VYPR

Aix

by IBM

CVEs (402)

  • CVE-2007-4799Sep 10, 2007
    risk 0.00cvss epss 0.00

    The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

  • CVE-2007-4793Sep 10, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4355Aug 15, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4354Aug 15, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

  • CVE-2007-4353Aug 15, 2007
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.

  • CVE-2007-4228Aug 8, 2007
    risk 0.00cvss epss 0.00

    rmpvc on IBM AIX 4.3 allows local users to cause a denial of service (system crash) via long port logical name (-l) argument.

  • CVE-2007-4237Aug 8, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.

  • CVE-2007-4238Aug 8, 2007
    risk 0.00cvss epss 0.00

    AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.

  • CVE-2007-4236Aug 8, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.

  • CVE-2007-3680Jul 11, 2007
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.

  • CVE-2007-2996Jun 4, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships…

  • CVE-2007-2995Jun 4, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.

  • CVE-2007-1798Apr 2, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name.

  • CVE-2007-0978Feb 16, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.

  • CVE-2007-0670Feb 3, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

  • CVE-2007-0618Jan 31, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."

  • CVE-2007-0392Jan 19, 2007
    risk 0.00cvss epss 0.00

    IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.

  • CVE-2006-6914Dec 31, 2006
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.

  • CVE-2006-6915Dec 31, 2006
    risk 0.00cvss epss 0.01

    ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.

  • CVE-2006-5011Sep 27, 2006
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".

Page 13 of 21