Ibm Aix vulnerabilities

CVE-2001-1329 [HIGH] CVE-2001-1329: Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long comma Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.

CVE-2001-1330 [HIGH] CVE-2001-1330: Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long comma Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.

CVE-2000-1124 [HIGH] CVE-2000-1124: Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long env Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.

CVE-2000-1121 [HIGH] CVE-2000-1121: Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitra Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.

CVE-2000-1122 [HIGH] CVE-2000-1122: Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute ar Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.

CVE-2000-1120 [HIGH] CVE-2000-1120: Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitra Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.

CVE-2000-1123 [HIGH] CVE-2000-1123: Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbi Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.

CVE-2000-1119 [MEDIUM] CVE-2000-1119: Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitr Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.

CVE-2000-1222 [HIGH] CVE-2000-1222: AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which all AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

CVE-2000-0844 [CRITICAL] CWE-264 CVE-2000-0844: Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected fo Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVE-2000-0873 [LOW] CVE-2000-0873: netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users t netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.

CVE-2000-0466 [HIGH] CVE-2000-0466: AIX cdmount allows local users to gain root privileges via shell metacharacters. AIX cdmount allows local users to gain root privileges via shell metacharacters.

CVE-2000-0441 [MEDIUM] CVE-2000-0441: Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or re Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.

CVE-2000-0249 [HIGH] CVE-2000-0249: The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.

CVE-1999-0693 [HIGH] CVE-1999-0693: Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

CVE-2000-1216 [HIGH] CWE-120 CVE-2000-1216: Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root priv Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.

CVE-2000-0080 [LOW] CVE-2000-0080: AIX techlibss allows local users to overwrite files via a symlink attack. AIX techlibss allows local users to overwrite files via a symlink attack.

CVE-1999-1589 [HIGH] CVE-1999-1589: Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via u Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

CVE-1999-1117 [LOW] CVE-1999-1117: lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.

CVE-1999-0835 [CRITICAL] CVE-1999-0835: Denial of service in BIND named via malformed SIG records. Denial of service in BIND named via malformed SIG records.