| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. |
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable. |
| Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |
| Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename. |
| IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Buffer overflow in statd allows root privileges. |
| Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. |
| Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Command execution in Sun systems via buffer overflow in the at program. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. |
