| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Some implementations of rlogin allow root access if given a -froot parameter. |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. |
| AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| Buffer overflow in AIX libDtSvc library can allow local users to gain root access. |
| Buffer overflow in AIX ftpd in the libc library. |
| AIX passwd allows local users to gain root access. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. |
| The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files. |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. |
| Delete or create a file via rpc.statd, due to invalid information. |
| Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. |
| Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors. |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
