CVE-2016-6079 – IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-6079
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. IBM AIX 5.3, 6.1, 7.1 y 7.2 contiene una vulnerabilidad no especificada que permitiría a un usuario autenticado localmente obtener privilegios nivel root. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. • https://www.exploit-db.com/exploits/40710 http://aix.software.ibm.com/aix/efixes/security/lquerylv_advisory.asc http://www.securityfocus.com/bid/94090 http://www.securitytracker.com/id/1037256 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2016-8972 – IBM AIX 6.1/7.1/7.2 - 'Bellmail' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-8972
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011. IBM AIX 6.1, 7.1 y 7.2 podría permitir a un usuario local obtener privilegios de root utilizando un comando especialmente manipulado dentro del cliente de bellmail. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011. IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability. • https://www.exploit-db.com/exploits/40950 http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.asc http://www.securityfocus.com/bid/94979 http://www.securitytracker.com/id/1037480 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-4948
https://notcve.org/view.php?id=CVE-2015-4948
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. netstat en IBM AIX 5.3, 6.1 y 7.1 y VIOS 2.2.x, cuando se utiliza un adaptador de canal de fibra, permite a usuarios locales obtener privilegios a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/netstat_advisory.asc http://www-01.ibm.com/support/docview.wss?uid=swg1IV75940 http://www-01.ibm.com/support/docview.wss?uid=swg1IV77299 http://www.securitytracker.com/id/1033806 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-4817
https://notcve.org/view.php?id=CVE-2012-4817
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. La implementación del cliente NFSv4 en IBM AIX v5.3, v6.1, y v7.1, y VIOS anteriores a v2.2.1.4-FP-25 SP-02, no maneja valores GID de forma adecuada, lo que permite a atacantes remotos a provocar una denegación de servicio a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc http://osvdb.org/85427 http://secunia.com/advisories/50619 http://www.ibm.com/support/docview.wss?uid=isg1IV10327 http://www.ibm.com/support/docview.wss?uid=isg1IV11629 http://www.ibm.com/support/docview.wss?uid=isg1IV12169 http://www.ibm.com/support/docview.wss?uid=isg1IV17855 http://www.ibm.com/support/docview.wss? •
CVE-2012-0745
https://notcve.org/view.php?id=CVE-2012-0745
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. La función de getpwnam en IBM AIX v5.3, v6.1 y v7.1 y VIOS v2.1.0.10 hasta v2.2.1.3 no interactúa correctamente con el filtrado de usuarios extendido de LDAP, lo que permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory2.asc http://osvdb.org/81683 http://secunia.com/advisories/49073 http://www.ibm.com/support/docview.wss?uid=isg1IV18464 http://www.ibm.com/support/docview.wss?uid=isg1IV18637 http://www.ibm.com/support/docview.wss?uid=isg1IV18638 http://www.ibm.com/support/docview.wss?uid=isg1IV19077 http://www.ibm.com/support/docview.wss? • CWE-264: Permissions, Privileges, and Access Controls •