117 matches found
EUVD-2016-7013
Malware in sbrugna...
Security Bulletin: AIX is vulnerable to a privilege escalation vulnerability (CVE-2022-34356)
Summary UPDATED Oct 10 Added iFixes with the correct prereqs for VIOS 3.1.2.30 and 3.1.2.40: A vulnerability in the AIX kernel could allow a non-privileged local user to obtain root privileges CVE-2022-34356. Vulnerability Details CVEID:CVE-2022-34356 DESCRIPTION: IBM AIX could allow a...
Security Bulletin: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service (CVE-2022-35643)
Summary A vulnerability in IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or cause a denial of service CVE-2022-35643. Vulnerability Details CVEID:CVE-2022-35643 DESCRIPTION: IBM PowerVM VIOS could allow a remote attacker to tamper with system configuration or...
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2024-25062. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. Whe...
AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
IBM SECURITY ADVISORY First Issued: Wed May 8 16:18:28 CDT 2024 |Updated: Tue Jun 4 15:20:02 CDT 2024 |Update: iFix added for VIOS 3.1.4.31. The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2advisory6.asc Security Bulletin: AIX is...
AIX is vulnerable to privilege escalation (CVE-2024-27273)
IBM SECURITY ADVISORY First Issued: Mon May 6 08:12:16 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/kerneladvisory7.asc Security Bulletin: AIX is vulnerable to privilege escalation CVE-2024-27273...
Security Bulletin: AIX is vulnerable to privilege escalation and denial of service (CVE-2023-45166, CVE-2023-45174, CVE-2023-45170)
Summary UPDATED Feb 2 2024 New iFixes are available. The new iFixes resolve a technical issue with print queue status. Both sets of iFixes new and original resolve the security vulnerabilities described in the bulletin. The new iFixes are only needed if you experience the technical issue describe...
Security Bulletin: AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)
Summary Vulnerability in sendmail could allow a remote attacker to spoof an email CVE-2023-51765. Vulnerability Details CVEID:CVE-2023-51765 DESCRIPTION: Proofpoint sendmail is vulnerable to SMTP smuggling, caused by improper handling of line endings . in an email message. By sending a specially...
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795)
Summary UPDATED May 17 Corrected the affected fileset levels for AIX 7.2 TL5 and removed bos.net.tcp.bind 7.2.5.200.: A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795. AIX uses ISC BIND as part of i...
Security Bulletin: AIX is vulnerable to denial of service vulnerabilities
Summary UPDATED: Additional iFixes are now available for AIX 7.2 TL5 SP5, 7.3 TL0 SP2, 7.3 TL0 SP3, 7.3 TL1 SP1, and VIOS 3.1.3.21, 3.1.3.30, and 3.1.4.10. Both the original and new iFixes address the kernel security vulnerabilities mentioned in the bulletin, but the new iFixes also address the...
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2023-3341)
Summary A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2023-3341 AIX uses ISC BIND as part of its DNS functions. Vulnerability Details CVEID:CVE-2023-3341 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a stack exhaustion flaw in...
Security Bulletin: AIX is vulnerable to denial of service due to AIXWindows (CVE-2023-45172)
Summary A vulnerability in AIXwindows could allow a non-privileged local user to cause a denial of service CVE-2023-45172. Vulnerability Details CVEID:CVE-2023-45172 DESCRIPTION: IBM AIX could allow a non-privileged local user to exploit a vulnerability in AIXwindows to cause a denial of service...
AIX is vulnerable to denial of service due to AIXWindows
IBM SECURITY ADVISORY First Issued: Mon Dec 18 09:23:16 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/aixwindowsadvisory.asc Security Bulletin: AIX is vulnerable to denial of service due to AIXWindows CVE-2023-45172...
AIX is vulnerable to denial of service due to ISC BIND
IBM SECURITY ADVISORY First Issued: Mon Dec 18 09:19:46 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/bindadvisory25.asc Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND CVE-2023-3341...
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824)
Summary UPDATED Dec 12 2022 Added iFixes for AIX 7.2 TL5 SP5 and VIOS 3.1.4.10: A vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2022-29824. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2022-29824 DESCRIPTION: GNOM...
AIX is vulnerable to a denial of service due to libxml2
IBM SECURITY ADVISORY First Issued: Tue Jul 25 11:08:32 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2advisory5.asc Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 CVE-2023-29469 and...
Security Bulletin: IBM HTTP Server is vulnerable to information disclosure due to IBM GSKit (CVE-2023-32342)
Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to information disclosure due to IBM GSKit which is used for SSL connections. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote...
Security Bulletin: Vulnerabilities in Apache Shiro (CVE-2022-40664) and Apache Commons FileUpload (CVE-2023-24998) affect IBM WebSphere Service Registry and Repository.
Summary A bypass security restrictions vulnerability in Apache Shiro CVE-2022-40664 and a denial of service vulnerability in Apache Commons File Upload CVE-2023-24998 affect IBM WebSphere Service Registry and Repository. Vulnerability Details CVEID:CVE-2022-40664 DESCRIPTION: Apache Shiro could...
AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient
IBM SECURITY ADVISORY First Issued: Thu Apr 13 13:44:57 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/commonshttpadvisory.asc Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient...
AIX is vulnerable to arbitrary command execution
IBM SECURITY ADVISORY First Issued: Wed Apr 12 12:36:51 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/librtsadvisory.asc Security Bulletin: AIX is vulnerable to arbitrary command execution CVE-2023-26286...