CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4217
https://notcve.org/view.php?id=CVE-2007-4217
Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. Desbordamiento de búfer basado en pila en la función domacro del ftp de IBM AIX 5.2 y 5.3 permite a usuarios locales obtener privilegios mediante un parámetro largo en una macro, como se demuestra ejecutando una macro mediante el comando '$'. • ftp://aix.software.ibm.com/aix/efixes/security/ftp_ifix.tar http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=616 http://secunia.com/advisories/27437 http://securitytracker.com/id?1018871 http://www.ibm.com/support/docview.wss?uid=isg1IZ05487 http://www.ibm.com/support/docview.wss?uid=isg1IZ05488 http://www.securityfocus.com/bid/26260 http://www.vupen.com/english/advisories/2007/3669 http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4513
https://notcve.org/view.php?id=CVE-2007-4513
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. Múltiples desbordamientos de búfer basados en pila en IBM AIX 5.2 y 5.3 permiten a usuarios locales obtener privilegios mediante un argumento largo en la opción "-p" en lqueryvg ó (2) la opción "-V" en lquerypv. • ftp://aix.software.ibm.com/aix/efixes/security/lquerypv_ifix.tar ftp://aix.software.ibm.com/aix/efixes/security/lqueryvg_ifix.tar http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=614 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=615 http://secunia.com/advisories/27437 http://securitytracker.com/id?1018871 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05129 http://www-1.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4622
https://notcve.org/view.php?id=CVE-2007-4622
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. Desbordamiento inferior de entero en la función dns_name_fromtext en (1) libdns_nonsecure.a y (2) libdns_secure.a de IBM AIX 5.2 permite a usuarios locales obtener privilegios mediante un argumento "-y" (TSIG key) manipulado en línea de comandos en dig. • ftp://aix.software.ibm.com/aix/efixes/security/dig_ifix.tar http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=613 http://secunia.com/advisories/27437 http://securitytracker.com/id?1018871 http://www.ibm.com/support/docview.wss?uid=isg1IZ05017 http://www.securityfocus.com/bid/26262 http://www.vupen.com/english/advisories/2007/3669 https://exchange.xforce.ibmcloud.com/vulnerabilities/38169 • CWE-189: Numeric Errors •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4621
https://notcve.org/view.php?id=CVE-2007-4621
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments. Desbordamiento de búfer en crontab de IBM AIX 5.2 permite a usuarios locales obtener privilegios mediante argumentos largos de línea de comandos. • ftp://aix.software.ibm.com/aix/efixes/security/crontab_ifix.tar http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=612 http://secunia.com/advisories/27437 http://securitytracker.com/id?1018871 http://www.ibm.com/support/docview.wss?uid=isg1IZ04832 http://www.securityfocus.com/bid/26263 http://www.vupen.com/english/advisories/2007/3669 https://exchange.xforce.ibmcloud.com/vulnerabilities/38164 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4798
https://notcve.org/view.php?id=CVE-2007-4798
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix". Vulnerabilidad no especificada en invscout en Inventory Scout en invscout.rte en IBM AIX 5.2 y 5.3 permite a usuarios locales borrar archivos del sistema que tengan nombres que validan el final de la cadena un alias de un nombre de host, como se demostró con la finalización de un nombre de host en "unix". • http://osvdb.org/40393 http://secunia.com/advisories/26715 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506 http://www.securityfocus.com/bid/25556 http://www.vupen.com/english/advisories/2007/3059 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847 https://exchange.xforce.ibmcloud.com/vulnerabilities/36447 • CWE-264: Permissions, Privileges, and Access Controls •