Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-0723 |
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. Published: July 30, 2012; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-2200 |
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory. Published: June 27, 2012; 6:18:37 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-2179 |
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. Published: June 22, 2012; 6:24:07 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2012-2192 |
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list. Published: June 20, 2012; 6:27:28 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2012-0745 |
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-1796 |
Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors. Published: March 20, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-0711 |
Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. Published: March 20, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2011-1385 |
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. Published: March 02, 2012; 5:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-0194 |
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. Published: February 06, 2012; 3:55:02 PM -0500 |
V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2011-1384 |
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file. Published: January 03, 2012; 10:55:04 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2011-4834 |
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt. Published: December 14, 2011; 10:57:35 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2011-4160 |
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors. Published: November 23, 2011; 11:01:06 PM -0500 |
V3.x:(not available) V2.0: 3.2 LOW |
CVE-2011-1375 |
IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call. Published: November 11, 2011; 4:55:00 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2011-3982 |
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. Published: October 04, 2011; 10:56:24 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2011-1222 |
Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. Published: July 17, 2011; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2008-7288 |
IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. Published: April 21, 2011; 6:55:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2011-1561 |
The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password. Published: April 05, 2011; 11:19:35 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-4773 |
Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) 2010.11.15; Hitachi EUR Form Service before 05-10 -/D 2010.11.15; and uCosminexus EUR Form Service before 07-60 -/D 2010.11.15 on Windows, before 05-10 -/D 2010.11.15 and 07-50 -/D 2010.11.15 on Linux, and before 07-50 -/C 2010.11.15 on AIX; allows remote attackers to execute arbitrary code via unknown attack vectors. Published: March 23, 2011; 6:00:02 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2009-5062 |
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9. Published: March 22, 2011; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2011-0637 |
The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors. Published: January 24, 2011; 8:00:02 PM -0500 |
V3.x:(not available) V2.0: 4.9 MEDIUM |