Iseries As 400 Security Vulnerabilities and Issues — Iseries As 400 CVE List

Lucene search

IbmIseries As 400

3 matches found

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-1133

The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server.

5CVSS6.5AI score0.00311EPSS

CVE•added 2005/05/02 4:0 a.m.•32 views

CVE-2005-1025

The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.

5CVSS6.5AI score0.00415EPSS

CVE•added 2005/05/02 4:0 a.m.•30 views

CVE-2005-1238

By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request.

7.5CVSS6.9AI score0.00445EPSS