bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."
CVSS Score
7.8
EPSS Score
0.004
Published
2010-03-26
Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2010-03-10
Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2010-03-10
Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300-11-02 allows attackers to cause a denial of service (LDAP login failure) via unknown vectors. NOTE: some of these details are obtained from third party information. NOTE: there may be no attacker role, and the issue may be triggered entirely by an administrator's installation of an official service pack.
CVSS Score
7.8
EPSS Score
0.004
Published
2010-03-03
Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information.
CVSS Score
7.2
EPSS Score
0.0
Published
2009-12-21
Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information.
CVSS Score
7.2
EPSS Score
0.0
Published
2009-12-21
Unspecified vulnerability in the Cluster Management component in IBM PowerHA 5.4, 5.4.1, 5.5, and 6.1 on AIX allows remote attackers to modify the operating-system configuration via packets to the godm port (6177/tcp).
CVSS Score
7.8
EPSS Score
0.009
Published
2009-11-06
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
CVSS Score
10.0
EPSS Score
0.789
Published
2009-10-15
gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2009-10-01
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.025
Published
2009-10-01