Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  >> 4.1.2  Security Vulnerabilities
CVE-2001-1529
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.
CVSS Score
7.5
EPSS Score
0.006
Published
2001-12-31
CVE-2001-1061
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
CVSS Score
10.0
EPSS Score
0.006
Published
2001-08-31
CVE-2000-1222
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-12-10
CVE-2000-0844
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
CVE-2000-0441
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
CVSS Score
5.0
EPSS Score
0.005
Published
2000-05-24
CVE-1999-0687
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVSS Score
7.5
EPSS Score
0.073
Published
1999-09-13
CVE-1999-0691
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
CVSS Score
7.2
EPSS Score
0.004
Published
1999-09-13
CVE-1999-1079
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-05-06
CVE-1999-1405
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
CVSS Score
10.0
EPSS Score
0.075
Published
1999-02-17
CVE-1999-0057
Vacation program allows command execution by remote users through a sendmail command.
CVSS Score
7.5
EPSS Score
0.029
Published
1998-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved