9 matches found
Security Bulletin: AIX is vulnerable to arbitrary code execution (CVE-2023-36328) due to tcl
Summary Vulnerability in tcl could allow a remote attacker to execute arbitrary code or cause a denial of service CVE-2023-36328. Vulnerability Details CVEID:CVE-2023-36328 DESCRIPTION: libtom libtommath is vulnerable to an integer buffer overflow, caused by improper bounds checking by mpgrow. By...
AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)
IBM SECURITY ADVISORY First Issued: Wed Apr 24 15:34:58 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpmadvisory2.asc Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM CVE-2023-7104...
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2023-2828)
Summary A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2023-2828. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details CVEID:CVE-2023-2828 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a flaw that allows the...
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924)
Summary A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service CVE-2022-3094, CVE-2022-3736, CVE-2022-3924. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details CVEID:CVE-2022-3094 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused ...
AIX is affected by a denial of service due to Python
IBM SECURITY ADVISORY First Issued: Thu Dec 22 10:15:28 CST 2022 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/pythonadvisory3.asc https://aix.software.ibm.com/aix/efixes/security/pythonadvisory3.asc...
Security Bulletin: Vulnerability in ksu affects AIX (CVE-2020-4829)
Summary There is a vulnerability in the ksu user command that affects AIX. Vulnerability Details CVEID: CVE-2020-4829 DESCRIPTION: IBM AIX could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges. CVSS Base score: 8.4 CVSS Temporal Score: See:...
tftp Security Vulnerability
IBM SECURITY ADVISORY First Issued: Wed Jul 3 09:33:57 CDT 2013 | Updated: Mon Oct 14 20:17:56 CDT 2013 | Update: Fixed vulnerable fileset levels | Update: More workarounds and CVSS Vector | Update: Includes VIOS in the vulnerability summary | Updated: Thu Dec 12 12:55:11 CST 2013 | Update: 1...
CVE-2009-0021
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...
SOL6623 - OpenSSL signature vulnerability - CVE-2006-4339
This security advisory describes an OpenSSL signature vulnerability. Forged RSA signatures may be accepted during client certificate validations when the certificates are signed by certain Certificate Authority CA. This flaw could potentially cause F5 products to accept maliciously crafted client...