Vulnerabilities > IBM > AIX > 5.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-03-26 | CVE-2010-1124 | Remote Denial of Service vulnerability in IBM AIX 'getaddrinfo()' bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses." | 7.8 |
| 2009-10-15 | CVE-2009-3699 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX and Vios Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. | 10.0 |
| 2009-10-01 | CVE-2009-3517 | Authentication Bypass vulnerability in IBM AIX 'nfs_portmon' nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors. | 10.0 |
| 2009-10-01 | CVE-2009-3516 | Credentials Management vulnerability in IBM AIX gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors. | 7.2 |
| 2009-08-10 | CVE-2009-2727 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. | 9.3 |
| 2009-02-11 | CVE-2009-0536 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges. | 4.9 |
| 2008-09-11 | CVE-2007-6717 | Buffer Errors vulnerability in IBM AIX 5.2.0/5.3.0 Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2007-07-11 | CVE-2007-3680 | Buffer Errors vulnerability in IBM AIX 5.2.0/5.3.0 Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable. | 7.2 |
| 2007-01-31 | CVE-2007-0618 | Authentication Bypass vulnerability in IBM AIX 5.3.0 Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." | 7.5 |
| 2006-12-31 | CVE-2006-6915 | Denial Of Service vulnerability in IBM AIX 5.2.0/5.3.0 ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. | 4.0 |