Ibm Aix vulnerabilities

370 known vulnerabilities affecting ibm/aix.

Total CVEs

370

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL47HIGH177MEDIUM119LOW26

Vulnerabilities

Page 10 of 19

CVE-2007-0978HIGHCVSS 7.2v5.32007-02-16

CVE-2007-0978 [HIGH] CVE-2007-0978: Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.

nvd

CVE-2007-0670MEDIUMCVSS 4.6v5.2v5.32007-02-03

CVE-2007-0670 [MEDIUM] CWE-119 CVE-2007-0670: Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

nvd

CVE-2007-0618HIGHCVSS 7.5v5.3.02007-01-31

CVE-2007-0618 [HIGH] CVE-2007-0618: Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has u Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."

nvd

CVE-2007-0392MEDIUMCVSS 4.6v5.32007-01-19

CVE-2007-0392 [MEDIUM] CVE-2007-0392: IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which a IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

nvd

CVE-2006-6914MEDIUMCVSS 5.0v5.2.0v5.3.02006-12-31

CVE-2006-6914 [MEDIUM] CVE-2006-6914: Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensi Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.

nvd

CVE-2006-6915MEDIUMCVSS 4.0v5.2.0v5.3.02006-12-31

CVE-2006-6915 [MEDIUM] CVE-2006-6915: ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.

nvd

CVE-2006-5008CRITICALCVSS 10.0v5.2.0v5.3.02006-09-27

CVE-2006-5008 [CRITICAL] CVE-2006-5008: Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.

nvd

CVE-2006-5011HIGHCVSS 7.2v5.2.0v5.3.02006-09-27

CVE-2006-5011 [HIGH] CVE-2006-5011: Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execu Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".

nvd

CVE-2006-5009HIGHCVSS 7.2v5.2.0v5.3.02006-09-27

CVE-2006-5009 [HIGH] CVE-2006-5009: Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrar Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow.

nvd

CVE-2006-5010HIGHCVSS 7.2v5.3.02006-09-27

CVE-2006-5010 [HIGH] CVE-2006-5010: Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitr Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program.

nvd

CVE-2006-5003HIGHCVSS 7.2v5.2.0v5.3.02006-09-27

CVE-2006-5003 [HIGH] CVE-2006-5003: Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to exe Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors.

nvd

CVE-2006-5006HIGHCVSS 7.2v5.2.0v5.3.02006-09-27

CVE-2006-5006 [HIGH] CVE-2006-5006: Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code vi Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.

nvd

CVE-2006-5005HIGHCVSS 7.2v5.2.0v5.3.02006-09-27

CVE-2006-5005 [HIGH] CVE-2006-5005: Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to exe Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

nvd

CVE-2006-5007MEDIUMCVSS 4.6v5.2.0v5.3.02006-09-27

CVE-2006-5007 [MEDIUM] CVE-2006-5007: Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local u Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.

nvd

CVE-2006-5004LOWCVSS 2.1v5.2.0v5.3.02006-09-27

CVE-2006-5004 [LOW] CVE-2006-5004: Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to over Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.

nvd

CVE-2006-4522HIGHCVSS 7.2v5.2v5.32006-09-01

CVE-2006-4522 [HIGH] CVE-2006-4522: Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary c Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code with root privileges via unspecified vectors.

nvd

CVE-2006-4416HIGHCVSS 7.2v5.1v5.2+1 more2006-08-28

CVE-2006-4416 [HIGH] CVE-2006-4416: Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.

nvd

CVE-2006-4254HIGHCVSS 7.5PoCv5.1v5.2+1 more2006-08-21

CVE-2006-4254 [HIGH] CVE-2006-4254: Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain pri Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2006-2647HIGHCVSS 7.2v5.1v5.2+1 more2006-05-30

CVE-2006-2647 [HIGH] CVE-2006-2647: Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

nvd

CVE-2006-1247LOWCVSS 3.3v5.1v5.1l+11 more2006-04-19

CVE-2006-1247 [LOW] CWE-59 CVE-2006-1247: rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitr rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

nvd

← Previous10 / 19Next →