CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4237
https://notcve.org/view.php?id=CVE-2007-4237
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges. Desbordamiento de búfer en el atm subset en el arp del devices.common.IBM.atm.rte en el AIX 5.2 y 5.3 permite a usuarios locales obtener privilegios de super administrador (root). • http://osvdb.org/36783 http://secunia.com/advisories/26219 http://securitytracker.com/id?1018463 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00510 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00521 http://www.vupen.com/english/advisories/2007/2678 •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4238
https://notcve.org/view.php?id=CVE-2007-4238
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. AIX 5.2 y 5.3 instala pioinit como usuario y grupo bin, lo cual permite a usuario locales con privilegios de bin o posiblemente de printq obtener las credenciales de root modificando el pioinit. • http://osvdb.org/36782 http://secunia.com/advisories/26219 http://securitytracker.com/id?1018468 http://www-1.ibm.com/support/docview.wss?uid=isg1IY79785 http://www-1.ibm.com/support/docview.wss?uid=isg1IY79786 http://www.vupen.com/english/advisories/2007/2678 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-4003 – IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-4003
pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument. pioout en IBM AIX 5.3 SP6 permite a usuarios locales ejecutar código de su elección especificando una libreria maliciosa con el argument de linea de comando -R (ParseRoutine). • https://www.exploit-db.com/exploits/4232 ftp://aix.software.ibm.com/aix/efixes/security/README http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=569 http://secunia.com/advisories/26219 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01121 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01122 http://www.securityfocus.com/bid/25084 http://www.securitytracker.com/id?1018466 http://www.vupen.com/english/advisories/2007/2677 https://exchange.xforce.ibmcloud& •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2007-4004 – IBM AIX 5.3 SP6 - FTP 'gets()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-4004
Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries. Un desbordamiento de búfer en el cliente ftp en IBM AIX versiones 5.3 SP6 y 5.2.0, permite a usuarios locales ejecutar código arbitrario por medio de vectores no especificados que desencadenan el desbordamiento en una llamada de la función gets. NOTA: el cliente es root del setuid en AIX, por lo que este problema cruza los límites de privilegios. • https://www.exploit-db.com/exploits/4233 ftp://aix.software.ibm.com/aix/efixes/security/README http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=571 http://secunia.com/advisories/26219 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01812 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01813 http://www.securityfocus.com/bid/25077 http://www.securitytracker.com/id?1018465 http://www.vupen.com/english/advisories/2007/2675 https://exchange.xforce.ibmcloud& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 4%CPEs: 2EXPL: 2CVE-2007-3333 – IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-3333
Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences. Un desbordamiento de búfer en la región stack de la memoria en la captura en IBM AIX versiones 5.3 SP6 y 5.2.0, permite a atacantes remotos ejecutar código arbitrario por medio de un número largo de secuencias de control de terminal. • https://www.exploit-db.com/exploits/4231 https://www.exploit-db.com/exploits/30399 ftp://aix.software.ibm.com/aix/efixes/security/README http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=570 http://secunia.com/advisories/26219 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01134 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01135 http://www.securityfocus.com/bid/25075 http://www.securitytracker.com/id?1018464 http://www.vupen.com/english/advisori • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •