National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:ibm:aix:5.1
There are 51 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2011-1384

The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file.

Published: January 03, 2012; 10:55:04 PM -05:00
V2: 4.0 MEDIUM
CVE-2010-3187

Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.

Published: August 30, 2010; 04:00:04 PM -04:00
V2: 10.0 HIGH
CVE-2010-1039

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Published: May 20, 2010; 01:30:01 PM -04:00
V2: 10.0 HIGH
CVE-2009-3699

Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.

Published: October 15, 2009; 06:30:01 AM -04:00
V2: 10.0 HIGH
CVE-2006-4416

Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.

Published: August 28, 2006; 04:04:00 PM -04:00
V2: 7.2 HIGH
CVE-2006-4254

Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.

Published: August 21, 2006; 04:04:00 PM -04:00
V2: 7.5 HIGH
CVE-2006-2647

Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

Published: May 30, 2006; 06:02:00 AM -04:00
V2: 7.2 HIGH
CVE-2006-1247

rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Published: April 19, 2006; 12:06:00 PM -04:00
V2: 3.3 LOW
CVE-2005-4272

Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.

Published: December 15, 2005; 05:03:00 PM -05:00
V2: 10.0 HIGH
CVE-2005-4068

Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors.

Published: December 07, 2005; 08:03:00 PM -05:00
V2: 7.2 HIGH
CVE-2005-3396

Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.

Published: November 01, 2005; 07:47:00 AM -05:00
V2: 7.5 HIGH
CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.

Published: July 12, 2005; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.

Published: July 12, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-2234

Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

Published: July 12, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-2235

Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

Published: July 12, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-2238

ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports.

Published: July 12, 2005; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2005-0250

Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.

Published: May 02, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-0262

Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.

Published: May 02, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-0263

Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.

Published: May 02, 2005; 12:00:00 AM -04:00
V2: 7.2 HIGH
CVE-2005-0991

RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.

Published: May 02, 2005; 12:00:00 AM -04:00
V2: 2.1 LOW