Total vulnerabilities in the database
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
| Software | From | Fixed in |
|---|---|---|
| hp / nfs/oncplus | - | b.11.31_09.x |
| ibm / aix | 4.3.2 | 4.3.2.x |
| ibm / aix | 4.3 | 4.3.x |
| ibm / aix | 4 | 4.x |
| ibm / aix | 5.2.0.50 | 5.2.0.50.x |
| ibm / aix | 4.2.1 | 4.2.1.x |
| ibm / aix | 3.2.5 | 3.2.5.x |
| ibm / aix | - | 5.3.x |
| ibm / aix | 3.2.4 | 3.2.4.x |
| ibm / aix | 4.1.4 | 4.1.4.x |
| ibm / aix | 4.2.1.12 | 4.2.1.12.x |
| ibm / aix | 4.2 | 4.2.x |
| ibm / aix | 4.1.5 | 4.1.5.x |
| ibm / aix | 1.2.1 | 1.2.1.x |
| ibm / aix | 4.3.0 | 4.3.0.x |
| ibm / aix | 430 | 430.x |
| ibm / aix | 5.2 | 5.2.x |
| ibm / aix | 5.2_l | 5.2_l.x |
| ibm / aix | 5.2.0.54 | 5.2.0.54.x |
| ibm / aix | 6.1 | 6.1.x |
| ibm / aix | 3.2.0 | 3.2.0.x |
| ibm / aix | 4.0 | 4.0.x |
| ibm / aix | 4.3.3 | 4.3.3.x |
| ibm / aix | 3.1 | 3.1.x |
| ibm / aix | 4.1.1 | 4.1.1.x |
| ibm / aix | 4.2.0 | 4.2.0.x |
| ibm / aix | 5.2.0 | 5.2.0.x |
| ibm / aix | 5.2.2 | 5.2.2.x |
| ibm / aix | 2.2.1 | 2.2.1.x |
| ibm / aix | 5.1.0.10 | 5.1.0.10.x |
| ibm / aix | 4.1.2 | 4.1.2.x |
| ibm / aix | 4.3.1 | 4.3.1.x |
| ibm / aix | 5.1l | 5.1l.x |
| ibm / aix | 4.1 | 4.1.x |
| ibm / aix | 4.1.3 | 4.1.3.x |
| ibm / aix | 1.3 | 1.3.x |
| ibm / aix | 5.1 | 5.1.x |
| ibm / aix | 3.2 | 3.2.x |
| ibm / vios | 2.1 | 2.1.x |
| ibm / vios | - | 1.5.x |
| ibm / vios | 1.4 | 1.4.x |
| sgi / irix | 6.5 | 6.5.x |