Vulnerabilities > IBM > Vios > 2.2.1.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-15 | CVE-2016-8972 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. | 7.2 |
| 2017-02-15 | CVE-2016-6079 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | 7.2 |
| 2016-08-08 | CVE-2016-0281 | Improper Input Validation vulnerability in IBM AIX and Vios The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. | 4.3 |
| 2016-08-08 | CVE-2016-0266 | 7PK - Security Features vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. | 4.3 |
| 2015-01-15 | CVE-2014-8904 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. | 7.2 |
| 2014-10-15 | CVE-2014-3566 | Cryptographic Issues vulnerability in multiple products The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | 3.4 |
| 2014-07-02 | CVE-2014-3074 | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. | 7.2 |
| 2014-06-08 | CVE-2014-3977 | Link Following vulnerability in IBM AIX and Vios libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | 6.9 |
| 2014-05-08 | CVE-2014-0930 | Unspecified vulnerability in IBM AIX and Vios The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. local ibm | 4.7 |
| 2012-09-14 | CVE-2012-4817 | Unspecified vulnerability in IBM AIX and Vios The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. | 5.0 |