This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ibm First view 1992-03-01
Product Aix Last view 2012-01-03
Version 3.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:ibm:aix

Activity : Overall

Related : CVE

  Date Alert Description
4 2012-01-03 CVE-2011-1384

The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file.

10 2010-08-30 CVE-2010-3187

Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.

5 2003-06-16 CVE-2003-0285

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.

7.2 2000-12-10 CVE-2000-1222

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

7.2 1999-12-31 CVE-1999-1589

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

10 1999-08-18 CVE-1999-0745

Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.

5 1998-01-05 CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

7.2 1997-09-01 CVE-1999-0115

AIX bugfiler program allows local users to gain root access.

10 1997-01-27 CVE-1999-0048

Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.

7.2 1996-07-03 CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

7.2 1994-07-20 CVE-1999-1552

dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.

7.5 1994-06-03 CVE-1999-0337

AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.

10 1994-05-23 CVE-1999-0113

Some implementations of rlogin allow root access if given a -froot parameter.

7.2 1992-03-31 CVE-1999-0117

AIX passwd allows local users to gain root access.

7.2 1992-03-19 CVE-1999-1121

The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.

0 1992-03-01 CVE-1999-0627

The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-88 OS Command Injection
CAPEC-133 Try All Common Application Switches and Options

Open Source Vulnerability Database (OSVDB)

id Description
77689 IBM AIX Inventory Scout Unspecified Arbitrary File Deletion
77688 IBM AIX Inventory Scout Symlink Arbitrary File Manipulation
66576 IBM AIX FTP NLST Command Crafted Parameter Core Dump Password Hash Remote Dis...
30926 IBM AIX crontab Unspecified Local Privilege Escalation
17963 IBM AIX sysback Path Subversion Privilege Escalation
11450 rexd Service Authentication Bypass Remote Command Execution
8203 Multiple Vendor in.talkd Crafted DNS Response Remote Overflow
8010 IBM AIX DPS Server dpsexec Arbitrary Privileged File Modification
7993 IBM AIX sendmail.cf Configuration Unauthorized Mail Relay
7988 IBM AIX passwd Local Privilege Escalation
1940 IBM AIX pdnsd Remote Overflow
1611 IBM AIX bugfiler Arbitrary File Creation
1048 IBM AIX Source Code Browser Overflow
1007 Multiple Unix Vendor rlogin -froot Remote Authentication Bypass
983 IBM AIX bsh Network Printing Remote Privilege Escalation
916 Multiple Vendor ICMP Broadcast Flood DoS (smurf)
910 Multiple Vendor rdist expstr() Function Local Overflow
891 IBM AIX uucp Local Privilege Escalation

OpenVAS Exploits

id Description
2011-11-15 Name : SendMail Mail Relay Vulnerability
File : nvt/gb_sendmail_mail_relay_vuln.nasl
2009-03-23 Name : Mail relaying
File : nvt/smtp_relay.nasl

Snort® IPS/IDS

Date Description
2014-01-10 Unix rlogin froot parameter root access attempt
RuleID : 604-community - Type : PROTOCOL-SERVICES - Revision : 14
2014-01-10 Unix rlogin froot parameter root access attempt
RuleID : 604 - Type : PROTOCOL-SERVICES - Revision : 14
2014-01-10 AIX pdnsd overflow
RuleID : 1261-community - Type : SERVER-OTHER - Revision : 15
2014-01-10 AIX pdnsd overflow
RuleID : 1261 - Type : SERVER-OTHER - Revision : 15

Nessus® Vulnerability Scanner

id Description
2018-10-10 Name: An open SMTP relay is running on the host.
File: internal_smtp_relay_detection.nasl - Type: ACT_GATHER_INFO
2014-05-12 Name: The remote host contains a program that could allow a user to delete or manip...
File: invscout_2_2_0_19.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83252.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83274.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83275.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83276.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838020.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838225.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838600.nasl - Type: ACT_GATHER_INFO
2003-09-26 Name: An open SMTP relay is running on the remote host.
File: smtp_relay2.nasl - Type: ACT_GATHER_INFO
2002-08-26 Name: It is possible to connect to this host as 'root' without a password.
File: rlogin_froot.nasl - Type: ACT_ATTACK
1999-06-22 Name: An open SMTP relay is running on the remote host.
File: smtp_relay.nasl - Type: ACT_GATHER_INFO