Page 9 of 59 results (0.002 seconds)

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information. El sistema de ficheros proc en el kernel de IBM AIX 5.2 y 5.3 no refuerza adecuadamente los permisos de directorio cuando un archivo se ejecuta desde un directorio que tiene permisos más débiles que los del propio directorio, lo que permite a usuarios locales obtener información sensible. • http://securitytracker.com/id?1019606 http://www.ibm.com/support/docview.wss?uid=isg1IZ06022 http://www.ibm.com/support/docview.wss?uid=isg1IZ06505 http://www.ibm.com/support/docview.wss?uid=isg1IZ06663 http://www.securityfocus.com/bid/28467 http://www.vupen.com/english/advisories/2008/0865 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd? • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors. El programa ps en bos.rte.control de IBM AIX 5.2, 5.3 y 6.1. Permite a usuarios locales obtener información sensible a través de vectores no especificados. • http://secunia.com/advisories/28609 http://securitytracker.com/id?1019265 http://www.ibm.com/support/docview.wss?uid=isg1IZ11242 http://www.ibm.com/support/docview.wss?uid=isg1IZ11243 http://www.ibm.com/support/docview.wss?uid=isg1IZ11244 http://www.ibm.com/support/docview.wss? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option. Desbordamiento de búfer en el programa pioout de printers.rte en IBM AIX 5.2, 5.3, y 6.1 permite a usuarios locales obtener privilegios mediante una opción larga de línea de comando. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=648 http://secunia.com/advisories/28609 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10840 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10841 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10842 http://www-1.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0

rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. • http://secunia.com/advisories/19656 http://securitytracker.com/id?1015952 http://www-1.ibm.com/support/docview.wss?uid=isg1IY82357 http://www.nsfocus.com/english/homepage/research/0603.htm http://www.osvdb.org/24706 http://www.securityfocus.com/archive/1/431846/100/0/threaded http://www.securityfocus.com/archive/1/431848/100/0/threaded http://www.securityfocus.com/bid/17576 http://www.vupen.com/english/advisories/2006/1389 https://exchange.xforce.ibmcloud.com/vulnerabilities • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX. • http://secunia.com/advisories/18795 http://www-1.ibm.com/support/search.wss?rs=0&q=IY79595&apar=only http://www.osvdb.org/23127 http://www.securityfocus.com/bid/16624 http://www.vupen.com/english/advisories/2006/0573 https://exchange.xforce.ibmcloud.com/vulnerabilities/24711 •