5.1l : Security Vulnerabilities

Cpe Name:cpe:/o:ibm:aix:5.1l

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2010-3405	119		Overflow +Priv	2010-09-16	2011-07-18	6.8	None	Local	Low	Single system	Complete	Complete	Complete
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
2	CVE-2010-3187	119	2	Exec Code Overflow	2010-08-30	2011-07-18	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
3	CVE-2010-1039	134		Exec Code	2010-05-20	2011-07-25	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
4	CVE-2009-3699	119		Exec Code Overflow	2009-10-15	2009-10-15	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
5	CVE-2006-1247				2006-04-19	2008-09-05	3.6	None	Local	Low	Not required	None	Partial	Partial
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
6	CVE-2005-4272			Exec Code Overflow	2005-12-15	2008-09-05	10.0	Admin	Remote	Low	Not required	Complete	Complete	Complete
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
7	CVE-2005-3396			Exec Code Overflow	2005-11-01	2009-03-04	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
8	CVE-2005-2235			Exec Code Overflow	2005-07-12	2008-09-05	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
9	CVE-2005-2234			Exec Code Overflow	2005-07-12	2008-09-05	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
10	CVE-2005-2233			Exec Code Overflow	2005-07-12	2008-09-05	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.
11	CVE-2005-0991				2005-05-02	2008-09-05	2.1	None	Local	Low	Not required	None	Partial	None
RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.
12	CVE-2004-2697	362		+Priv	2004-12-31	2008-09-05	6.9	Admin	Local	Medium	Not required	Complete	Complete	Complete
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
13	CVE-2004-1329			Exec Code	2004-12-20	2008-09-05	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
14	CVE-2004-1054			+Priv	2005-01-10	2008-09-10	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
15	CVE-2004-1028				2005-01-10	2008-09-10	7.2	Admin	Local	Low	Not required	Complete	Complete	Complete
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
16	CVE-2003-0914				2003-12-15	2008-09-10	4.3	None	Remote	Medium	Not required	None	Partial	None
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
17	CVE-2001-1440				2001-12-21	2008-09-05	10.0	Admin	Remote	Low	Not required	Complete	Complete	Complete
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.

Total number of vulnerabilities : 17 Page : 1 (This Page)