CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1018
https://notcve.org/view.php?id=CVE-2003-1018
Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. Vulnerabilidad de cadena de formato en la orden enq en AIX 4.3, 5.1 Y 5.2 permite a usuarios locales con privilegios de grupo rint ganar privilegios mediante vectores de ataque desconocidos. • http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-20 http://www.securityfocus.com/bid/9254 https://exchange.xforce.ibmcloud.com/vulnerabilities/14037 •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2003-0170
https://notcve.org/view.php?id=CVE-2003-0170
Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. Vulnerabilidad desconocida en ftpd en IBM AIX 5.2, cuando se configura para utilizar autenticación Kerberos 5, permite a atacantes remotos ganar privilegios mediante vectores de ataque desconocidos. • http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2003.0469.1 http://www-1.ibm.com/support/docview.wss?uid=isg1IY42424 http://www.osvdb.org/4878 http://www.securityfocus.com/bid/7346 https://exchange.xforce.ibmcloud.com/vulnerabilities/11823 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2003-0119
https://notcve.org/view.php?id=CVE-2003-0119
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. El demonio secldapclntd en AIX 4.3, 5.1 y 5.2usa un socket de Internet cuando se comunica con el loadmodule, lo que permite que atacantes remotos se conecten directamente al demonio y realicen actividades no autorizadas. • http://secunia.com/advisories/8221 http://www-1.ibm.com/services/continuity/recover1.nsf/4699c03b46f2d4f68525678c006d45ae/85256a3400529a8685256cde0008ddde?OpenDocument http://www.kb.cert.org/vuls/id/624713 http://www.securityfocus.com/bid/7264 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0696
https://notcve.org/view.php?id=CVE-2003-0696
The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion). La API getipnodebyname() en AIX 5.1 y 5.2 no cierra adecuadamente los sockets, lo que permite a atacantes causar una denegación de servicio (agotamiento de recursos) • http://www.securityfocus.com/bid/8738 https://exchange.xforce.ibmcloud.com/vulnerabilities/13328 https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=7&heading=AIX51&topic=SECURITY&month=200310&label=getipnodebyname%28%29+API+does+not+close+sockets.&date=20031001&bulletin=datafile150755&embed=true •
CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0CVE-2003-1437
https://notcve.org/view.php?id=CVE-2003-1437
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •