003-0170 | Administrative Access vulnerability in IBM AIX 5.2 Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. | 10.0 |
| 2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | 10.0 |
| 2003-10-06 | CVE-2003-0784 | Unspecified vulnerability in IBM AIX 4.3.3/5.1/5.2 Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers. | 10.0 |
| 2003-04-22 | CVE-2002-1468 | Local Buffer Overflow vulnerability in IBM AIX 4.3.3 Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. | 10.0 |
| 2002-12-31 | CVE-2002-1686 | Remote Security vulnerability in AIX Buffer overflow in lscfg of unknown versions of AIX has unknown impact. | 10.0 |
| 2002-12-31 | CVE-2002-1689 | Remote Security vulnerability in IBM AIX 3.2.5 Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. | 10.0 |
| 2002-12-31 | CVE-2002-1690 | Remote Security vulnerability in IBM AIX 3.2.5 Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225. | 10.0 |