Search Results (Refine Search)
- Keyword (text search): cpe:/o:ibm:aix:5.3
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1655 |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748. Published: June 22, 2018; 10:29:00 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2017-1692 |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067. Published: February 07, 2018; 12:29:01 PM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-1541 |
A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809. Published: October 03, 2017; 9:29:03 PM -0400 |
V3.0: 7.3 HIGH V2.0: 7.5 HIGH |
CVE-2016-6079 |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. Published: February 15, 2017; 2:59:00 PM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-6038 |
Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL. Published: September 26, 2016; 1:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-0281 |
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. Published: August 07, 2016; 9:59:02 PM -0400 |
V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2016-0266 |
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. Published: August 07, 2016; 9:59:00 PM -0400 |
V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2015-4948 |
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. Published: October 15, 2015; 9:59:02 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2014-8904 |
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. Published: January 15, 2015; 5:59:03 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2014-3566 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. Published: October 14, 2014; 8:55:02 PM -0400 |
V3.1: 3.4 LOW V2.0: 4.3 MEDIUM |
CVE-2014-0930 |
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. Published: May 08, 2014; 6:55:03 AM -0400 |
V3.x:(not available) V2.0: 4.7 MEDIUM |
CVE-2012-4817 |
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. Published: September 14, 2012; 7:55:15 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-0723 |
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. Published: July 30, 2012; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2179 |
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. Published: June 22, 2012; 6:24:07 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2012-2192 |
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list. Published: June 20, 2012; 6:27:28 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-0745 |
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2011-1385 |
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. Published: March 02, 2012; 5:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-0194 |
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. Published: February 06, 2012; 3:55:02 PM -0500 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2011-1384 |
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. Published: January 03, 2012; 10:55:04 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-3406 |
Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to leverage system group membership and delete files via unknown vectors. Published: September 16, 2010; 5:00:01 PM -0400 |
V3.x:(not available) V2.0: 1.7 LOW |