CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0960
https://notcve.org/view.php?id=CVE-2010-0960
10 Mar 2010 — Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. Desbordamiento del búfer en qosmod de bos.net.tcp.server de IBM AIX v6.1 y VIOS v2.1 permite a usuarios locales aumentar privilegios a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/qosmod_advisory.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0961
https://notcve.org/view.php?id=CVE-2010-0961
10 Mar 2010 — Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. Desbordamiento del búfer en qoslist de bos.net.tcp.server de IBM AIX v6.1 y VIOS v2.1 permite a usuarios locales aumentar sus privilegios a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/qoslist_advisory.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-4361
https://notcve.org/view.php?id=CVE-2009-4361
21 Dec 2009 — Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en qoslist en IBM AIX v6.1 permite a usuarios locales provocar una denegación de servicio (caída de aplicación) o probablemente obtener privilegios mediante argumentos con cadenas largas. NOTA: algunos de estos detalles se han obte... • http://secunia.com/advisories/37833 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-4362
https://notcve.org/view.php?id=CVE-2009-4362
21 Dec 2009 — Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de búfer en qosmod en IBM AIX v6.1 permite a usuarios locales provocar una denegación de servicio (caída de aplicación) o probablemente obtener privilegios mediante argumentos con cadenas largas. NOTA: algunos de estos detalles se han obtenid... • http://secunia.com/advisories/37833 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2009-3900
https://notcve.org/view.php?id=CVE-2009-3900
06 Nov 2009 — Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp). Vulnerabilidad no especificada en el componente Cluster Management en IBM PowerHA v5.4, v5.4.1, v5.5, y v6.1 para AIX permite a atacantes remotos modificar la configuración del sistema operativo mediante paquetes al puerto godm (6177/tcp). • http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc •
CVSS: 10.0EPSS: 70%CPEs: 31EXPL: 2CVE-2009-3699 – AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3699
15 Oct 2009 — Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. Desbordamiento de búfer basado en pila en libcsa.a (también conocido como biblioteca del demonio calendario (calendar daemon library)) en IBM AIX v5.x hasta v5.3.10 y v6.x hasta v6.1.3, y VIOS v2.1 y versiones anteriores, permite a atac... • https://www.exploit-db.com/exploits/16929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2009-3516
https://notcve.org/view.php?id=CVE-2009-3516
01 Oct 2009 — gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors. gssd en IBM AIX v5.3.x hasta v5.3.9 y v6.1.0 hasta v6.1.2 no maneja adecuadamente las credenciales de caché NFSv4 Kerberos, lo que permite a atacantes locales eludir las restricciones de acceso para el recurso compartido "Kerberized NFSv4" a través de vectores no especific... • http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2009-3517
https://notcve.org/view.php?id=CVE-2009-3517
01 Oct 2009 — nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors. nfs.ext en IBM AIX v5.3.x hasta v5.3.9 y v6.1.0 hasta v6.1.2 no usa apropiadamente la configuración nfs_portmon, lo que permite a atacantes remotos eludir las restricciones de acceso para NFSv4 compartidos a través de vectores no especificados. • http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc •
CVSS: 9.8EPSS: 75%CPEs: 16EXPL: 2CVE-2009-2727 – ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
https://notcve.org/view.php?id=CVE-2009-2727
10 Aug 2009 — Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. Desbordamiento de búfer basado en pila en la función _tt_internal_realpath en la biblioteca ToolTalk (libtt.a) en IBM AIX v5.2.0, v5.3.0, v5.3.7 a la v5.3.10, y v6.1.0 ... • https://www.exploit-db.com/exploits/16930 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2009-2669 – IBM AIX 5.6/6.1 - '_LIB_INIT_DBG' Arbitrary File Overwrite via Libc Debug
https://notcve.org/view.php?id=CVE-2009-2669
05 Aug 2009 — A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1. Cierto componente de depuración en IBM AIX v5.3 y v6.1 no proporciona la gestión de los entornos (1) _LIB_INIT_DBG y (2) _LIB... • https://www.exploit-db.com/exploits/9645 • CWE-264: Permissions, Privileges, and Access Controls •