Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0544Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

6 documents5 sources
Severity
7.2HIGHNVD
EPSS
0.5%
top 34.52%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM AIX
Timeline
PublishedAug 6
Latest updateApr 29

Description

Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix4.3.3, 5.1, 5.2+2

Patches

Patch: www.ciac.orgPatch: www.securityfocus.comPatch: www.ciac.org

🔴Vulnerability Details

2
GHSA
GHSA-q78h-6xwh-h7pw: Multiple buffer overflows in LVM for AIX 52022-04-29
CVEList
CVE-2004-0544: Multiple buffer overflows in LVM for AIX 52004-06-10

💥Exploits & PoCs

2
Exploit-DB
AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (2)2004-03-17
Exploit-DB
AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)2003-05-30

📋Vendor Advisories

1
Red Hat
CVE-2005-1730: Multiple vulnerabilities in the OpenSSL ASN
CVE-2004-0544 — IBM AIX vulnerability | cvebase