115 matches found
CVE-2017-1541
A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809...
The vulnerability of the AIX operating system, which allows a perpetrator to increase their privileges
The vulnerability of the AIX operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious individual to enhance their privileges locally...
CVE-2016-8972
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011...
CVE-2016-5985
The IBM Tivoli Storage Manager IBM Spectrum Protect AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash...
IBM AIX lquerylv Local Privilege Vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM. A local privilege exploit exists in the lquerylv program in several versions of IBM AIX, which can be exploited by an attacker to execute arbitrary code and gain administrator privileges...
IBM AIX Local Elevation of Privilege Vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM. A local elevation of privilege vulnerability exists in several versions of IBM AIX, which can be exploited by attackers to execute arbitrary code and gain administrator privileges...
IBM Tivoli Lightweight Infrastructure Directory Traversal Vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM in the U.S. IBM Tivoli Lightweight Infrastructure also known as LWI is a lightweight architecture. A directory traversal vulnerability exists in Eclipse Help in IBM Tivoli LWI used in IBM AIX versions 5.3, 6.1 and...
CVE-2016-0281
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumboframes feature is not enabled, allows remote attackers to cause a denial of service FC1763 or FC5899 adapter crash via crafted packets...
IBM AIX Information Disclosure Vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM. A remote information disclosure vulnerability exists in IBM AIX. A remote attacker could exploit this vulnerability to obtain sensitive information...
The vulnerability of the AIX operating system, which allows a perpetrator to increase their privileges
The vulnerability of the netstat component in the AIX operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow an attacker, who operates locally, to increase their privileges...
CVE-2015-4948
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors...
AIX 4.3.3/5.x Getlvcb Command Line Argument Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of t...
AIX 5.2 - 'netpmon' Local Privilege Escalation
/ IBM AIX netpmon elevated privileges exploit I just wanted to play with PowerPC Tested on 5.2 intropy intropy caughq.org / include include include include define DEBUG 1 define BUFFERSIZE 2048 define EGGSIZE 2048 define NOP 0x60 define ADDRESS 0x2ff22fff-BUFFERSIZE/2 char shellcodebinsh =...
AIX 5.1 < 5.3 - paginit Local Stack Overflow
/ exploit for /usr/bin/paginit tested on: AIX 5.2 if the exploit fails it's because the shellcode ends up at a different address. use dbx to check, and change RETADDR accordingly. cees-bart / define RETADDR 0x2ff22c90 char shellcode = "\x7c\xa5\x2a\x79" "\x40\x82\xff\xfd" "\x7c\xa8\x02\xa6"...
CVE-2002-1548
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."...
AIX Technology Level Out of Date
The remote AIX operating system is lagging behind its official Technology Level TL and may therefore be missing critical security patches. NOTE: Findings may be affected by an extended support contract. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
PT-2004-1397 · Ibm · Aix
Name of the Vulnerable Software and Affected Versions: AIX versions 4.3.3 through 5.1 Description: The issue allows remote attackers to guess the password via brute force methods when direct remote login is disabled. This occurs because AIX displays a different message if the password is correct...
CVE-2003-0087
Buffer overflow in libIM library libIM.a for National Language Support NLS on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm...
IBM AIX 4.3.35.15.2 - libIM Buffer Overflow
IBM AIX 4.3.35.15.2 - libIM Buffer Overflow source: https://www.securityfocus.com/bid/6840/info A buffer overflow vulnerability has been discovered in the libIM library available for the AIX 4.3, 5.1, 5.2 operating system. As a result it may be possible to overwrite sensitive memory in programs...
ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure
Overview A vulnerability in the ypxfrd daemon may allow a local attacker to read arbitrary files on the vulnerable system. Description Janusz Niewiadomski, of iSEC, discovered this vulnerability and produced the following advisory.Issue: ====== Improper arguments validation in ypxfrd may allow...