CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1595
https://notcve.org/view.php?id=CVE-2008-1595
The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information. El sistema de ficheros proc en el kernel de IBM AIX 5.2 y 5.3 no refuerza adecuadamente los permisos de directorio cuando un archivo se ejecuta desde un directorio que tiene permisos más débiles que los del propio directorio, lo que permite a usuarios locales obtener información sensible. • http://securitytracker.com/id?1019606 http://www.ibm.com/support/docview.wss?uid=isg1IZ06022 http://www.ibm.com/support/docview.wss?uid=isg1IZ06505 http://www.ibm.com/support/docview.wss?uid=isg1IZ06663 http://www.securityfocus.com/bid/28467 http://www.vupen.com/english/advisories/2008/0865 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd? • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0586
https://notcve.org/view.php?id=CVE-2008-0586
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh. Múltiples desbordamientos de búfer en IBM AIX 5.2 y 5.3. Permiten a usuarios locales conseguir priviledios por medio de vectores no especificados relacionados con los programas (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg y (5) lvgenminor en bos.rte.lvm; y el programa tellclvmd en bos.clvm.enh. • http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc http://osvdb.org/40427 http://osvdb.org/40428 http://osvdb.org/40429 http://secunia.com/advisories/28609 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98448 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98450 http://www.ibm.com/support/docview.wss?uid=isg1IY98331 http://www.ibm.com/support/docview.wss?uid=isg1IY98340 http://www.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2008-0589
https://notcve.org/view.php?id=CVE-2008-0589
The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors. El programa ps en bos.rte.control de IBM AIX 5.2, 5.3 y 6.1. Permite a usuarios locales obtener información sensible a través de vectores no especificados. • http://secunia.com/advisories/28609 http://securitytracker.com/id?1019265 http://www.ibm.com/support/docview.wss?uid=isg1IZ11242 http://www.ibm.com/support/docview.wss?uid=isg1IZ11243 http://www.ibm.com/support/docview.wss?uid=isg1IZ11244 http://www.ibm.com/support/docview.wss? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0587
https://notcve.org/view.php?id=CVE-2008-0587
Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer en el programa uspchrp en devices.chrp.base.diag en IBM AIX 5.2 y 5.3 permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://secunia.com/advisories/28609 http://www.ibm.com/support/docview.wss?uid=isg1IZ06261 http://www.ibm.com/support/docview.wss?uid=isg1IZ06489 http://www.ibm.com/support/docview.wss?uid=isg1IZ06621 http://www.securityfocus.com/bid/27429 http://www.vupen.com/english/advisories/2008/0261 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4072 https://exchange.xforce.ibmcloud.com/vulnerabilities/39910 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2008-0588
https://notcve.org/view.php?id=CVE-2008-0588
Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer en el programa utape en devices.scsi.tape.diag de IBM AIX 5.2 y 5.3 permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://secunia.com/advisories/28609 http://www.ibm.com/support/docview.wss?uid=isg1IZ06260 http://www.ibm.com/support/docview.wss?uid=isg1IZ06488 http://www.ibm.com/support/docview.wss?uid=isg1IZ06620 http://www.securityfocus.com/bid/27430 http://www.vupen.com/english/advisories/2008/0261 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4070 https://exchange.xforce.ibmcloud.com/vulnerabilities/39909 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-264: Permissions, Privileges, and Access Controls •