Ibm Aix vulnerabilities

370 known vulnerabilities affecting ibm/aix.

Total CVEs

370

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL47HIGH177MEDIUM119LOW26

Vulnerabilities

Page 8 of 19

CVE-2008-1274MEDIUMCVSS 6.9v6.1.02008-03-10

CVE-2008-1274 [MEDIUM] CVE-2008-1274: Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.

nvd

CVE-2008-0588HIGHCVSS 7.2v5.2v5.32008-02-05

CVE-2008-0588 [HIGH] CWE-264 CVE-2008-0588: Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local u Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2008-0586HIGHCVSS 7.2v5.2v5.32008-02-05

CVE-2008-0586 [HIGH] CWE-119 CVE-2008-0586: Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecifie Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh.

nvd

CVE-2008-0584HIGHCVSS 7.2v5.2v5.32008-02-05

CVE-2008-0584 [HIGH] CWE-264 CVE-2008-0584: Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privil Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs.

nvd

CVE-2008-0587HIGHCVSS 7.2v5.2v5.32008-02-05

CVE-2008-0587 [HIGH] CWE-119 CVE-2008-0587: Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2008-0589MEDIUMCVSS 4.9v5.2v5.3+1 more2008-02-05

CVE-2008-0589 [MEDIUM] CWE-200 CVE-2008-0589: The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitiv The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors.

nvd

CVE-2008-0585MEDIUMCVSS 6.6v5.2v5.32008-02-05

CVE-2008-0585 [MEDIUM] CWE-264 CVE-2008-0585: sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM R sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM Remote Client files, which allows local users to "alter the behavior of" this client by overwriting these files.

nvd

CVE-2008-0509MEDIUMCVSS 4.4v4.32008-01-31

CVE-2008-0509 [MEDIUM] CWE-119 CVE-2008-0509: Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.

nvd

CVE-2007-5764HIGHCVSS 7.2v5.2v5.3+1 more2008-01-25

CVE-2007-5764 [HIGH] CWE-119 CVE-2007-5764: Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local user Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

nvd

CVE-2007-6680LOWCVSS 2.1v6.12008-01-10

CVE-2007-6680 [LOW] CVE-2007-6680: Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy.

nvd

CVE-2007-4621HIGHCVSS 7.2v5.22007-11-05

CVE-2007-4621 [HIGH] CWE-119 CVE-2007-4621: Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command lin Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.

nvd

CVE-2007-4623HIGHCVSS 7.2v5.2v5.32007-11-05

CVE-2007-4623 [HIGH] CWE-119 CVE-2007-4623: Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.

nvd

CVE-2007-4217HIGHCVSS 7.2v5.2v5.32007-11-05

CVE-2007-4217 [HIGH] CWE-119 CVE-2007-4217: Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.

nvd

CVE-2007-4622HIGHCVSS 7.2v5.22007-11-05

CVE-2007-4622 [HIGH] CWE-189 CVE-2007-4622: Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure. Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig.

nvd

CVE-2007-4513HIGHCVSS 7.2v5.2v5.32007-11-05

CVE-2007-4513 [HIGH] CWE-119 CVE-2007-4513: Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges vi Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.

nvd

CVE-2007-5804MEDIUMCVSS 6.9v5.2v5.32007-11-05

CVE-2007-5804 [MEDIUM] CVE-2007-5804: cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.

nvd

CVE-2007-5805MEDIUMCVSS 6.9v5.2v5.32007-11-05

CVE-2007-5805 [MEDIUM] CWE-59 CVE-2007-5805: cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.

nvd

CVE-2007-4796HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4796 [HIGH] CWE-119 CVE-2007-4796: Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2007-4794HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4794 [HIGH] CWE-119 CVE-2007-4794: Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

nvd

CVE-2007-4797HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4797 [HIGH] CWE-119 CVE-2007-4797: Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors.

nvd

← Previous8 / 19Next →