This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ibm First view 1992-03-01
Product Aix Last view 2012-01-03
Version 3.2 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:ibm:aix

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4 2012-01-03 CVE-2011-1384

The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before 2.2.0.19 on IBM AIX 7.1, 6.1, 5.3, and earlier allow local users to delete arbitrary files, or trigger inventory scout operations on arbitrary files, via a symlink attack on an unspecified file.

10 2010-08-30 CVE-2010-3187

Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.

5 2003-06-16 CVE-2003-0285

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail.

7.2 2000-12-10 CVE-2000-1222

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.

10 2000-11-14 CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

5 2000-05-24 CVE-2000-0441

Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.

7.2 1999-12-31 CVE-1999-1589

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

10 1999-08-18 CVE-1999-0745

Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.

7.2 1998-11-01 CVE-1999-0118

AIX infod allows local users to gain root access through an X display.

5 1998-01-08 CVE-1999-0086

AIX routed allows remote users to modify sensitive files.

5 1998-01-05 CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

7.5 1997-12-10 CVE-1999-0017

FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

10 1997-12-05 CVE-1999-0018

Buffer overflow in statd allows root privileges.

10 1997-10-29 CVE-1999-0097

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

7.2 1997-09-01 CVE-1999-0115

AIX bugfiler program allows local users to gain root access.

5 1997-07-01 CVE-1999-0111

RIP v1 is susceptible to spoofing.

7.2 1997-05-26 CVE-1999-0064

Buffer overflow in AIX lquerylv program gives root access to local users.

7.2 1997-05-01 CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

7.2 1997-04-26 CVE-1999-0038

Buffer overflow in xlock program allows local users to execute commands as root.

10 1997-02-06 CVE-1999-0046

Buffer overflow of rlogin program using TERM environmental variable.

5 1997-01-01 CVE-1999-0345

Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

5 1996-12-18 CVE-1999-0128

Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

10 1996-12-10 CVE-1999-0101

Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.

4.6 1996-12-03 CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

7.2 1996-09-11 CVE-1999-0131

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-264 Permissions, Privileges, and Access Controls
33% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-67 String Format Overflow in syslog()
CAPEC-88 OS Command Injection
CAPEC-92 Forced Integer Overflow
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks
CAPEC-133 Try All Common Application Switches and Options
CAPEC-219 XML Routing Detour Attacks

SAINT Exploits

Description Link
rpc.ypupdated command injection vulnerability More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77689 IBM AIX Inventory Scout Unspecified Arbitrary File Deletion
77688 IBM AIX Inventory Scout Symlink Arbitrary File Manipulation
67346 Multiple Unix Vendor rpc.pcnfsd pr_init() Symlink Arbitrary File Permission M...
66576 IBM AIX FTP NLST Command Crafted Parameter Core Dump Password Hash Remote Dis...
59264 Microsoft Windows Crafted Fragmented Packet Stream Remote DoS (Jolt)
56528 IBM AIX routed Crafted Packet Remote File Creation/Modification
30926 IBM AIX crontab Unspecified Local Privilege Escalation
17963 IBM AIX sysback Path Subversion Privilege Escalation
14794 Multiple Unix Vendor locale subsystem Multiple Function Format String
14788 IBM AIX FTP Client Pipe Character Arbitrary Command Execution
11734 Multiple Unix rpc.statd Arbitrary File Creation/Deletion
11727 syslog Shared Libraries Remote Overflow
11726 RIP v1 Protocol Spoofed Routing Packet Injection
11517 Multiple Vendor NIS rpc.ypupdated YP Map Update Arbitrary Remote Command Exec...
11454 Multiple Vendor Oversized ICMP Ping Packet DoS
11450 rexd Service Authentication Bypass Remote Command Execution
8715 Multiple Vendor rdist errstring Local Overflow
8420 RPC statd Remote Overflow
8010 IBM AIX DPS Server dpsexec Arbitrary Privileged File Modification
7993 IBM AIX sendmail.cf Configuration Unauthorized Mail Relay
7990 ISC BIND gethostbyname() DNS Overflow
7988 IBM AIX passwd Local Privilege Escalation
7987 IBM AIX infod X Display Local Privilege Escalation
6792 HP-UX rpc.pcnfsd Printer Spool Directory Remote Privilege Escalation
5743 Multiple Unix Vendor rpc.pcnfsd Multiple Function su_popen() Arbitrary Remote...

