Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  >> 5.2  Security Vulnerabilities
CVE-2005-0156
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVSS Score
2.1
EPSS Score
0.004
Published
2005-02-07
CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
CVSS Score
7.2
EPSS Score
0.0
Published
2005-01-10
CVE-2004-1054
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-01-10
CVE-2004-1330
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
CVSS Score
7.2
EPSS Score
0.003
Published
2004-12-31
CVE-2004-2634
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
CVSS Score
6.2
EPSS Score
0.0
Published
2004-12-31
CVE-2004-1329
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
CVSS Score
7.2
EPSS Score
0.004
Published
2004-12-20
CVE-2004-0243
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-11-23
CVE-2004-0828
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-11-03
CVE-2004-0544
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
CVSS Score
7.2
EPSS Score
0.007
Published
2004-08-06
CVE-2004-0545
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-08-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved