AIX : Multiple Vulnerabilities (IJ57128)

The version of AIX installed on the remote host is prior to APAR IJ57128. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ57128 advisory. - A flaw was identified in the X.Org X server's X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap...

AIX (IJ57291)

The version of AIX installed on the remote host is prior to APAR IJ57291. It is, therefore, affected by a vulnerability as referenced in the IJ57291 advisory. - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

Security Bulletin: AIX/VIOS is vulnerable to potential code execution (CVE-2025-61984, CVE-2025-61985) due to OpenSSH

Summary Vulnerabilities in OpenSSH could allow an attacker to execute code CVE-2025-61984, CVE-2025-61985. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2025-61984 DESCRIPTION: ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain...

EUVD-1999-0676

Malware in sbrugna...

How to Configure NFSv4 on IBM AIX

Purpose This article documents steps to enable NFSv4 on IBM AIX to enable backup mount support for Veeam Agent for IBM AIX introduced with Veeam Backup & Replication 13. Solution Part 1: Configure the Host Resolution 1. Open the /etc/netsvc.conf file. 2. Ensure that the hosts parameter is set to...

CVE-1999-0694

Denial of service in AIX ptrace system call allows local users to crash the system...

Vulnerability in AIX system call

IBM SECURITY ADVISORY First Issued: Thu Jul 26 12:59:02 CDT 2012 | Update: Wed Oct 24 8:49:40 CDT 2012 | Update: Updated interim fix file names | Update: New ifixes for the latest SP's | Updated: Thu Dec 12 12:55:11 CST 2013 | Update: 1. Added KEYs for parsing purposes | 2. Moved to OpenSSL...

CVE-2003-1018

Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors...

AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflo...

IBM AIX line printer daemon contains a buffer overflow in send_status()

Overview The Line Printer daemon lpd shipped with AIX systems contains a buffer overflow in sendstatus that potentially allow a malicious remote user to gain root privileges. Description A buffer overflow exists in the sendstatus function of the line printer daemon lpd on AIX systems. An intruder...

aix-snmp.txt

Following on from Michael Zalewski's recent SNMP post, here's an issue i noted on two AIX systems. NOTE: This was seen on both AIX 4.3 and 4.2. It appears that on the above releases of AIX, the SNMP daemon is enabled by default and two community names are enabled with read/write privileges. The...

PT-1997-1048 · Ibm · Aix

Name of the Vulnerable Software and Affected Versions: AIX affected versions not specified Description: The issue allows local users to gain additional group privileges through the piodmgrsu command. Recommendations: At the moment, there is no information about a newer version that contains a fix...