CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

IBM » AIX : Security Vulnerabilities (CVSS score between 6 and 6.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-4845 264 Bypass 2012-10-20 2013-01-29
6.8
 None Remote Low Single system Complete None None
The FTP client in AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.
2 CVE-2012-2179 264 2012-06-22 2013-03-21
6.9
 None Local Medium Not required Complete Complete Complete
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
3 CVE-2011-1561 287 Bypass 2011-04-05 2011-04-05
6.8
 None Remote Medium Not required Partial Partial Partial
The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password.
4 CVE-2010-3405 119 Overflow +Priv 2010-09-16 2011-07-18
6.8
 None Local Low Single system Complete Complete Complete
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
5 CVE-2009-1786 362 1 2009-05-26 2010-08-21
6.9
 Admin Local Medium Not required Complete Complete Complete
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
6 CVE-2008-5387 119 Overflow +Priv 2008-12-08 2010-08-21
6.2
 None Local High Not required Complete Complete Complete
Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors.
7 CVE-2008-5386 119 Overflow +Priv 2008-12-08 2008-12-17
6.9
 Admin Local Medium Not required Complete Complete Complete
Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors.
8 CVE-2008-5385 264 2008-12-08 2008-12-17
6.9
 None Local Medium Not required Complete Complete Complete
enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors.
9 CVE-2008-5384 264 +Priv 2008-12-08 2010-08-21
6.9
 Admin Local Medium Not required Complete Complete Complete
crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor.
10 CVE-2008-1274 Exec Code 2008-03-10 2011-03-10
6.9
 Admin Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.
11 CVE-2008-0585 264 2008-02-04 2008-10-23
6.6
 None Local Low Not required Complete Complete None
sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM Remote Client files, which allows local users to "alter the behavior of" this client by overwriting these files.
12 CVE-2007-5805 59 2007-11-05 2008-09-10
6.9
 Admin Local Medium Not required Complete Complete Complete
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.
13 CVE-2007-5804 2007-11-05 2008-09-10
6.9
 Admin Local Medium Not required Complete Complete Complete
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.
14 CVE-2007-4798 264 2007-09-10 2008-11-15
6.6
 None Local Low Not required None Complete Complete
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".
15 CVE-2007-4353 Overflow +Priv 2007-08-14 2008-09-05
6.9
 Admin Local Medium Not required Complete Complete Complete
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
16 CVE-2007-4238 +Priv 2007-08-08 2008-11-15
6.9
 Admin Local Medium Not required Complete Complete Complete
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.
17 CVE-2007-4237 Overflow +Priv 2007-08-08 2008-11-15
6.9
 Admin Local Medium Not required Complete Complete Complete
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.
18 CVE-2007-4236 Overflow +Priv 2007-08-08 2008-09-05
6.9
 Admin Local Medium Not required Complete Complete Complete
Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.
19 CVE-2007-4004 119 Exec Code Overflow 2007-07-26 2008-09-05
6.9
 Admin Local Medium Not required Complete Complete Complete
Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.
20 CVE-2007-4003 Exec Code 2007-07-26 2008-09-05
6.9
 Admin Local Medium Not required Complete Complete Complete
pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument.
21 CVE-2007-3333 119 Exec Code Overflow 2007-07-26 2011-08-04
6.9
 Admin Local Medium Not required Complete Complete Complete
Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences.
22 CVE-2007-2996 +Priv 2007-06-04 2012-10-30
6.6
 Admin Local Medium Single system Complete Complete Complete
Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."
23 CVE-2004-2697 362 +Priv 2004-12-31 2008-09-05
6.9
 Admin Local Medium Not required Complete Complete Complete
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
24 CVE-2004-2634 2004-12-31 2008-09-05
6.2
 Admin Local High Not required Complete Complete Complete
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
Total number of vulnerabilities : 24   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.