Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0991 | 1 Ibm | 1 Aix | 2024-11-20 | 2.1 LOW | N/A |
| RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. | |||||
| CVE-2005-0263 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. | |||||
| CVE-2005-0262 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument. | |||||
| CVE-2005-0261 | 1 Ibm | 1 Aix | 2024-11-20 | 2.1 LOW | N/A |
| lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. | |||||
| CVE-2005-0250 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument. | |||||
| CVE-2005-0240 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message. | |||||
| CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2024-11-20 | 2.1 LOW | N/A |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | |||||
| CVE-2004-2697 | 1 Ibm | 1 Aix | 2024-11-20 | 6.9 MEDIUM | N/A |
| The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. | |||||
| CVE-2004-2634 | 1 Ibm | 1 Aix | 2024-11-20 | 6.2 MEDIUM | N/A |
| The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors. | |||||
| CVE-2004-2388 | 1 Ibm | 1 Aix | 2024-11-20 | 10.0 HIGH | N/A |
| rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | |||||
| CVE-2004-2312 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. | |||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | |||||
| CVE-2004-1329 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | |||||
| CVE-2004-1054 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. | |||||
| CVE-2004-1028 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. | |||||
| CVE-2004-0828 | 1 Ibm | 1 Aix | 2024-11-20 | 2.1 LOW | N/A |
| The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. | |||||
| CVE-2004-0545 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2004-0544 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
| Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands. | |||||
| CVE-2004-0368 | 3 Ibm, Open Group, Xi Graphics | 3 Aix, Cde Common Desktop Environment, Dextop | 2024-11-20 | 10.0 HIGH | N/A |
| Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. | |||||
| CVE-2004-0243 | 1 Ibm | 1 Aix | 2024-11-20 | 5.0 MEDIUM | N/A |
| AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods. | |||||