CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2011-1384
https://notcve.org/view.php?id=CVE-2011-1384
04 Jan 2012 — The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. El programa (1) bin/invscoutClient_VPD_Survey y (2) sbin/invscout_lsvpd en invscout.rte antes de v2.2.0.19 en IBM AIX v7.1, v6.1, v5.3, y anteriores, permite a usuarios locales borrar archivos de su elección o lanzar la... • http://aix.software.ibm.com/aix/efixes/security/invscout_advisory2.asc • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-7288
https://notcve.org/view.php?id=CVE-2008-7288
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. IBM Tivoli Directory Server (TDS) v5.2 anterior a v5.2.0.5-ITV-ITDS-LA0007 en AIX permite a atacantes remotos provocar una denegación de servicio (servidor de desestabilización) a través de una operación de asignación DIGEST-MD5 LDAP. • http://www.ibm.com/support/docview.wss?uid=swg1IO09666 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 28%CPEs: 1EXPL: 7CVE-2010-3187 – AIX5l with FTP-Server - Hash Disclosure
https://notcve.org/view.php?id=CVE-2010-3187
30 Aug 2010 — Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. Desbordamiento de buffer en ftpd de IBM AIX v5.3 y versiones anteriores. Permite a atacantes remotos ejecutar código de su elección a través de un comando NLST extenso. • https://www.exploit-db.com/exploits/14409 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 25%CPEs: 45EXPL: 1CVE-2010-1039 – rpc.pcnfsd - Remote Format String
https://notcve.org/view.php?id=CVE-2010-1039
20 May 2010 — Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. Vulnerabilidad de cadena de formato en la función _msgout en rpc.pcnfsd en AIX de IBM versiones 6.1, 5.3 y anteriores; VIOS de IBM versiones 2.1, 1.5 ... • https://www.exploit-db.com/exploits/14407 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 10.0EPSS: 88%CPEs: 31EXPL: 2CVE-2009-3699 – AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3699
15 Oct 2009 — Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. Desbordamiento de búfer basado en pila en libcsa.a (también conocido como biblioteca del demonio calendario (calendar daemon library)) en IBM AIX v5.x hasta v5.3.10 y v6.x hasta v6.1.3, y VIOS v2.1 y versiones anteriores, permite a atac... • https://www.exploit-db.com/exploits/16929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 49%CPEs: 16EXPL: 2CVE-2009-2727 – ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
https://notcve.org/view.php?id=CVE-2009-2727
10 Aug 2009 — Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. Desbordamiento de búfer basado en pila en la función _tt_internal_realpath en la biblioteca ToolTalk (libtt.a) en IBM AIX v5.2.0, v5.3.0, v5.3.7 a la v5.3.10, y v6.1.0 ... • https://www.exploit-db.com/exploits/16930 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2009-1355
https://notcve.org/view.php?id=CVE-2009-1355
21 Apr 2009 — Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. Desbordamiento de búfer basado en pila en muxatmd en IBM AIX v5.2, v5.3, y v6.1 permite a usuarios locales conseguir privilegios a través de un nombre largo de fichero. • http://aix.software.ibm.com/aix/efixes/security/muxatmd_advisory.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2009-0536
https://notcve.org/view.php?id=CVE-2009-0536
11 Feb 2009 — at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges. at en bos.rte.cron sobre IBM AIX v5.2.0, v5.3.0 a la v 5.3.9 y de la v6.1.0 a la 6.1.2, permite a usuarios locales leer ficheros de su elección a través de vectores sin especificar, relacionado con el fallo al quitar privilegios de root (administrador). • http://aix.software.ibm.com/aix/efixes/security/at_advisory.asc • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2009-0370
https://notcve.org/view.php?id=CVE-2009-0370
30 Jan 2009 — Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files." Múltiples vulnerabilidades no especificadas en IBM AIX v5.2.0 hasta v6.1.2; permiten a usuarios locales incluir datos en ficheros arbitrarios. Está relacionado con (1) rmsock y (2) rmsock64 que no crean "ficheros de log seguros." • http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2008-4018
https://notcve.org/view.php?id=CVE-2008-4018
10 Sep 2008 — swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805. swcons en bos.rte.console en IBM AIX v5.2.0 a v 6.1.1, permite a usuarios locales en el grupo de "sistema" crear o sobreescribir archivos de su elección y establece... • http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc • CWE-264: Permissions, Privileges, and Access Controls •