Lucene search

K
IbmAix

39 matches found

CVE
CVE
added 2014/10/15 12:55 a.m.836 views

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

4.3CVSS4.4AI score0.94196EPSS
CVE
CVE
added 2022/03/01 5:15 p.m.138 views

CVE-2021-38955

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a denial of service due to a file creation vulnerability in the audit commands. IBM X-Force ID: 211825.

4.4CVSS4.4AI score0.00039EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.59 views

CVE-2000-1119

Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.

4.6CVSS7.3AI score0.00126EPSS
CVE
CVE
added 2014/05/08 10:55 a.m.59 views

CVE-2014-0930

The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.

4.7CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2003/12/15 5:0 a.m.58 views

CVE-2003-0914

ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

4.3CVSS6.2AI score0.19846EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.53 views

CVE-1999-0094

AIX piodmgrsu command allows local users to gain additional group privileges.

4.6CVSS7.5AI score0.00081EPSS
CVE
CVE
added 2016/08/08 1:59 a.m.53 views

CVE-2016-0266

IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

4.3CVSS3.7AI score0.007EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS
CVE
CVE
added 2006/02/13 10:2 p.m.49 views

CVE-2006-0674

Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument.

4.6CVSS6.4AI score0.00065EPSS
CVE
CVE
added 2021/06/28 4:15 p.m.48 views

CVE-2021-29693

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. IBM X-Force ID: 200255.

4.9CVSS4.4AI score0.00102EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1079

Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.

4.6CVSS6.8AI score0.00068EPSS
CVE
CVE
added 2007/01/10 12:0 a.m.45 views

CVE-2006-6915

ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.

4CVSS6.1AI score0.00839EPSS
CVE
CVE
added 2012/06/20 10:27 a.m.45 views

CVE-2012-2192

The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.

4.9CVSS6AI score0.00062EPSS
CVE
CVE
added 2016/08/08 1:59 a.m.45 views

CVE-2016-0281

The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.

4.3CVSS4.1AI score0.02821EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.44 views

CVE-2001-1095

Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.

4.6CVSS7.8AI score0.00096EPSS
CVE
CVE
added 2006/02/15 11:6 a.m.43 views

CVE-2006-0666

Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX.

4.9CVSS6AI score0.00068EPSS
CVE
CVE
added 2005/07/12 4:0 a.m.42 views

CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.

4.6CVSS7.8AI score0.00328EPSS
CVE
CVE
added 2007/01/19 11:28 p.m.42 views

CVE-2007-0392

IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

4.6CVSS6.3AI score0.00211EPSS
CVE
CVE
added 2008/03/31 11:44 p.m.42 views

CVE-2008-1594

The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent volume groups spread across multiple nodes, which allows local users of one node to cause a denial of service (remote node crash) by using chfs or lreducelv to reduce a filesystem's size.

4.9CVSS6.2AI score0.00054EPSS
CVE
CVE
added 2007/06/04 5:30 p.m.41 views

CVE-2007-2995

Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.

4.3CVSS6.3AI score0.00668EPSS
CVE
CVE
added 2009/02/11 8:30 p.m.41 views

CVE-2009-0536

at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges.

4.9CVSS6AI score0.0006EPSS
CVE
CVE
added 2012/07/30 7:55 p.m.41 views

CVE-2012-0723

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

4.9CVSS5.8AI score0.00065EPSS
CVE
CVE
added 2007/08/08 10:17 p.m.40 views

CVE-2007-4228

rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument.

4.7CVSS6AI score0.00055EPSS
CVE
CVE
added 2007/02/03 12:28 a.m.39 views

CVE-2007-0670

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

4.6CVSS7.5AI score0.00096EPSS
CVE
CVE
added 2011/11/11 9:55 p.m.39 views

CVE-2011-1375

IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call.

4.9CVSS5.9AI score0.00053EPSS
CVE
CVE
added 2006/03/10 1:2 a.m.37 views

CVE-2006-0667

lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack.

4.6CVSS6.1AI score0.00065EPSS
CVE
CVE
added 2008/01/31 8:0 p.m.36 views

CVE-2008-0509

Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.

4.4CVSS7.2AI score0.00153EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.35 views

CVE-2001-1096

Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.

4.6CVSS7.1AI score0.00103EPSS
CVE
CVE
added 2008/03/31 11:44 p.m.35 views

CVE-2008-1597

The WPAR system call implementation in the kernel in IBM AIX 6.1 allows local users to cause a denial of service via unknown calls that trigger "undefined behavior."

4.9CVSS5.9AI score0.00048EPSS
CVE
CVE
added 2007/09/10 9:17 p.m.34 views

CVE-2007-4799

The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

4.9CVSS6.3AI score0.00048EPSS
CVE
CVE
added 2008/03/31 11:44 p.m.34 views

CVE-2008-1595

The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.

4.9CVSS5.8AI score0.00046EPSS
CVE
CVE
added 2006/09/27 1:7 a.m.33 views

CVE-2006-5007

Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.

4.6CVSS6.4AI score0.0008EPSS
CVE
CVE
added 2008/02/05 3:0 a.m.33 views

CVE-2008-0589

The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors.

4.9CVSS5.3AI score0.00054EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.32 views

CVE-2001-0573

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.

4.6CVSS6.5AI score0.00077EPSS
CVE
CVE
added 2008/03/31 11:44 p.m.32 views

CVE-2008-1598

The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors.

4.7CVSS5.7AI score0.00063EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.31 views

CVE-2002-1550

dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.

4.6CVSS6.5AI score0.00061EPSS
CVE
CVE
added 2008/06/02 9:30 p.m.31 views

CVE-2008-2514

Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors.

4.6CVSS6.4AI score0.00065EPSS
CVE
CVE
added 2011/01/25 1:0 a.m.31 views

CVE-2011-0637

The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors.

4.9CVSS6.4AI score0.00064EPSS
CVE
CVE
added 2003/03/31 5:0 a.m.29 views

CVE-2002-1551

Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.

4.6CVSS7.8AI score0.00096EPSS