ExploitDB Exploits

id Description
22251 AIX 3.x/4.x,Windows 95/98/2000/NT 4,SunOS 5 gethostbyname() Buffer Overflow

OpenVAS Exploits

id Description
2011-11-15 Name : SendMail Mail Relay Vulnerability
File : nvt/gb_sendmail_mail_relay_vuln.nasl
2009-03-23 Name : Mail relaying
File : nvt/smtp_relay.nasl
2008-10-24 Name : rpc.ypupdated remote execution
File : nvt/ypupdated_remote_exec.nasl
2005-11-03 Name : Sendmail Local Starvation and Overflow
File : nvt/sendmail_875_bo.nasl
2005-11-03 Name : Sendmail Group Permissions Vulnerability
File : nvt/sendmail_forword_include.nasl
2005-11-03 Name : WS FTP server FTP bounce attack and PASV connection hijacking flaw
File : nvt/wsftp_classic_flaws.nasl

Snort® IPS/IDS

Date Description
2014-01-10 Unix rlogin froot parameter root access attempt
RuleID : 604-community - Type : PROTOCOL-SERVICES - Revision : 14
2014-01-10 Unix rlogin froot parameter root access attempt
RuleID : 604 - Type : PROTOCOL-SERVICES - Revision : 14
2014-01-10 portmap ypupdated request TCP
RuleID : 591-community - Type : PROTOCOL-RPC - Revision : 21
2014-01-10 portmap ypupdated request TCP
RuleID : 591 - Type : PROTOCOL-RPC - Revision : 21
2014-01-10 portmap pcnfsd request UDP
RuleID : 581-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 portmap pcnfsd request UDP
RuleID : 581 - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 PORT bounce attempt
RuleID : 3441-community - Type : PROTOCOL-FTP - Revision : 13
2014-01-10 PORT bounce attempt
RuleID : 3441 - Type : PROTOCOL-FTP - Revision : 13
2014-01-10 Jolt attack
RuleID : 268 - Type : DOS - Revision : 7
2014-01-10 ypupdated arbitrary command attempt TCP
RuleID : 2089-community - Type : PROTOCOL-RPC - Revision : 15
2014-01-10 ypupdated arbitrary command attempt TCP
RuleID : 2089 - Type : PROTOCOL-RPC - Revision : 15
2014-01-10 ypupdated arbitrary command attempt UDP
RuleID : 2088-community - Type : PROTOCOL-RPC - Revision : 16
2014-01-10 ypupdated arbitrary command attempt UDP
RuleID : 2088 - Type : PROTOCOL-RPC - Revision : 16
2014-01-10 portmap ypupdated request UDP
RuleID : 1277-community - Type : PROTOCOL-RPC - Revision : 22
2014-01-10 portmap ypupdated request UDP
RuleID : 1277 - Type : PROTOCOL-RPC - Revision : 22
2014-01-10 portmap pcnfsd request TCP
RuleID : 1268-community - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 portmap pcnfsd request TCP
RuleID : 1268 - Type : PROTOCOL-RPC - Revision : 19
2014-01-10 AIX pdnsd overflow
RuleID : 1261-community - Type : SERVER-OTHER - Revision : 15
2014-01-10 AIX pdnsd overflow
RuleID : 1261 - Type : SERVER-OTHER - Revision : 15

Nessus® Vulnerability Scanner

id Description
2018-10-10 Name: An open SMTP relay is running on the host.
File: internal_smtp_relay_detection.nasl - Type: ACT_GATHER_INFO
2014-05-12 Name: The remote host contains a program that could allow a user to delete or manip...
File: invscout_2_2_0_19.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83274.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83276.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83275.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote AIX host is missing a security patch.
File: aix_IZ83252.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838020.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838225.nasl - Type: ACT_GATHER_INFO
2011-02-25 Name: The remote AIX host is missing a vendor-supplied security patch.
File: aix_U838600.nasl - Type: ACT_GATHER_INFO
2008-03-28 Name: 'ypupdated -i' is running on this port.
File: ypupdated_remote_exec.nasl - Type: ACT_ATTACK
2004-09-01 Name: The remote FTP server has multiple vulnerabilities.
File: wsftp_classic_flaws.nasl - Type: ACT_GATHER_INFO
2003-09-26 Name: An open SMTP relay is running on the remote host.
File: smtp_relay2.nasl - Type: ACT_GATHER_INFO
2003-03-11 Name: The remote host has an application that is affected by multiple vulnerabilities.
File: sendmail_875_bo.nasl - Type: ACT_GATHER_INFO
2003-03-11 Name: The remote host has an application that is affected by local privilege escala...
File: sendmail_forword_include.nasl - Type: ACT_GATHER_INFO
2002-08-26 Name: It is possible to connect to this host as 'root' without a password.
File: rlogin_froot.nasl - Type: ACT_ATTACK
1999-06-22 Name: The remote FTP server is vulnerable to a FTP server bounce attack.
File: ftp_bounce.nasl - Type: ACT_GATHER_INFO
1999-06-22 Name: An open SMTP relay is running on the remote host.
File: smtp_relay.nasl - Type: ACT_GATHER_INFO