U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 86 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2007-1043

Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.

Published: February 21, 2007; 12:28:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2006-6914

Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.

Published: December 31, 2006; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2006-6915

ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.

Published: December 31, 2006; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2006-5003

Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-5004

Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2006-5005

Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-5006

Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-5007

Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2006-5008

Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2006-5009

Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow.

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2006-5011

Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".

Published: September 26, 2006; 9:07:00 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2004-0243

AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.

Published: November 23, 2004; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-1550

dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Published: March 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2002-1551

Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.

Published: March 31, 2003; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2002-1686

Buffer overflow in lscfg of unknown versions of AIX has unknown impact.

Published: December 31, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2002-1687

Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.

Published: December 31, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-1040

Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.

Published: October 04, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-1041

Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

Published: October 04, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0790

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.

Published: August 12, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2001-1529

Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.

Published: December 31, 2001; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH