CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0240
https://notcve.org/view.php?id=CVE-2005-0240
07 Feb 2005 — Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message. • http://www-1.ibm.com/support/docview.wss?uid=isg1IY67455 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2004-2312 – GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-2312
31 Dec 2004 — Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. • https://www.exploit-db.com/exploits/23838 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2004-2388
https://notcve.org/view.php?id=CVE-2004-2388
31 Dec 2004 — rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. • http://secunia.com/advisories/11085 •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2634
https://notcve.org/view.php?id=CVE-2004-2634
31 Dec 2004 — The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. • http://secunia.com/advisories/11496 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2004-2697 – AIX 4.3.3/5.1 - Invscoutd Symbolic Link
https://notcve.org/view.php?id=CVE-2004-2697
31 Dec 2004 — The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. • https://www.exploit-db.com/exploits/23883 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 3CVE-2004-1330 – AIX 5.1 < 5.3 - paginit Local Stack Overflow
https://notcve.org/view.php?id=CVE-2004-1330
31 Dec 2004 — Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. • https://www.exploit-db.com/exploits/699 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2004-1028
https://notcve.org/view.php?id=CVE-2004-1028
22 Dec 2004 — Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. Vulnerabilidad de camino de ejecución no de confianza en chcod de AIX IBM 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ejecutar programas arbitrarios modificando la variable de entorno PATH para apuntar a una programa "grep" malicioso, que es ejecutado desde chcod... • http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 2CVE-2004-1054 – AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1054
22 Dec 2004 — Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. Vulnerabilidad de camino de ejecución no confiable en invscout de IBM AIX 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ganar privilegios modificando la variable de entorno PATH para que apunte a un programa "uname" malicioso, que ... • https://www.exploit-db.com/exploits/701 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 3CVE-2004-1329 – IBM AIX 5.x - 'Diag' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1329
20 Dec 2004 — Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. • https://www.exploit-db.com/exploits/25039 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0828
https://notcve.org/view.php?id=CVE-2004-0828
28 Sep 2004 — The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. El programa ctstrtcasd en RSCT 2.3.0.0 y anteriores para IBM AIX 5.2 Y 5.3 no se deshace adecuamente de privilegios antes de ejecutar la opción -f, lo que permite a usuarios locales modificar o crear ficheros arbitrarios. • http://secunia.com/advisories/12664 •