Ibm Vios vulnerabilities

87 known vulnerabilities affecting ibm/vios.

Total CVEs
87
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH34MEDIUM42LOW4

Vulnerabilities

Page 5 of 5
CVE-2012-0745HIGHCVSS 7.2v2.1.0.10v2.1.2.12+9 more2012-05-04
CVE-2012-0745 [HIGH] CWE-264 CVE-2012-0745: The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not proper The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
nvd
CVE-2011-1385HIGHCVSS 7.8v2.1.0.0v2.1.2.10+10 more2012-03-02
CVE-2011-1385 [HIGH] CWE-399 CVE-2011-1385: IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of se IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
nvd
CVE-2010-3405MEDIUMCVSS 6.8v1.5v2.12010-09-16
CVE-2010-3405 [MEDIUM] CWE-119 CVE-2010-3405: Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
nvd
CVE-2010-1039CRITICALCVSS 10.0PoC≤ 1.5v1.4+1 more2010-05-20
CVE-2010-1039 [CRITICAL] CWE-134 CVE-2010-1039: Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid direct
nvd
CVE-2010-0960HIGHCVSS 7.2v2.12010-03-10
CVE-2010-0960 [HIGH] CWE-119 CVE-2010-0960: Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to ga Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.
nvd
CVE-2010-0961HIGHCVSS 7.2v2.12010-03-10
CVE-2010-0961 [HIGH] CWE-119 CVE-2010-0961: Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to g Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.
nvd
CVE-2009-3699CRITICALCVSS 10.0PoC≤ 2.1.0v1.4+3 more2009-10-15
CVE-2009-3699 [CRITICAL] CWE-119 CVE-2009-3699: Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3 Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
nvd
← Previous5 / 5