Some versions of wu-ftpd hosted on the vendor's FTP site were found to contain a backdoor. The Trojaned code allowed a knowledgeable attacker to supply a backdoor password for any account other than 'anonymous'. This includes user accounts or even the 'root' account. Using this backdoor, an attacker could gain elevated privileges to the remote host.
AIX contains a flaw that may allow a local user to gain root privileges. The issue is due to rmail allowing a user to set an environment variable (IFS) to / temporarily. With this internal field separator changed,an invocation of rmail will cause the temporary SUID shell to be executed. This may allow a local attacker to gain escalated privileges.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.