Page 5 of 40 results (0.005 seconds)

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. • http://secunia.com/advisories/11496 http://securitytracker.com/id?1009975 http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only http://www.osvdb.org/5711 http://www.osvdb.org/5712 http://www.securityfocus.com/bid/10231 https://exchange.xforce.ibmcloud.com/vulnerabilities/16008 https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279 •

CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 2

The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. • https://www.exploit-db.com/exploits/23883 http://secunia.com/advisories/11200 http://www.osvdb.org/4582 http://www.securiteam.com/exploits/5CP0F0UDFG.html http://www.securityfocus.com/bid/9982 http://www.xfocus.org/exploits/200403/31.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15620 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. Vulnerabilidad de camino de ejecución no de confianza en chcod de AIX IBM 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ejecutar programas arbitrarios modificando la variable de entorno PATH para apuntar a una programa "grep" malicioso, que es ejecutado desde chcod. • http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64355&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64356&apar=only http://www.idefense.com/application/poi/display?id=170&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/18625 •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 2

Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. Vulnerabilidad de camino de ejecución no confiable en invscout de IBM AIX 5.1.0, 5.2.0 y 5.3.0 permite a usuarios locales ganar privilegios modificando la variable de entorno PATH para que apunte a un programa "uname" malicioso, que es ejecutado desde lsvpd después de que lsvpd haya sido ejecutado por invscout • https://www.exploit-db.com/exploits/701 https://www.exploit-db.com/exploits/898 http://www-1.ibm.com/support/search.wss?rs=0&q=IY64820&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64852&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64976&apar=only http://www.idefense.com/application/poi/display?id=171&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/18619 •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 3

Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. • https://www.exploit-db.com/exploits/25039 http://marc.info/?l=bugtraq&m=110355931920123&w=2 http://www-1.ibm.com/support/search.wss?rs=0&q=IY64277&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64389&apar=only http://www.securityfocus.com/archive/1/464276/100/0/threaded http://www.securityfocus.com/archive/1/464481/100/0/threaded http://www.securityfocus.com/bid/12041 https://exchange.xforce.ibmcloud.com/vulnerabilities/18620 https://www.exploit-d •