CVE-2015-5005
https://notcve.org/view.php?id=CVE-2015-5005
CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list. CSPOC en IBM PowerHA SystemMirror en AIX 6.1 y 7.1 permite a usuarios remotos autenticados ejecutar una acción 'su root' aprovechando la presencia en la lista de cambio de contraseñas del clúster. • http://aix.software.ibm.com/aix/efixes/security/powerha_advisory.asc http://www-01.ibm.com/support/docview.wss?uid=isg1IV76943 http://www-01.ibm.com/support/docview.wss?uid=isg1IV76946 http://www-01.ibm.com/support/docview.wss?uid=isg1IV77007 http://www.securityfocus.com/bid/76948 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-3900
https://notcve.org/view.php?id=CVE-2009-3900
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp). Vulnerabilidad no especificada en el componente Cluster Management en IBM PowerHA v5.4, v5.4.1, v5.5, y v6.1 para AIX permite a atacantes remotos modificar la configuración del sistema operativo mediante paquetes al puerto godm (6177/tcp). • http://aix.software.ibm.com/aix/efixes/security/haport_advisory.asc http://secunia.com/advisories/37267 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61323 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ61325 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ62630 http://www.securityfocus.com/bid/36931 http://www.vupen.com/english/advisories/2009/3153 https://exchange.xforce.ibmcloud.com/vulnerabilities/54154 •