Ibm ≫ Aix

Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name.

Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."

IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.

ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.

Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors.

Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.