Vulnerabilities > IBM > AIX > 5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-03 | CVE-2007-0670 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM AIX 5.2/5.3 Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin. | 4.6 |
2007-01-19 | CVE-2007-0392 | Local Security vulnerability in IBM AIX 5.3 IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572. | 4.6 |
2006-09-01 | CVE-2006-4522 | Local Privilege Escalation vulnerability in IBM AIX Dtterm Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code with root privileges via unspecified vectors. | 7.2 |
2006-08-28 | CVE-2006-4416 | Local Insecure Program Execution vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program. | 7.2 |
2006-08-21 | CVE-2006-4254 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. | 7.5 |
2006-05-30 | CVE-2006-2647 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | 7.2 |
2006-04-19 | CVE-2006-1247 | Link Following vulnerability in IBM AIX rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 3.3 |
2006-03-17 | CVE-2006-1246 | Local Privilege Escalation vulnerability in IBM AIX 5.3 Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability. | 7.2 |
2006-03-10 | CVE-2006-0667 | Local Security vulnerability in AIX 5.2/5.3 lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. | 4.6 |
2006-02-15 | CVE-2006-0666 | Local Kernel Denial Of Service vulnerability in IBM AIX 5.3/5.3L Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX. | 4.9 |