Ibm

Aix

389 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2013-3005

  • EPSS 1.24%
  • Published 06.07.2013 13:57:36
  • Last modified 11.04.2025 00:51:21

The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors.

7.1

CVE-2013-3035

  • EPSS 6.66%
  • Published 21.06.2013 14:55:01
  • Last modified 11.04.2025 00:51:21

The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface.

6.8

CVE-2012-4845

  • EPSS 0.44%
  • Published 20.10.2012 10:41:27
  • Last modified 11.04.2025 00:51:21

The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executa...

2.1

CVE-2012-4833

  • EPSS 0.05%
  • Published 01.10.2012 18:55:01
  • Last modified 11.04.2025 00:51:21

fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.

5

CVE-2012-4817

  • EPSS 2.44%
  • Published 14.09.2012 23:55:15
  • Last modified 11.04.2025 00:51:21

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

4.9

CVE-2012-0723

  • EPSS 0.07%
  • Published 30.07.2012 19:55:01
  • Last modified 11.04.2025 00:51:21

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

7.2

CVE-2012-2200

  • EPSS 0.11%
  • Published 27.06.2012 10:18:37
  • Last modified 11.04.2025 00:51:21

The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory.

6.9

CVE-2012-2179

  • EPSS 0.22%
  • Published 22.06.2012 10:24:07
  • Last modified 11.04.2025 00:51:21

libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

4.9

CVE-2012-2192

  • EPSS 0.06%
  • Published 20.06.2012 10:27:28
  • Last modified 11.04.2025 00:51:21

The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list.

7.2

CVE-2012-0745

  • EPSS 0.08%
  • Published 04.05.2012 16:55:01
  • Last modified 11.04.2025 00:51:21

The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.