Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Aix
Total 701 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-1247 1 Ibm 1 Aix 2023-12-10 3.3 LOW N/A
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2006-4254 1 Ibm 1 Aix 2023-12-10 7.5 HIGH N/A
Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.
CVE-2005-2236 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
CVE-2004-2697 1 Ibm 1 Aix 2023-12-10 6.9 MEDIUM N/A
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
CVE-2005-0262 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
CVE-2005-3749 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors.
CVE-2005-3396 1 Ibm 1 Aix 2023-12-10 7.5 HIGH N/A
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
CVE-2005-4068 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors.
CVE-2005-3060 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
CVE-2006-4416 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.
CVE-2005-3289 1 Ibm 1 Aix 2023-12-10 2.1 LOW N/A
LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.
CVE-2006-1246 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.
CVE-2006-0674 1 Ibm 1 Aix 2023-12-10 4.6 MEDIUM N/A
Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument.
CVE-2006-0133 1 Ibm 1 Aix 2023-12-10 3.6 LOW N/A
Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the existence of files and read partial contents of certain files via a .. (dot dot) in the argument to (1) getCommand.new (aka getCommand) and (2) getShell, a different vulnerability than CVE-2005-4273.
CVE-2004-2388 1 Ibm 1 Aix 2023-12-10 10.0 HIGH N/A
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
CVE-2004-1054 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
CVE-2005-2233 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.
CVE-2004-1028 1 Ibm 1 Aix 2023-12-10 7.2 HIGH N/A
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
CVE-2005-0261 1 Ibm 1 Aix 2023-12-10 2.1 LOW N/A
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.
CVE-2005-1037 1 Ibm 1 Aix 2023-12-10 10.0 HIGH N/A
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.