Thinking OPEN

Posts Tagged ‘aix’

Aix 6.1.2 and prior [Medium]

By Security Team • Feb 11th, 2009 • Category: Security Notifications

at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges….

CVE Identifier: CVE-2009-0536
Vulnerability Type(s):
Severity: Medium


Aix 6.1.14 and prior [Medium]

By Security Team • Feb 10th, 2009 • Category: Security Notifications

Unspecified vulnerability in the IBM Asynchronous I/O (aka AIO or libibmaio) library in the Java Message Service (JMS) component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.17 on AIX 5.3 allows attackers to cause a denial of service (daemon crash) via vectors related to the aio_getioev2 and getEvent methods….

CVE Identifier: CVE-2009-0435
Vulnerability Type(s):
Severity: Medium


Aix 6.1.2 and prior [High]

By Security Team • Jan 30th, 2009 • Category: Security Notifications

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating “secure log files.”…

CVE Identifier: CVE-2009-0370
Vulnerability Type(s):
Severity: High


Aix 6.1.2 and prior [Medium]

By Security Team • Dec 8th, 2008 • Category: Security Notifications

crontab in bos.rte.cron in IBM AIX 6.1.0 through 6.1.2 allows local users with aix.system.config.cron authorization to gain privileges by launching an editor….

CVE Identifier: CVE-2008-5384
Vulnerability Type(s):
Severity: Medium


Aix 6.1.2 and prior [Medium]

By Security Team • Dec 8th, 2008 • Category: Security Notifications

enq in bos.rte.printers in IBM AIX 6.1.0 through 6.1.2, when a print queue is defined in /etc/qconfig, allows local users to delete arbitrary files via unspecified vectors….

CVE Identifier: CVE-2008-5385
Vulnerability Type(s):
Severity: Medium


Aix 6.1.2 and prior [Medium]

By Security Team • Dec 8th, 2008 • Category: Security Notifications

Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors….

CVE Identifier: CVE-2008-5386
Vulnerability Type(s):
Severity: Medium


Aix 6.1.2 and prior [Medium]

By Security Team • Dec 8th, 2008 • Category: Security Notifications

Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors….

CVE Identifier: CVE-2008-5387
Vulnerability Type(s):
Severity: Medium


Aix 6.1 and prior [High]

By Security Team • Sep 10th, 2008 • Category: Security Notifications

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors…

CVE Identifier: CVE-2008-4018
Vulnerability Type(s):
Severity: High


Aix 5.3.0 and prior [High]

By Security Team • Sep 10th, 2008 • Category: Security Notifications

Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors….

CVE Identifier: CVE-2007-6717
Vulnerability Type(s):
Severity: High


Aix 8.1 and prior [Medium]

By Security Team • Aug 29th, 2008 • Category: Security Notifications

Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page…

CVE Identifier: CVE-2008-3860
Vulnerability Type(s):
Severity: Medium


« Older Entries
Newer Entries »