Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  Security Vulnerabilities
CVE-2004-1329
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
CVSS Score
7.2
EPSS Score
0.004
Published
2004-12-20
CVE-2004-0243
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-11-23
CVE-2004-0828
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-11-03
CVE-2004-0544
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
CVSS Score
7.2
EPSS Score
0.007
Published
2004-08-06
CVE-2004-0545
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-08-06
CVE-2004-0368
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
CVSS Score
10.0
EPSS Score
0.541
Published
2004-05-04
CVE-2003-0257
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2004-04-15
CVE-2003-0170
Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors.
CVSS Score
10.0
EPSS Score
0.012
Published
2004-03-29
CVE-2003-1018
Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-03-29
CVE-2003-0119
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.
CVSS Score
7.5
EPSS Score
0.032
Published
2004-02-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved