Ibm Aix vulnerabilities

370 known vulnerabilities affecting ibm/aix.

Total CVEs

370

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL47HIGH177MEDIUM119LOW26

Vulnerabilities

Page 9 of 19

CVE-2007-4795HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4795 [HIGH] CWE-119 CVE-2007-4795: Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privi Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

nvd

CVE-2007-4792HIGHCVSS 7.2v5.32007-09-10

CVE-2007-4792 [HIGH] CWE-119 CVE-2007-4792: Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain pri Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2007-4791HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4791 [HIGH] CVE-2007-4791: Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users t Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

nvd

CVE-2007-4793HIGHCVSS 7.2v5.2v5.32007-09-10

CVE-2007-4793 [HIGH] CWE-119 CVE-2007-4793: Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privile Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2007-4798MEDIUMCVSS 6.6v5.2v5.32007-09-10

CVE-2007-4798 [MEDIUM] CWE-264 CVE-2007-4798: Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allo Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

nvd

CVE-2007-4799MEDIUMCVSS 4.9v5.32007-09-10

CVE-2007-4799 [MEDIUM] CWE-264 CVE-2007-4799: The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when proces The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

nvd

CVE-2007-4355HIGHCVSS 7.2v5.32007-08-15

CVE-2007-4355 [HIGH] CVE-2007-4355: Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecifi Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2007-4354HIGHCVSS 7.2v5.2v5.32007-08-15

CVE-2007-4354 [HIGH] CVE-2007-4354: Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain pri Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

nvd

CVE-2007-4353MEDIUMCVSS 6.9v5.2v5.32007-08-15

CVE-2007-4353 [MEDIUM] CVE-2007-4353: Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.

nvd

CVE-2007-4236MEDIUMCVSS 6.9v5.2v5.32007-08-08

CVE-2007-4236 [MEDIUM] CVE-2007-4236: Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group p Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.

nvd

CVE-2007-4228MEDIUMCVSS 4.7v4.32007-08-08

CVE-2007-4228 [MEDIUM] CVE-2007-4228: rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port lo rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument.

nvd

CVE-2007-4238MEDIUMCVSS 6.9v5.2v5.32007-08-08

CVE-2007-4238 [MEDIUM] CVE-2007-4238: AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.

nvd

CVE-2007-4237MEDIUMCVSS 6.9v5.2v5.32007-08-08

CVE-2007-4237 [MEDIUM] CVE-2007-4237: Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows loc Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.

nvd

CVE-2007-4003MEDIUMCVSS 6.9PoCv5.32007-07-26

CVE-2007-4003 [MEDIUM] CVE-2007-4003: pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious lib pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument.

nvd

CVE-2007-4004MEDIUMCVSS 6.9PoCv5.2.0v5.32007-07-26

CVE-2007-4004 [MEDIUM] CWE-119 CVE-2007-4004: Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitra Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.

nvd

CVE-2007-3333MEDIUMCVSS 6.9PoCv5.2.0v5.32007-07-26

CVE-2007-3333 [MEDIUM] CWE-119 CVE-2007-3333: Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execu Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences.

nvd

CVE-2007-3680HIGHCVSS 7.2v5.2.0v5.3.02007-07-11

CVE-2007-3680 [HIGH] CWE-119 CVE-2007-3680: Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allo Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.

nvd

CVE-2007-2996MEDIUMCVSS 6.6v5.2v5.32007-06-04

CVE-2007-2996 [MEDIUM] CVE-2007-2996: Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."

nvd

CVE-2007-2995MEDIUMCVSS 4.3v5.2.0v5.32007-06-04

CVE-2007-2995 [MEDIUM] CVE-2007-2995: Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and atta Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.

nvd

CVE-2007-1798HIGHCVSS 7.2v5.2v5.32007-04-02

CVE-2007-1798 [HIGH] CVE-2007-1798: Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name.

nvd

← Previous9 / 19Next →