AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-11-23
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVSS Score
10.0
EPSS Score
0.005
Published
2002-12-31
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-31
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-10-04
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-10-04
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-08-12
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
CVSS Score
7.5
EPSS Score
0.006
Published
2001-12-31
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
CVSS Score
10.0
EPSS Score
0.006
Published
2001-08-31