Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-415
Vulnerability from certfr_avis - Published: 2006-10-03 - Updated: 2006-10-03None
Description
De multiples vulnérabilités ont été identifiées dans le système d'exploitation IBM AIX. Elles permettraient à un utilisateur malveillant local au système vulnérable d'élever ses privilèges à ceux de l'administrateur (root), voire de modifier des données ou de provoquer un déni de service. Parmi ces vulnérabilités :
- la commande mkvg ne faisant pas appel aux chemins absolus vers certaines fonctions ;
- une erreur non précisée dans named8, un serveur de noms de domaines DNS ;
- une mauvaise manipulation des fichiers par la commande rdist, servant à distribuer des copies de fichiers à plusieurs hôtes ;
- une mauvaise manipulation de la base de données par l'utilitaire Inventory Scout, permettant de lister entre autres les éléments matériels du système ;
- une erreur non précisée dans la commande utape associée au mode Diagnostics ;
- une mauvaise manipulation des paramètres fournis à la commande cfgmgr, pouvant provoquer un débordement de mémoire ;
- une erreur non précisée dans xlock, commande qui permet de verrouiller l'écran, et pouvant être exploitée pour provoquer un débordement de tampon et exécuter des commandes avec les droits de l'administrateur.
Solution
Se référer aux différents bulletins de sécurité d'IBM pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM AIX 5.3.0",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM AIX 5.2.0",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation IBM AIX. Elles permettraient \u00e0 un utilisateur malveillant\nlocal au syst\u00e8me vuln\u00e9rable d\u0027\u00e9lever ses privil\u00e8ges \u00e0 ceux de\nl\u0027administrateur (root), voire de modifier des donn\u00e9es ou de provoquer\nun d\u00e9ni de service. Parmi ces vuln\u00e9rabilit\u00e9s :\n\n- la commande mkvg ne faisant pas appel aux chemins absolus vers\n certaines fonctions ;\n- une erreur non pr\u00e9cis\u00e9e dans named8, un serveur de noms de domaines\n DNS ;\n- une mauvaise manipulation des fichiers par la commande rdist,\n servant \u00e0 distribuer des copies de fichiers \u00e0 plusieurs h\u00f4tes ;\n- une mauvaise manipulation de la base de donn\u00e9es par l\u0027utilitaire\n Inventory Scout, permettant de lister entre autres les \u00e9l\u00e9ments\n mat\u00e9riels du syst\u00e8me ;\n- une erreur non pr\u00e9cis\u00e9e dans la commande utape associ\u00e9e au mode\n Diagnostics ;\n- une mauvaise manipulation des param\u00e8tres fournis \u00e0 la commande\n cfgmgr, pouvant provoquer un d\u00e9bordement de m\u00e9moire ;\n- une erreur non pr\u00e9cis\u00e9e dans xlock, commande qui permet de\n verrouiller l\u0027\u00e9cran, et pouvant \u00eatre exploit\u00e9e pour provoquer un\n d\u00e9bordement de tampon et ex\u00e9cuter des commandes avec les droits de\n l\u0027administrateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux diff\u00e9rents bulletins de s\u00e9curit\u00e9 d\u0027IBM pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-5003",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5003"
},
{
"name": "CVE-2006-5005",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5005"
},
{
"name": "CVE-2006-5006",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5006"
},
{
"name": "CVE-2006-5009",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5009"
},
{
"name": "CVE-2006-4416",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4416"
},
{
"name": "CVE-2006-5004",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5004"
},
{
"name": "CVE-2006-5002",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5002"
},
{
"name": "CVE-2006-5007",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5007"
},
{
"name": "CVE-2006-5008",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5008"
}
],
"initial_release_date": "2006-10-03T00:00:00",
"last_revision_date": "2006-10-03T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88722 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88688 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88688"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88642 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88642"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88566 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88699 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY89434 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89434"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88615 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88735 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88735"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88687 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88687"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88818 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88818"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY89512 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89512"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88641 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88641"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88565 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88565"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY87943 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87943"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88820 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88820"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY88614 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88614"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM IY87894 du 14 septembre 2006 :",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87894"
}
],
"reference": "CERTA-2006-AVI-415",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-10-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": null,
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM AIX",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 IBM AIX",
"url": null
}
]
}
CVE-2006-5007 (GCVE-0-2006-5007)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:23.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016921"
},
{
"name": "IY88614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88614"
},
{
"name": "IY88565",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88565"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20196",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20196"
},
{
"name": "aix-uucp-privilege-escalation(29156)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29156"
},
{
"name": "22105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016921"
},
{
"name": "IY88614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88614"
},
{
"name": "IY88565",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88565"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20196",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20196"
},
{
"name": "aix-uucp-privilege-escalation(29156)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29156"
},
{
"name": "22105",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016921",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016921"
},
{
"name": "IY88614",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88614"
},
{
"name": "IY88565",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88565"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20196"
},
{
"name": "aix-uucp-privilege-escalation(29156)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29156"
},
{
"name": "22105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22105"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5007",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:23.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5004 (GCVE-0-2006-5004)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.713Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20194",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20194"
},
{
"name": "aix-rdist-file-overwrite(29159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29159"
},
{
"name": "IY88688",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88688"
},
{
"name": "IY88687",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88687"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "22099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22099"
},
{
"name": "1016922",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20194",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20194"
},
{
"name": "aix-rdist-file-overwrite(29159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29159"
},
{
"name": "IY88688",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88688"
},
{
"name": "IY88687",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88687"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "22099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22099"
},
{
"name": "1016922",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016922"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the rdist command in IBM AIX 5.2.0 and 5.3.0 allows local users to overwrite arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20194"
},
{
"name": "aix-rdist-file-overwrite(29159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29159"
},
{
"name": "IY88688",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88688"
},
{
"name": "IY88687",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88687"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "22099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22099"
},
{
"name": "1016922",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016922"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5004",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5009 (GCVE-0-2006-5009)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20201"
},
{
"name": "IY87894",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87894"
},
{
