The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
Max CVSS
6.9
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-29
Stack-based buffer overflow in capture in IBM AIX 5.3 SP6 and 5.2.0 allows remote attackers to execute arbitrary code via a large number of terminal control sequences.
Max CVSS
6.9
EPSS Score
5.07%
Published
2007-07-26
Updated
2017-07-29
pioout in IBM AIX 5.3 SP6 allows local users to execute arbitrary code by specifying a malicious library with the -R (ParseRoutine) command line argument.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-07-26
Updated
2017-07-29
Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-07-26
Updated
2017-07-29
Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-08
Updated
2011-03-08
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-08
Updated
2011-03-08
AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-08
Updated
2011-03-08
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users in the system group to gain root privileges via unspecified vectors involving the (1) chpath, (2) rmpath, and (3) devinstall programs in bos.rte.methods.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-08-15
Updated
2017-07-29
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-11-05
Updated
2017-07-29
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this issue is due to an incomplete fix for CVE-2007-5804.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-11-05
Updated
2017-07-29
Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-03-10
Updated
2017-09-29
crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-12-09
Updated
2017-09-29
enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-12-09
Updated
2008-12-17
Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-12-09
Updated
2008-12-17
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-05-26
Updated
2017-09-29
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-06-22
Updated
2017-08-29
Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-10-04
Updated
2017-09-19
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
Max CVSS
6.9
EPSS Score
0.04%
Published
2014-06-08
Updated
2021-08-31
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2015-10-16
Updated
2016-12-08
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.04%
Published
2010-09-16
Updated
2018-11-28
The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password.
Max CVSS
6.8
EPSS Score
0.43%
Published
2011-04-05
Updated
2011-04-05
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.
Max CVSS
6.8
EPSS Score
0.16%
Published
2012-10-20
Updated
2021-08-31
Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."
Max CVSS
6.6
EPSS Score
0.04%
Published
2007-06-04
Updated
2012-10-31
Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".
Max CVSS
6.6
EPSS Score
0.04%
Published
2007-09-10
Updated
2017-07-29
sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 has world writable permissions for unspecified WebSM Remote Client files, which allows local users to "alter the behavior of" this client by overwriting these files.
Max CVSS
6.6
EPSS Score
0.04%
Published
2008-02-05
Updated
2017-08-08
57 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!