Ibm ≫ Aix

lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

Denial of service in BIND named via malformed SIG records.

Denial of service in BIND named via naptr.

genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.

Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.

Buffer overflow in AIX ftpd in the libc library.

named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.