Vulnerabilities > IBM > AIX > 5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-30 | CVE-2010-3187 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command. | 10.0 |
2010-05-20 | CVE-2010-1039 | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. | 10.0 |
2009-10-15 | CVE-2009-3699 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX and Vios Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. | 10.0 |
2006-08-28 | CVE-2006-4416 | Local Insecure Program Execution vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program. | 7.2 |
2006-08-21 | CVE-2006-4254 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. | 7.5 |
2006-05-30 | CVE-2006-2647 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | 7.2 |
2006-04-19 | CVE-2006-1247 | Link Following vulnerability in IBM AIX rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 3.3 |
2005-12-15 | CVE-2005-4272 | Local Buffer Overflow vulnerability in IBM AIX slocal Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal. | 10.0 |
2005-12-08 | CVE-2005-4068 | Absolute Path Security vulnerability in IBM AIX 5.1/5.2/5.3 Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors. | 7.2 |
2005-11-01 | CVE-2005-3396 | Local Buffer Overflow vulnerability in IBM AIX CHCONS Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument. | 7.5 |