Page 18 of 136 results (0.008 seconds)

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin. Un desbordamiento de búfer en la biblioteca bos.rte.libc en IBM AIX versiones 5.2 y 5.3, permite a usuarios locales ejecutar código arbitrario por medio de los "r-commands", incluyendo posiblemente (1) rdist, (2) rsh, (3) rcp, (4) rsync, y (5) rlogin. • ftp://aix.software.ibm.com/aix/efixes/security/README http://secunia.com/advisories/23995 http://securitytracker.com/id?1017583 http://securitytracker.com/id?1017607 http://www-1.ibm.com/support/docview.wss?uid=isg1IY94301 http://www-1.ibm.com/support/docview.wss?uid=isg1IY94368 http://www.osvdb.org/31696 http://www.securityfocus.com/bid/22370 http://www.securityfocus.com/bid/22456 http://www.vupen.com/english/advisories/2007/0471 https://exchange.xforce.ibmcloud.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." Vulnerabilidad sin especificar en el (1) pop3d, (2) pop3ds, (3) imapd y (4) imapds del IBM AIX 5.3.0 tiene un impacto sin especificar y vectores de ataque, implicando una "vulnerabilidad de autenticación". • ftp://aix.software.ibm.com/aix/efixes/security/README http://secunia.com/advisories/23957 http://www-1.ibm.com/support/search.wss?rs=0&q=IY93084&apar=only http://www.securityfocus.com/bid/22262 http://www.vupen.com/english/advisories/2007/0382 https://exchange.xforce.ibmcloud.com/vulnerabilities/31875 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. IBM AIX 5.3 no verifica adecuadamente el estado de descriptor de un fichero antes de la ejecución setuid, lo cual permite a usuarios locales ganar privilegios a través del cierre del descriptor de fichero 0,1 o 2 y por tanto invocando un programa setuid, una variante de CVE-2002-0572. • http://www.securityfocus.com/archive/1/457279/100/0/threaded http://www.securityfocus.com/archive/1/457315/100/0/threaded •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0

Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. Vulnerabilidad no especificada en ftpd en IBM AIX 5.2.0 y 5.3.0 permite atacantes remotos obtener información sensible, incluido contraseñas, a través de vectores no especificados. • ftp://aix.software.ibm.com/aix/efixes/security/README http://secunia.com/advisories/23688 http://securitytracker.com/id?1017480 http://www-1.ibm.com/support/docview.wss?uid=isg1IY89168 http://www-1.ibm.com/support/docview.wss?uid=isg1IY91787 http://www.securityfocus.com/bid/21941 http://www.vupen.com/english/advisories/2007/0101 •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources. ftpd en IBMAIX5.2.0 y 5.3.0 permite a usuarios autenticados remotamente provocar una denegación de servicio (agotamiento de puertos) a través de vectores no especificados. NOTA: algunos de estos detalles se han obtenido de información de terceros. • ftp://aix.software.ibm.com/aix/efixes/security/README http://secunia.com/advisories/23688 http://securitytracker.com/id?1017480 http://www-1.ibm.com/support/docview.wss?uid=isg1IY89168 http://www-1.ibm.com/support/docview.wss?uid=isg1IY91787 http://www.securityfocus.com/bid/21940 http://www.vupen.com/english/advisories/2007/0101 •