Aix Security Vulnerabilities and Issues — Page 8 of Aix CVE List

Lucene search

IbmAix

387 matches found

CVE•added 2010/03/10 10:30 p.m.•34 views

CVE-2010-0961

Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00069EPSS

CVE•added 2002/10/04 4:0 a.m.•33 views

CVE-2002-1041

Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

5CVSS7AI score0.0061EPSS

CVE•added 2005/08/16 4:0 a.m.•33 views

CVE-2004-2388

rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.

10CVSS6.8AI score0.01008EPSS

CVE•added 2006/08/28 8:4 p.m.•33 views

CVE-2006-4416

Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.

7.2CVSS6.5AI score0.00081EPSS

CVE•added 2006/09/27 1:7 a.m.•33 views

CVE-2006-5007

Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.

4.6CVSS6.4AI score0.0008EPSS

CVE•added 2007/09/10 9:17 p.m.•33 views

CVE-2007-4793

Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00051EPSS

CVE•added 2008/01/25 1:0 a.m.•33 views

CVE-2007-5764

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

7.2CVSS6.3AI score0.0007EPSS

CVE•added 2008/02/05 3:0 a.m.•33 views

CVE-2008-0587

Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.00055EPSS

CVE•added 2008/02/05 3:0 a.m.•33 views

CVE-2008-0589

The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors.

4.9CVSS5.3AI score0.00054EPSS

CVE•added 2008/03/31 11:44 p.m.•33 views

CVE-2008-1596

Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability th...

7.2CVSS6.2AI score0.00066EPSS

CVE•added 2010/09/16 9:0 p.m.•33 views

CVE-2010-3406

Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors.

1.7CVSS5.9AI score0.00055EPSS

CVE•added 2011/10/05 2:56 a.m.•33 views

CVE-2011-3982

The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs.

2.1CVSS6.2AI score0.00069EPSS

CVE•added 2023/12/19 11:15 p.m.•33 views

CVE-2023-45172

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970.

6.2CVSS5.6AI score0.00016EPSS

CVE•added 2024/01/11 2:15 a.m.•33 views

CVE-2023-45173

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. IBM X-Force ID: 267971.

6.2CVSS5AI score0.00025EPSS

CVE•added 2002/03/09 5:0 a.m.•32 views

CVE-2001-0573

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.

4.6CVSS6.5AI score0.00077EPSS

CVE•added 2002/08/12 4:0 a.m.•32 views

CVE-2002-0745

Buffer overflow in uucp in AIX 4.3.3.

10CVSS7.3AI score0.00609EPSS

CVE•added 2005/12/15 10:3 p.m.•32 views

CVE-2005-4271

Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.

7.2CVSS7.5AI score0.00051EPSS

CVE•added 2006/09/27 1:7 a.m.•32 views

CVE-2006-5003

Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors.

7.2CVSS7.4AI score0.00035EPSS

CVE•added 2007/09/10 9:17 p.m.•32 views

CVE-2007-4791

Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

7.2CVSS6.5AI score0.04466EPSS

CVE•added 2007/09/10 9:17 p.m.•32 views

CVE-2007-4792

Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00051EPSS

CVE•added 2008/03/31 11:44 p.m.•32 views

CVE-2008-1593

The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly protect kernel memory, which allows local users to read and modify portions of memory and gain privileges via unspecified vectors involving a restart of a 64-bit process, probably related to the as_getad...

7.2CVSS6.1AI score0.00066EPSS

CVE•added 2008/03/31 11:44 p.m.•32 views

CVE-2008-1598

The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors.

4.7CVSS5.7AI score0.00063EPSS

CVE•added 2008/03/31 11:44 p.m.•32 views

CVE-2008-1601

Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges.

7.2CVSS6.7AI score0.00057EPSS

CVE•added 2000/10/13 4:0 a.m.•31 views

CVE-2000-0466

AIX cdmount allows local users to gain root privileges via shell metacharacters.

7.2CVSS6.6AI score0.00043EPSS

CVE•added 2004/09/01 4:0 a.m.•31 views

CVE-2002-1550

dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.

4.6CVSS6.5AI score0.00061EPSS

CVE•added 2008/09/11 1:4 a.m.•31 views

CVE-2007-6717

Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.0006EPSS

CVE•added 2008/02/05 3:0 a.m.•31 views

CVE-2008-0584

Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs.

7.2CVSS6.6AI score0.00058EPSS

CVE•added 2008/06/02 9:30 p.m.•31 views

CVE-2008-2514

Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors.

4.6CVSS6.4AI score0.00065EPSS

CVE•added 2011/01/25 1:0 a.m.•31 views

CVE-2011-0637

The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors.

4.9CVSS6.4AI score0.00064EPSS

CVE•added 2008/04/09 7:5 p.m.•30 views

CVE-2008-1710

Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable.

7.2CVSS6.3AI score0.00066EPSS

CVE•added 2003/03/31 5:0 a.m.•29 views

CVE-2002-1551

Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.

4.6CVSS7.8AI score0.00096EPSS

CVE•added 2005/05/02 4:0 a.m.•29 views

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.

7.2CVSS7.5AI score0.00054EPSS

CVE•added 2002/03/09 5:0 a.m.•28 views

CVE-1999-1119

FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.

10CVSS8.2AI score0.0773EPSS

CVE•added 2008/03/31 11:44 p.m.•28 views

CVE-2008-1600

The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329.

7.2CVSS6.1AI score0.00424EPSS

CVE•added 2002/03/09 5:0 a.m.•27 views

CVE-1999-1121

The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.

7.2CVSS7.4AI score0.00704EPSS

CVE•added 2008/03/10 11:44 p.m.•27 views

CVE-2008-1274

Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.

6.9CVSS7AI score0.00053EPSS

CVE•added 2001/09/12 4:0 a.m.•26 views

CVE-1999-1480

(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.

1.2CVSS7AI score0.00083EPSS

Total number of security vulnerabilities387