CVE-2009-4361

Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service application crash or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information...

EUVD-2007-6644

Malware in sbrugna...

CVE-2009-0779

Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."...

Security Bulletin: Elevated privileges vulnerability in Connect:Direct for UNIX on AIX 6.1 and above (CVE-2013-2989)

Abstract A user who has been successfully authenticated by Connect:Direct for UNIX executes Connect:Direct’s file copying functionality with elevated file system privileges. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2989 DESCRIPTION: A user who has been successfully authenticated by...

Xorg X11 Server Local Privilege Escalation Exploit

This Metasploit module has been tested with AIX 7.1 and 7.2, and should also work with 6.1. Due to permission restrictions of the crontab in AIX, this module does not use cron, and instead overwrites /etc/passwd in order to create a new user with root privileges. All currently logged in users nee...

AIX 6.1 TL 9 : solaris (IJ10134)

https://vulners.com/cve/CVE-2017-3623 https://vulners.com/cve/CVE-2017-3623 An unspecified vulnerability in Oracle Sun Systems related to the Solaris Kernel RPC component could allow an unauthenticated attacker to take control of the system. C Tenable Network Security, Inc. The text in the...

AIX 6.1 TL 9 : freebsd (IJ09619)

https://vulners.com/cve/CVE-2018-6922 https://vulners.com/cve/CVE-2018-6922 FreeBSD is vulnerable to a denial of service, caused by the use of an inefficient TCP reassembly algorithm. By sending specially-crafted TCP traffic, a remote attacker could exploit this vulnerability to consume all...

IBM AIX rmsock SetUID Binary Information Leak

Summary An exploitable kernel memory leak vulnerability is exposed by the rmsock setUID functionality of IBM AIX 6.1 and IBM AIX 7.1. A specially crafted command line can cause a kernel memory leak, resulting in uninitialized kernel memory being exposed. An attacker can execute rmuser with an...

Vulnerability in rmsock affects AIX (CVE-2018-1655),Vulnerability in rmsock affects VIOS (CVE-2018-1655)

IBM SECURITY ADVISORY First Issued: Thu Jun 21 14:07:15 CDT 2018 |Updated: Tue Jul 3 08:09:45 CDT 2018 |Update: Additional iFixes are now available. Additional iFixes are now available | for: | AIX 6100-09-09 and 6100-09-10 | AIX 7100-04-04 and 7100-04-05 | AIX 7100-05-00 and 7100-05-01 | AIX...

Vulnerability in OpenSSL affects AIX (CVE-2018-0739)

IBM SECURITY ADVISORY First Issued: Mon Apr 30 11:00:38 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory26.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory26.asc...

Design/Logic Flaw

A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117...

AIX 6.1 TL 9 : aixbase (IJ02726)

https://vulners.com/cve/CVE-2018-1383 https://vulners.com/cve/CVE-2018-1383 A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. C Tenable Network Security, Inc. The...

AIX 6.1 TL 9 : spectre_meltdown (IJ03030) (Meltdown) (Spectre)

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. C Tenable Network Security, Inc. The text in the description was extracted from AIX...

AIX 6.1 TL 9 : tcpdump (IV94728)

Vulnerabilities in tcpdump affect AIX : https://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an...

AIX 6.1 TL 9 : bind (IV93361) (deprecated)

https://vulners.com/cve/CVE-2016-9131 https://vulners.com/cve/CVE-2016-9131 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses during recursion. By sending a malformed response to a RTYPE ANY query, a remote attacker could exploit this vulnerability to...

CVE-2016-6079

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053...

AIX 6.1 TL 9 : ntp (IV91803) (deprecated)

NTPv3 and NTPv4 are vulnerable to : https://vulners.com/cve/CVE-2016-7427 NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention functionality. By sending specially crafted NTP packets, a local attacker could exploit this vulnerability to cause a denial o...

IBM AIX 6.1 / 7.1 / 7.2 Bellmail Privilege Escalation

!/usr/bin/sh CVE-2016-8972/bellmailroot.sh: IBM AIX Bellmail local root Affected versions: AIX 6.1, 7.1, 7.2 VIOS 2.2.x Fileset Lower Level Upper Level KEY --------------------------------------------------------- bos.net.tcp.client 6.1.9.0 6.1.9.200 keywfs bos.net.tcp.client 7.1.3.0 7.1.3.47...

AIX 6.1 TL 9 : bellmail (IV91006) (deprecated)

https://vulners.com/cve/CVE-2016-8972 https://vulners.com/cve/CVE-2016-8972 IBM AIX could allow a local user to gain root privileges using a specially crafted command within the bellmail client. This plugin has been deprecated to better accommodate iFix supersedence with replacement plugin...

AIX 6.1 TL 9 : bind (IV91254) (deprecated)

https://vulners.com/cve/CVE-2016-8864 https://vulners.com/cve/CVE-2016-8864 ISC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this...