CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2004-1028
https://notcve.org/view.php?id=CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. Vulnerabilidad de camino de ejecución no de confianza en chcod de AIX IBM 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ejecutar programas arbitrarios modificando la variable de entorno PATH para apuntar a una programa "grep" malicioso, que es ejecutado desde chcod. • http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64355&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64356&apar=only http://www.idefense.com/application/poi/display?id=170&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/18625 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 2CVE-2004-1054 – AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1054
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. Vulnerabilidad de camino de ejecución no confiable en invscout de IBM AIX 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ganar privilegios modificando la variable de entorno PATH para que apunte a un programa "uname" malicioso, que es ejecutado desde lsvpd después de que lsvpd haya sido ejecutado por invscout • https://www.exploit-db.com/exploits/701 https://www.exploit-db.com/exploits/898 http://www-1.ibm.com/support/search.wss?rs=0&q=IY64820&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64852&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64976&apar=only http://www.idefense.com/application/poi/display?id=171&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/18619 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 3CVE-2004-1329 – IBM AIX 5.x - 'Diag' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1329
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. • https://www.exploit-db.com/exploits/25039 http://marc.info/?l=bugtraq&m=110355931920123&w=2 http://www-1.ibm.com/support/search.wss?rs=0&q=IY64277&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64389&apar=only http://www.securityfocus.com/archive/1/464276/100/0/threaded http://www.securityfocus.com/archive/1/464481/100/0/threaded http://www.securityfocus.com/bid/12041 https://exchange.xforce.ibmcloud.com/vulnerabilities/18620 https://www.exploit-d •