Vulnerabilities > IBM > AIX > 5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-10 | CVE-2005-0261 | Local File Disclosure vulnerability in IBM AIX LSPath Unauthorized lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. | 2.1 |
2005-01-10 | CVE-2004-1054 | Unspecified vulnerability in IBM AIX Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. | 7.2 |
2005-01-10 | CVE-2004-1028 | Unspecified vulnerability in IBM AIX Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod. | 7.2 |
2004-12-31 | CVE-2004-1330 | Local Buffer Overflow vulnerability in IBM AIX PAGINIT Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | 7.2 |
2004-12-20 | CVE-2004-1329 | Local Privilege Escalation vulnerability in IBM AIX Diag Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. | 7.2 |
2004-11-03 | CVE-2004-0828 | Local File Corruption vulnerability in IBM CTSTRTCASD Utility The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. | 2.1 |