Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aix  >> 5.1l  Security Vulnerabilities
CVE-2004-1054
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-01-10
CVE-2004-2697
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
CVSS Score
6.9
EPSS Score
0.007
Published
2004-12-31
CVE-2004-1329
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
CVSS Score
7.2
EPSS Score
0.004
Published
2004-12-20
CVE-2004-0243
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-11-23
CVE-2003-0914
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
CVSS Score
4.3
EPSS Score
0.198
Published
2003-12-15
CVE-2003-0285
IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.
CVSS Score
5.0
EPSS Score
0.012
Published
2003-06-16
CVE-2002-1550
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
CVE-2002-1551
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-03-31
CVE-2002-1686
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
CVSS Score
10.0
EPSS Score
0.005
Published
2002-12-31
CVE-2002-1687
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved