Thinking OPEN

Posts Tagged ‘aix’

Aix 6.1.2 and prior [High]

By Security Team • Oct 1st, 2009 • Category: Security Notifications

gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors….

CVE Identifier: CVE-2009-3516
Vulnerability Type(s):
Severity: High


Aix 6.1.2 and prior [Unknown Severity]

By Security Team • Oct 1st, 2009 • Category: Security Notifications

nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors….

CVE Identifier: CVE-2009-3517
Vulnerability Type(s):
Severity: Unknown Severity


Aix 6.1.2 and prior [High]

By Security Team • Aug 10th, 2009 • Category: Security Notifications

Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15….

CVE Identifier: CVE-2009-2727
Vulnerability Type(s):
Severity: High


Aix 6.1 and prior [High]

By Security Team • Aug 5th, 2009 • Category: Security Notifications

A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1….

CVE Identifier: CVE-2009-2669
Vulnerability Type(s):
Severity: High


Aix 5.3 [High]

By Security Team • Jul 13th, 2009 • Category: Security Notifications

Buffer overflow in the syscall implementation in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors….

CVE Identifier: CVE-2009-2434
Vulnerability Type(s):
Severity: High


Aix 5.3 [High]

By Security Team • Jun 7th, 2009 • Category: Security Notifications

Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli….

CVE Identifier: CVE-2009-1954
Vulnerability Type(s):
Severity: High


Aix 6.1 and prior [Medium]

By Security Team • May 26th, 2009 • Category: Security Notifications

The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable….

CVE Identifier: CVE-2009-1786
Vulnerability Type(s):
Severity: Medium


Aix 6.1 and prior [High]

By Security Team • Apr 21st, 2009 • Category: Security Notifications

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename….

CVE Identifier: CVE-2009-1355
Vulnerability Type(s):
Severity: High


Aix 6.1 and prior [High]

By Security Team • Mar 4th, 2009 • Category: Security Notifications

Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long “input string.”…

CVE Identifier: CVE-2009-0779
Vulnerability Type(s):
Severity: High


Aix 6.1.2 and prior [Medium]

By Security Team • Feb 11th, 2009 • Category: Security Notifications

at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges….

CVE Identifier: CVE-2009-0536
Vulnerability Type(s):
Severity: Medium


« Older Entries
Newer Entries »