Aix@5.2 Security Vulnerabilities and Issues — Aix@5.2 CVE List

Lucene search

IbmAix5.2

22 matches found

CVE•added 2005/02/07 5:0 a.m.•64 views

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

2.1CVSS7AI score0.00386EPSS

CVE•added 2005/01/06 5:0 a.m.•63 views

CVE-2004-1329

Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.

7.2CVSS7.2AI score0.00424EPSS

CVE•added 2005/04/14 4:0 a.m.•49 views

CVE-2003-0954

Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.

7.2CVSS7.3AI score0.00075EPSS

CVE•added 2005/07/12 4:0 a.m.•47 views

CVE-2005-2238

ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports.

2.1CVSS6.5AI score0.00139EPSS

CVE•added 2005/01/10 5:0 a.m.•46 views

CVE-2004-1054

Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.

7.2CVSS6.4AI score0.0036EPSS

CVE•added 2005/05/02 4:0 a.m.•46 views

CVE-2005-0262

Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.

7.2CVSS7.9AI score0.00432EPSS

CVE•added 2005/12/15 10:3 p.m.•44 views

CVE-2005-4272

Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.

10CVSS7.7AI score0.31437EPSS

CVE•added 2005/05/02 4:0 a.m.•42 views

CVE-2005-0250

Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.

7.2CVSS7.2AI score0.00114EPSS

CVE•added 2005/07/12 4:0 a.m.•42 views

CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.

4.6CVSS7.8AI score0.00328EPSS

CVE•added 2005/01/10 5:0 a.m.•41 views

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.

7.2CVSS6.8AI score0.00046EPSS

CVE•added 2005/07/12 4:0 a.m.•41 views

CVE-2005-2235

Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

7.2CVSS7.8AI score0.00057EPSS

CVE•added 2005/09/30 7:10 p.m.•40 views

CVE-2005-3060

Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.

7.2CVSS7.3AI score0.0013EPSS

CVE•added 2005/01/06 5:0 a.m.•39 views

CVE-2004-1330

Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.

7.2CVSS7.9AI score0.00331EPSS

CVE•added 2005/07/12 4:0 a.m.•39 views

CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.

7.2CVSS8.1AI score0.00049EPSS

CVE•added 2005/10/23 10:2 a.m.•39 views

CVE-2005-3289

LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.

2.1CVSS6.2AI score0.00134EPSS

CVE•added 2005/11/05 11:2 a.m.•39 views

CVE-2005-3504

Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code.

7.5CVSS7.5AI score0.04466EPSS

CVE•added 2005/11/01 12:47 p.m.•38 views

CVE-2005-3396

Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.

7.5CVSS7.6AI score0.01851EPSS

CVE•added 2005/02/10 5:0 a.m.•37 views

CVE-2005-0261

lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.

2.1CVSS6.8AI score0.0007EPSS

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-0263

Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.

7.2CVSS7.9AI score0.00432EPSS

CVE•added 2005/11/22 11:3 a.m.•37 views

CVE-2005-3749

Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors.

7.2CVSS6.5AI score0.00064EPSS

CVE•added 2005/12/08 1:3 a.m.•37 views

CVE-2005-4068

Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors.

7.2CVSS6.1AI score0.00068EPSS

CVE•added 2005/05/02 4:0 a.m.•29 views

CVE-2005-0240

Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.

7.2CVSS7.5AI score0.00054EPSS