Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  Security Vulnerabilities
CVE-2005-0250
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2005-05-02
CVE-2005-0262
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-05-02
CVE-2005-0263
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-05-02
CVE-2005-0991
RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-05-02
CVE-2005-1037
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
CVSS Score
10.0
EPSS Score
0.013
Published
2005-05-02
CVE-2005-1176
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information.
CVSS Score
1.2
EPSS Score
0.001
Published
2005-05-02
CVE-2005-0261
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-02-10
CVE-2005-0156
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVSS Score
2.1
EPSS Score
0.004
Published
2005-02-07
CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
CVSS Score
7.2
EPSS Score
0.0
Published
2005-01-10
CVE-2004-1054
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved