NotCVE - vendor:"Ibm" product:"Aix" version:"5.1l"

Page 3 of 54 results (0.004 seconds)

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2004-2634

https://notcve.org/view.php?id=CVE-2004-2634

31 Dec 2004 — The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. • http://secunia.com/advisories/11496 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2

CVE-2004-2697 – AIX 4.3.3/5.1 - Invscoutd Symbolic Link

https://notcve.org/view.php?id=CVE-2004-2697

31 Dec 2004 — The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. • https://www.exploit-db.com/exploits/23883 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2004-1028

https://notcve.org/view.php?id=CVE-2004-1028

22 Dec 2004 — Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. Vulnerabilidad de camino de ejecución no de confianza en chcod de AIX IBM 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ejecutar programas arbitrarios modificando la variable de entorno PATH para apuntar a una programa "grep" malicioso, que es ejecutado desde chcod... • http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only •

CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 2

CVE-2004-1054 – AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation

https://notcve.org/view.php?id=CVE-2004-1054

22 Dec 2004 — Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. Vulnerabilidad de camino de ejecución no confiable en invscout de IBM AIX 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ganar privilegios modificando la variable de entorno PATH para que apunte a un programa "uname" malicioso, que ... • https://www.exploit-db.com/exploits/701 •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 3

CVE-2004-1329 – IBM AIX 5.x - 'Diag' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2004-1329

20 Dec 2004 — Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. • https://www.exploit-db.com/exploits/25039 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 3

CVE-2004-0544 – AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow

https://notcve.org/view.php?id=CVE-2004-0544

10 Jun 2004 — Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. Múltiples desbordamientos de búfer en LVM de AIX 5.1 y 5.2 permite a usuarios locales ganar privilegios mediante comandos (1)putlvcb o (2) getlvcb. • https://www.exploit-db.com/exploits/23840 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2004-0545

https://notcve.org/view.php?id=CVE-2004-0545

10 Jun 2004 — LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. LVM de AIX 5.1 Y 5.2 permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos (symlink attack) • http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0544.2 •

CVSS: 10.0EPSS: 54%CPEs: 12EXPL: 0

CVE-2004-0368

https://notcve.org/view.php?id=CVE-2004-0368

25 Mar 2004 — Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. Vulnerabilidad de doble liberación de memora en dtlogin de CDE sobre Solaris, y posiblemente otros sistemas operativos, permite a atacantes remotos ejecutar código arbitrario mediante cierto paquete UDP. • ftp://patches.sgi.com/support/free/security/advisories/20040801-01-P • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2004-0243

https://notcve.org/view.php?id=CVE-2004-0243

18 Mar 2004 — AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods. Cuando está deshabilitado el login remoto en AiX4.3.3 hasta AIX5.1 muestra un mensaje diferencte si la contraseña es correcta, lo que permite que atacantes remotos adivinen la contraseña por métodos de fuerza bruta. • http://archives.neohapsis.com/archives/bugtraq/2004-02/0313.html • CWE-203: Observable Discrepancy •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2003-0257

https://notcve.org/view.php?id=CVE-2003-0257

16 Mar 2004 — Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. Vulnerabilidad de cadena de formato en la capacídad de impresión de IBM AIX .3, 5.1 y 5.2 pemite a usuarios locales ganar privilegios de printq o de root • http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2003.0660.1 •

1 2 3 4 5