Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
CVSS Score
7.5
EPSS Score
0.042
Published
2007-02-21
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-11-23
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.
CVSS Score
5.0
EPSS Score
0.012
Published
2003-06-16
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVSS Score
10.0
EPSS Score
0.005
Published
2002-12-31
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-31
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-10-04
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-10-04
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-08-12