Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1383 |
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117. Published: February 13, 2018; 3:29:00 PM -0500 |
V3.0: 9.1 CRITICAL V2.0: 9.0 HIGH |
CVE-2011-1384 |
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. Published: January 03, 2012; 10:55:04 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2009-3699 |
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. Published: October 15, 2009; 6:30:01 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-3517 |
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors. Published: October 01, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-3516 |
gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors. Published: October 01, 2009; 11:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2009-2727 |
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. Published: August 10, 2009; 7:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0536 |
at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges. Published: February 11, 2009; 3:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-0370 |
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files." Published: January 30, 2009; 2:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2008-5387 |
Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. Published: December 08, 2008; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2008-5386 |
Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors. Published: December 08, 2008; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2008-5385 |
enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors. Published: December 08, 2008; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2008-5384 |
crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor. Published: December 08, 2008; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |