CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2011-1384
https://notcve.org/view.php?id=CVE-2011-1384
04 Jan 2012 — The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. El programa (1) bin/invscoutClient_VPD_Survey y (2) sbin/invscout_lsvpd en invscout.rte antes de v2.2.0.19 en IBM AIX v7.1, v6.1, v5.3, y anteriores, permite a usuarios locales borrar archivos de su elección o lanzar la... • http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 79%CPEs: 1EXPL: 7CVE-2010-3187 – AIX5l with FTP-Server - Hash Disclosure
https://notcve.org/view.php?id=CVE-2010-3187
30 Aug 2010 — Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. Desbordamiento de buffer en ftpd de IBM AIX v5.3 y versiones anteriores. Permite a atacantes remotos ejecutar código de su elección a través de un comando NLST extenso. • https://www.exploit-db.com/exploits/14409 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 26%CPEs: 45EXPL: 1CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
20 May 2010 — Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 ... • https://www.exploit-db.com/exploits/14407 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 10.0EPSS: 70%CPEs: 31EXPL: 2CVE-2009-3699 – AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3699
15 Oct 2009 — Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. Desbordamiento de búfer basado en pila en libcsa.a (también conocido como biblioteca del demonio calendario (calendar daemon library)) en IBM AIX v5.x hasta v5.3.10 y v6.x hasta v6.1.3, y VIOS v2.1 y versiones anteriores, permite a atac... • https://www.exploit-db.com/exploits/16929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-4416
https://notcve.org/view.php?id=CVE-2006-4416
28 Aug 2006 — Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program. Vulnerabilidad de ruta de búsqueda no confiable en el comando mkvg en IBM AIX 5.2 y 5.3 permite a usuarios locales escalar privilegios modificando la ruta para apuntar a programas (1) chdev, (2) mkboot, (3) varyonvg, o (4) varyoffvg maliciosos. • ftp://aix.software.ibm.com/aix/efixes/security/README •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 1CVE-2006-4254 – IBM AIX 5.3.0 - 'setlocale()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-4254
21 Aug 2006 — Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. Vulnerabilidad no especificada en setlocale en IBM AIX 5.1.0 hasta 5.3.0 permite a usuarios locales escalar privilegios a través de vectores no especificados. • https://www.exploit-db.com/exploits/4612 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-2647
https://notcve.org/view.php?id=CVE-2006-2647
30 May 2006 — Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. • http://secunia.com/advisories/20325 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2006-1247
https://notcve.org/view.php?id=CVE-2006-1247
19 Apr 2006 — rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. • http://secunia.com/advisories/19656 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 22%CPEs: 7EXPL: 0CVE-2005-4272
https://notcve.org/view.php?id=CVE-2005-4272
15 Dec 2005 — Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal. • http://secunia.com/advisories/18088 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-4068
https://notcve.org/view.php?id=CVE-2005-4068
08 Dec 2005 — Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors. • http://secunia.com/advisories/17924 •