# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2018-1655 |
200 |
|
+Info |
2018-06-22 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory. IBM X-Force ID: 144748. |
2 |
CVE-2018-1383 |
|
|
|
2018-02-13 |
2019-10-03 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117. |
3 |
CVE-2017-1692 |
|
|
|
2018-02-07 |
2018-02-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067. |
4 |
CVE-2017-1541 |
20 |
|
|
2017-10-04 |
2017-11-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809. |
5 |
CVE-2017-1093 |
|
|
+Priv |
2017-02-02 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges. |
6 |
CVE-2016-8972 |
264 |
|
+Priv |
2017-02-15 |
2021-08-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011. |
7 |
CVE-2016-6079 |
264 |
|
|
2017-02-15 |
2021-08-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053. |
8 |
CVE-2016-6038 |
22 |
|
Dir. Trav. |
2016-09-26 |
2017-07-30 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL. |
9 |
CVE-2016-0281 |
20 |
|
DoS |
2016-08-08 |
2021-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets. |
10 |
CVE-2016-0266 |
254 |
|
+Info |
2016-08-08 |
2021-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. |
11 |
CVE-2015-4948 |
264 |
|
+Priv |
2015-10-16 |
2016-12-08 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors. |
12 |
CVE-2014-8904 |
264 |
|
+Priv |
2015-01-15 |
2021-08-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value. |
13 |
CVE-2014-3977 |
59 |
1
|
|
2014-06-08 |
2021-08-31 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179. |
14 |
CVE-2014-3566 |
310 |
|
|
2014-10-15 |
2021-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
15 |
CVE-2014-3074 |
264 |
|
+Priv |
2014-07-02 |
2021-08-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. |
16 |
CVE-2014-0930 |
|
|
DoS +Info |
2014-05-08 |
2021-08-31 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation. |
17 |
CVE-2013-5419 |
119 |
|
Overflow +Priv |
2013-10-04 |
2017-09-19 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple buffer overflows in (1) mkque and (2) mkquedev in bos.rte.printers in IBM AIX 6.1 and 7.1 allow local users to gain privileges by leveraging printq group membership. |
18 |
CVE-2013-4011 |
|
|
+Priv |
2013-07-18 |
2017-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat. |
19 |
CVE-2013-3035 |
20 |
|
DoS |
2013-06-21 |
2017-09-19 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 interface. |
20 |
CVE-2013-3005 |
264 |
|
Bypass |
2013-07-06 |
2017-09-19 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors. |
21 |
CVE-2012-4845 |
264 |
|
Bypass |
2012-10-20 |
2021-08-31 |
6.8 |
None |
Remote |
Low |
??? |
Complete |
None |
None |
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file. |
22 |
CVE-2012-4833 |
264 |
|
|
2012-10-01 |
2021-08-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line. |
23 |
CVE-2012-4817 |
|
|
DoS |
2012-09-14 |
2021-08-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors. |
24 |
CVE-2012-2200 |
264 |
|
+Priv |
2012-06-27 |
2021-08-31 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory. |
25 |
CVE-2012-2192 |
399 |
|
DoS |
2012-06-20 |
2021-08-31 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The socketpair function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.1.4-FP-25 SP-02 allows local users to cause a denial of service (system crash) via a crafted application that leverages the presence of a socket on the free list. |
26 |
CVE-2012-2179 |
264 |
|
|
2012-06-22 |
2017-08-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. |
27 |
CVE-2012-0745 |
264 |
|
+Priv |
2012-05-04 |
2017-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. |
28 |
CVE-2012-0723 |
20 |
|
DoS |
2012-07-30 |
2021-08-31 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application. |
29 |
CVE-2012-0194 |
|
|
DoS |
2012-02-06 |
2017-08-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. |
30 |
CVE-2011-3982 |
399 |
|
DoS |
2011-10-05 |
2017-08-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. |
31 |
CVE-2011-1561 |
287 |
|
Bypass |
2011-04-05 |
2011-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldap_auth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password. |
32 |
CVE-2011-1385 |
399 |
|
DoS |
2012-03-02 |
2018-01-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. |
33 |
CVE-2011-1375 |
264 |
|
DoS |
2011-11-11 |
2017-08-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call. |
34 |
CVE-2011-0637 |
|
|
DoS |
2011-01-25 |
2017-08-17 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors. |
35 |
CVE-2010-3405 |
119 |
|
Overflow +Priv |
2010-09-16 |
2018-11-28 |
6.8 |
None |
Local |
Low |
??? |
Complete |
Complete |
Complete |
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors. |
36 |
CVE-2010-1039 |
134 |
|
Exec Code |
2010-05-20 |
2018-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. |
37 |
CVE-2010-0961 |
119 |
|
Overflow +Priv |
2010-03-10 |
2017-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. |
38 |
CVE-2010-0960 |
119 |
|
Overflow +Priv |
2010-03-10 |
2017-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to gain privileges via unspecified vectors. |
39 |
CVE-2009-4362 |
119 |
|
DoS Overflow +Priv |
2009-12-21 |
2009-12-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information. |
40 |
CVE-2009-4361 |
119 |
|
DoS Overflow +Priv |
2009-12-21 |
2009-12-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information. |
41 |
CVE-2009-3699 |
119 |
|
Exec Code Overflow |
2009-10-15 |
2017-08-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. |
42 |
CVE-2009-3517 |
|
|
Bypass |
2009-10-01 |
2017-09-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors. |
43 |
CVE-2009-3516 |
255 |
|
Bypass |
2009-10-01 |
2017-09-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors. |
44 |
CVE-2009-2727 |
119 |
|
Exec Code Overflow |
2009-08-10 |
2009-08-11 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15. |
45 |
CVE-2009-2669 |
264 |
|
+Priv |
2009-08-05 |
2009-08-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1. |
46 |
CVE-2009-1786 |
362 |
|
|
2009-05-26 |
2017-09-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable. |
47 |
CVE-2009-1355 |
119 |
|
Overflow +Priv |
2009-04-21 |
2017-09-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. |
48 |
CVE-2009-0779 |
119 |
|
Overflow +Priv |
2009-03-04 |
2009-03-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string." |
49 |
CVE-2009-0370 |
|
|
|
2009-01-30 |
2017-09-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files." |
50 |
CVE-2008-5387 |
119 |
|
Overflow +Priv |
2008-12-09 |
2017-09-29 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. |