CVE-2013-4011
- EPSS 2.85%
- Veröffentlicht 18.07.2013 16:51:55
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
CVE-2013-3005
- EPSS 2.96%
- Veröffentlicht 06.07.2013 13:57:36
- Zuletzt bearbeitet 29.04.2026 01:13:23
The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors.
CVE-2013-3035
- EPSS 3.63%
- Veröffentlicht 21.06.2013 14:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.
CVE-2012-4845
- EPSS 1.62%
- Veröffentlicht 20.10.2012 10:41:27
- Zuletzt bearbeitet 16.06.2026 23:45:46
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executa...
CVE-2012-4833
- EPSS 0.39%
- Veröffentlicht 01.10.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:45:45
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.
- EPSS 7.59%
- Veröffentlicht 14.09.2012 23:55:15
- Zuletzt bearbeitet 16.06.2026 23:45:43
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2012-0723
- EPSS 0.39%
- Veröffentlicht 30.07.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:08
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.
CVE-2012-2200
- EPSS 0.37%
- Veröffentlicht 27.06.2012 10:18:37
- Zuletzt bearbeitet 16.06.2026 23:41:10
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.
CVE-2012-2179
- EPSS 1.75%
- Veröffentlicht 22.06.2012 10:24:07
- Zuletzt bearbeitet 16.06.2026 23:41:08
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2012-2192
- EPSS 0.42%
- Veröffentlicht 20.06.2012 10:27:28
- Zuletzt bearbeitet 16.06.2026 23:41:09
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.