RSS   Vulnerabilities for 'AIX'   RSS

2018-02-13
 
CVE-2018-1383

CWE-284
 

 
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117.

 
2018-02-07
 
CVE-2017-1692

CWE-noinfo
 

 
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067.

 
2017-10-03
 
CVE-2017-1541

CWE-20
 

 
A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. IBM X-Force ID: 130809.

 
2017-02-15
 
CVE-2016-8972

 

 
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011.

 
 
CVE-2016-8944

 

 
IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234.

 
 
CVE-2016-6079

 

 
IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM APARs: IV88658, IV87981, IV88419, IV87640, IV88053.

 
2017-02-02
 
CVE-2017-1093

 

 
IBM AIX 6.1, 7.1, and 7.2 could allow a local user to exploit a vulnerability in the bellmail binary to gain root privileges.

 
2017-02-01
 
CVE-2016-3053

 

 
IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges.

 
2016-09-26
 
CVE-2016-6038

 

 
Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL.

 
2016-08-07
 
CVE-2016-0281

 

 
The mustendd driver in IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x, when the jumbo_frames feature is not enabled, allows remote attackers to cause a denial of service (FC1763 or FC5899 adapter crash) via crafted packets.

 


Copyright 2018, cxsecurity.com

 

Back to Top