| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-2200 |
264 |
|
+Priv |
2012-06-27 |
2013-03-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory. |
|
2 |
CVE-2012-0745 |
264 |
|
+Priv |
2012-05-04 |
2013-01-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. |
|
3 |
CVE-2012-0194 |
|
|
DoS |
2012-02-06 |
2012-02-07 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. |
|
4 |
CVE-2011-1385 |
399 |
|
DoS |
2012-03-02 |
2012-03-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. |
|
5 |
CVE-2010-1124 |
|
|
DoS |
2010-03-26 |
2010-03-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses." |
|
6 |
CVE-2010-0961 |
119 |
|
Overflow +Priv |
2010-03-10 |
2011-07-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. |
|
7 |
CVE-2010-0960 |
119 |
|
Overflow +Priv |
2010-03-10 |
2010-08-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. |
|
8 |
CVE-2010-0922 |
|
|
DoS |
2010-03-03 |
2010-03-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300-11-02 allows attackers to cause a denial of service (LDAP login failure) via unknown vectors. NOTE: some of these details are obtained from third party information. NOTE: there may be no attacker role, and the issue may be triggered entirely by an administrator's installation of an official service pack. |
|
9 |
CVE-2009-4362 |
119 |
|
DoS Overflow +Priv |
2009-12-21 |
2009-12-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information. |
|
10 |
CVE-2009-4361 |
119 |
|
DoS Overflow +Priv |
2009-12-21 |
2009-12-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information. |
|
11 |
CVE-2009-3516 |
255 |
|
Bypass |
2009-10-01 |
2010-08-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors. |
|
12 |
CVE-2009-2669 |
264 |
|
+Priv |
2009-08-05 |
2009-08-12 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1. |
|
13 |
CVE-2009-2434 |
119 |
|
Overflow +Priv |
2009-07-13 |
2009-07-13 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the syscall implementation in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. |
|
14 |
CVE-2009-1954 |
|
|
DoS |
2009-06-07 |
2009-06-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli. |
|
15 |
CVE-2009-1355 |
119 |
|
Overflow +Priv |
2009-04-21 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. |
|
16 |
CVE-2009-0779 |
119 |
|
Overflow +Priv |
2009-03-04 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." |
|
17 |
CVE-2009-0370 |
|
|
|
2009-01-30 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files." |
|
18 |
CVE-2008-4018 |
264 |
|
+Priv |
2008-09-10 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805. |
|
19 |
CVE-2008-2515 |
264 |
|
+Priv |
2008-06-02 |
2011-05-06 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error." |
|
20 |
CVE-2008-2513 |
119 |
|
Exec Code Overflow |
2008-06-02 |
2009-04-08 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors. |
|
21 |
CVE-2008-1710 |
264 |
|
+Priv |
2008-04-09 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable. |
|
22 |
CVE-2008-1601 |
119 |
|
Overflow +Priv |
2008-03-31 |
2009-08-19 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges. |
|
23 |
CVE-2008-1600 |
264 |
|
+Priv |
2008-03-31 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329. |
|
24 |
CVE-2008-1599 |
264 |
|
+Priv |
2008-03-31 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat. |
|
25 |
CVE-2008-1596 |
264 |
|
|
2008-03-31 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680. |
|
26 |
CVE-2008-1593 |
264 |
|
+Priv |
2008-03-31 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The checkpoint and restart feature in the kernel in IBM AIX 5.2, 5.3, and 6.1 does not properly protect kernel memory, which allows local users to read and modify portions of memory and gain privileges via unspecified vectors involving a restart of a 64-bit process, probably related to the as_getadsp64 function. |
|
27 |
CVE-2008-0588 |
264 |
|
Overflow +Priv |
2008-02-04 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
|
28 |
CVE-2008-0587 |
119 |
|
Overflow +Priv |
2008-02-04 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
|
29 |
CVE-2008-0586 |
119 |
|
Overflow +Priv |
2008-02-04 |
2012-11-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh. |
|
30 |
CVE-2008-0584 |
264 |
|
Overflow +Priv |
2008-02-04 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs. |
|
31 |
CVE-2007-6717 |
119 |
|
Overflow +Priv |
2008-09-10 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors. |
|
32 |
CVE-2007-5764 |
119 |
|
Overflow +Priv |
2008-01-24 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option. |
|
33 |
CVE-2007-4797 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in unspecified svprint (System V print) commands in bos.svprint.rte in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors. |
|
34 |
CVE-2007-4796 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in uucp in bos.net.uucp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
|
35 |
CVE-2007-4795 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name. |
|
36 |
CVE-2007-4794 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter. |
|
37 |
CVE-2007-4793 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
|
38 |
CVE-2007-4792 |
119 |
|
Overflow +Priv |
2007-09-10 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. |
|
39 |
CVE-2007-4791 |
119 |
|
Overflow +Priv |
2007-09-10 |
2012-11-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978. |
|
40 |
CVE-2007-4623 |
119 |
|
Exec Code Overflow |
2007-11-05 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. |
|
41 |
CVE-2007-4622 |
189 |
|
+Priv |
2007-11-05 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. |
|
42 |
CVE-2007-4621 |
119 |
|
Overflow +Priv |
2007-11-05 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. |
|
43 |
CVE-2007-4513 |
119 |
|
Overflow +Priv |
2007-11-05 |
2009-03-04 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. |
|
44 |
CVE-2007-4355 |
|
|
Overflow +Priv |
2007-08-14 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. |
|
45 |
CVE-2007-4354 |
|
|
Overflow +Priv |
2007-08-14 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. |
|
46 |
CVE-2007-4217 |
119 |
|
Overflow +Priv |
2007-11-05 |
2009-07-24 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. |
|
47 |
CVE-2007-3680 |
119 |
|
Exec Code Overflow |
2007-07-11 |
2012-10-30 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable. |
|
48 |
CVE-2007-1798 |
|
|
DoS Exec Code Overflow |
2007-04-02 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. |
|
49 |
CVE-2007-0978 |
|
|
Overflow +Priv |
2007-02-15 |
2008-11-15 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. |
|
50 |
CVE-2007-0618 |
|
|
|
2007-01-31 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." |
