Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-10 | CVE-2005-0261 | Local File Disclosure vulnerability in IBM AIX LSPath Unauthorized lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. | 2.1 |
2004-12-31 | CVE-2004-2311 | Directory Traversal vulnerability in IBM Lotus Domino 6.5.1 Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. | 3.6 |
2004-12-31 | CVE-2004-2319 | Local Privilege Escalation vulnerability in IBM products IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. | 3.6 |
2004-11-03 | CVE-2004-0828 | Local File Corruption vulnerability in IBM CTSTRTCASD Utility The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files. | 2.1 |
2003-12-31 | CVE-2003-1437 | Unspecified vulnerability in BEA Weblogic Server 7.0/7.0.0.1 BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | 2.1 |
2003-12-31 | CVE-2003-1447 | Cryptographic Issues vulnerability in IBM Websphere Application Server 4.0.4 IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | 1.9 |
2002-12-31 | CVE-2002-1687 | Local Security vulnerability in AIX Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable. | 2.1 |
2002-12-31 | CVE-2002-1731 | Unspecified vulnerability in IBM OS 400 The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF. | 2.1 |
2002-08-12 | CVE-2002-0790 | Local Security vulnerability in IBM AIX clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. | 2.1 |
2002-02-13 | CVE-2001-1079 | Denial-Of-Service vulnerability in IBM AIX 3.2.0 create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. | 3.6 |