Total
701 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-1247 | 1 Ibm | 1 Aix | 2023-12-10 | 3.3 LOW | N/A |
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2006-4254 | 1 Ibm | 1 Aix | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. | |||||
CVE-2005-2236 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments. | |||||
CVE-2004-2697 | 1 Ibm | 1 Aix | 2023-12-10 | 6.9 MEDIUM | N/A |
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. | |||||
CVE-2005-0262 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. | |||||
CVE-2005-3749 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors. | |||||
CVE-2005-3396 | 1 Ibm | 1 Aix | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument. | |||||
CVE-2005-4068 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors. | |||||
CVE-2005-3060 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors. | |||||
CVE-2006-4416 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program. | |||||
CVE-2005-3289 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file. | |||||
CVE-2006-1246 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability. | |||||
CVE-2006-0674 | 1 Ibm | 1 Aix | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument. | |||||
CVE-2006-0133 | 1 Ibm | 1 Aix | 2023-12-10 | 3.6 LOW | N/A |
Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the existence of files and read partial contents of certain files via a .. (dot dot) in the argument to (1) getCommand.new (aka getCommand) and (2) getShell, a different vulnerability than CVE-2005-4273. | |||||
CVE-2004-2388 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | |||||
CVE-2004-1054 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. | |||||
CVE-2005-2233 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. | |||||
CVE-2004-1028 | 1 Ibm | 1 Aix | 2023-12-10 | 7.2 HIGH | N/A |
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. | |||||
CVE-2005-0261 | 1 Ibm | 1 Aix | 2023-12-10 | 2.1 LOW | N/A |
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. | |||||
CVE-2005-1037 | 1 Ibm | 1 Aix | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. |