CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

According to its self-reported version, the Inventory Scout install on the remote host is a version prior to 2.2.0.19. It, therefore, could allow a local user to delete arbitrary files or have Inventory Scout operations operate on arbitrary files using a symlink attack. C Tenable Network Security...

4CVSS5.8AI score0.00024EPSS

Exploits0References3

Prion•added 2012/01/04 3:55 a.m.•15 views

Design/Logic Flaw

The 1 bin/invscoutClientVPDSurvey and 2 sbin/invscoutlsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file...

4CVSS6.7AI score0.00024EPSS

Exploits0References6Affected Software1

Cvelist•added 2007/10/06 9:0 p.m.•17 views

CVE-2004-2697

The Inventory Scout daemon invscoutd 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument log file. NOTE: this might be related to CVE-2006-5002...

6.5AI score0.00727EPSS

Exploits1References6

CVE•added 2007/10/06 9:0 p.m.•45 views

CVE-2004-2697

Technical details for CVE-2004-2697 are not publicly available in the provided documents; monitor for updates.

6.9CVSS7.1AI score0.00727EPSS

Exploits1References6Affected Software1

NVD•added 2007/09/10 9:17 p.m.•13 views

CVE-2007-4798

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix"...

6.6CVSS6.1AI score0.0005EPSS

Exploits0References8

Prion•added 2007/09/10 9:17 p.m.•15 views

Design/Logic Flaw

6.6CVSS6.5AI score0.0005EPSS

Exploits0References8Affected Software1

Cvelist•added 2007/09/10 9:0 p.m.•17 views

CVE-2007-4798

6.1AI score0.0005EPSS

Exploits0References8

seebug.org•added 2007/09/07 12:0 a.m.•16 views

IBM AIX Inventory Scout本地拒绝服务漏洞

IBM AIX是一款商业性质的操作系统。 IBM AIX invscout代码存在访问验证问题，本地攻击者可以利用漏洞删除重要系统文件进行拒绝服务攻击。 invscout用于执行Inventory Scout进程的独立运行版本的实例。目前没有详细漏洞细节提供。 IBM AIX 5.3 IBM AIX 5.2 采用如下补丁： IBM AIX 5.2 IBM invscoutifix.tar.Z ftp://aix.software.ibm.com/aix/efixes/security/invscoutifix.tar.Z IBM AIX 5.3 IBM invscoutifix.tar....

6.9AI score

Exploits0

seebug.org•added 2006/10/27 12:0 a.m.•290 views

IBM AIX Inventory Scout本地任意文件覆盖漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的invscoutClientVPDSurvey在执行重要产品数据库调查时存在错误，可能允许本地攻击者覆盖任意文件的内容从而导致拒绝服务。 IBM AIX 5.3 IBM AIX 5.2 临时解决方法：如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁：删除invscoutClientVPDSurvey的setuid位： chmod 555 /opt/IBMinvscout/bin/invscoutClientVPDSurvey 厂商补丁： IBM ---...

6.9AI score

Exploits0

securityvulns•added 2006/09/28 12:0 a.m.•35 views

IBM AIX utilities multiple security vulnerabilities

Xclock buffer overflow; utape, cfgmgr, rdist, uucp, snappd, named8 and mkvg privilege escalation; slip.login and Inventory Scout arbitrary file overwrite...

3.2AI score

Exploits0References10Affected Software1

NVD•added 2006/09/27 1:7 a.m.•15 views

CVE-2006-5002

Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 invscoutClientVPDSurvey allows attackers to overwrite arbitrary files via unspecified vectors...

5CVSS6.4AI score0.00596EPSS

Exploits0References8

CVE•added 2006/09/27 1:0 a.m.•42 views

CVE-2006-5002

CVE-2006-5002 affects IBM Inventory Scout for AIX 2.2.0.0–2.2.0.9 (invscoutClient_VPD_Survey). The vulnerability description states an unspecified flaw that allows attackers to overwrite arbitrary files via unspecified vectors, with partial integrity impact reported in CVSS data. Connected source...

5CVSS6.4AI score0.00596EPSS

Exploits0References8Affected Software1

Cvelist•added 2006/09/27 1:0 a.m.•16 views

CVE-2006-5002

Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 invscoutClientVPDSurvey allows attackers to overwrite arbitrary files via unspecified vectors...

6.4AI score0.00596EPSS

Exploits0References8

securityvulns•added 2006/09/26 12:0 a.m.•42 views

[SA22062] IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability

TITLE: IBM AIX Inventory Scout Arbitrary File Overwrite Vulnerability SECUNIA ADVISORY ID: SA22062 VERIFY ADVISORY: http://secunia.com/advisories/22062/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: ...

1AI score

Exploits0

NVD•added 2004/12/31 5:0 a.m.•15 views

CVE-2004-2697

6.9CVSS6.5AI score0.00727EPSS

Exploits1References6

securityvulns•added 2004/07/14 12:0 a.m.•32 views

[EXPL] IBM AIX Inventory Scout Log File Vulnerability (invscoutd)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Exploits0

securityvulns•added 2004/07/14 12:0 a.m.•29 views

IBM AIX Inventory Scout symbolic links problem

Unsafe temporary dirs usage...

3.2AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by