"name": "aix-xlock-bo(29161)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29161"
},
{
"name": "22098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22098"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "IY87943",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "1016923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20201"
},
{
"name": "IY87894",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87894"
},
{
"name": "aix-xlock-bo(29161)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29161"
},
{
"name": "22098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22098"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "IY87943",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "1016923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20201"
},
{
"name": "IY87894",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87894"
},
{
"name": "aix-xlock-bo(29161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29161"
},
{
"name": "22098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22098"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "IY87943",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY87943"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "1016923",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5009",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5002 (GCVE-0-2006-5002)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 (invscoutClient_VPD_Survey) allows attackers to overwrite arbitrary files via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016924"
},
{
"name": "20199",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20199"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20206"
},
{
"name": "IY88735",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88735"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "aix-inventory-scout-file-overwrite(29162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29162"
},
{
"name": "22062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 (invscoutClient_VPD_Survey) allows attackers to overwrite arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016924",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016924"
},
{
"name": "20199",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20199"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20206"
},
{
"name": "IY88735",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88735"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "aix-inventory-scout-file-overwrite(29162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29162"
},
{
"name": "22062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22062"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 (invscoutClient_VPD_Survey) allows attackers to overwrite arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016924",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016924"
},
{
"name": "20199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20199"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20206"
},
{
"name": "IY88735",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88735"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "aix-inventory-scout-file-overwrite(29162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29162"
},
{
"name": "22062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22062"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5002",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5006 (GCVE-0-2006-5006)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22112"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20190",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20190"
},
{
"name": "aix-cfgmgr-file-overwrite(29152)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29152"
},
{
"name": "1016917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016917"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "IY89512",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89512"
},
{
"name": "IY89434",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89434"
},
{
"name": "aix-cfgmgr-privilege-escalation(29153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22112",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22112"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20190",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20190"
},
{
"name": "aix-cfgmgr-file-overwrite(29152)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29152"
},
{
"name": "1016917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016917"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "IY89512",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89512"
},
{
"name": "IY89434",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89434"
},
{
"name": "aix-cfgmgr-privilege-escalation(29153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29153"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22112"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20190"
},
{
"name": "aix-cfgmgr-file-overwrite(29152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29152"
},
{
"name": "1016917",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016917"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
},
{
"name": "IY89512",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89512"
},
{
"name": "IY89434",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY89434"
},
{
"name": "aix-cfgmgr-privilege-escalation(29153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29153"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5006",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5003 (GCVE-0-2006-5003)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016925"
},
{
"name": "IY76483",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76483"
},
{
"name": "IY76102",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76102"
},
{
"name": "29187",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29187"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20198",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20198"
},
{
"name": "aix-named8-privilege-escalation(29160)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29160"
},
{
"name": "22102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22102"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016925",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016925"
},
{
"name": "IY76483",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76483"
},
{
"name": "IY76102",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76102"
},
{
"name": "29187",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29187"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20198",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20198"
},
{
"name": "aix-named8-privilege-escalation(29160)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29160"
},
{
"name": "22102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22102"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the named8 command in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016925",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016925"
},
{
"name": "IY76483",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76483"
},
{
"name": "IY76102",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY76102"
},
{
"name": "29187",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29187"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20198"
},
{
"name": "aix-named8-privilege-escalation(29160)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29160"
},
{
"name": "22102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22102"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5003",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5005 (GCVE-0-2006-5005)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IY88566",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
},
{
"name": "IY88615",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
},
{
"name": "1016918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016918"
},
{
"name": "22111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22111"
},
{
"name": "aix-login-privilege-escalation(29155)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20191",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20191"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "IY88566",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
},
{
"name": "IY88615",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
},
{
"name": "1016918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016918"
},
{
"name": "22111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22111"
},
{
"name": "aix-login-privilege-escalation(29155)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20191",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20191"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IY88566",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88566"
},
{
"name": "IY88615",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88615"
},
{
"name": "1016918",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016918"
},
{
"name": "22111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22111"
},
{
"name": "aix-login-privilege-escalation(29155)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29155"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "20191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20191"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5005",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4416 (GCVE-0-2006-4416)
Vulnerability from cvelistv5 – Published: 2006-08-28 20:00 – Updated: 2024-08-07 19:06
VLAI?
EPSS
Summary
Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22106"
},
{
"name": "aix-mkvg-privilege-escalation(29165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
},
{
"name": "1016920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016920"
},
{
"name": "20197",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20197"
},
{
"name": "ADV-2006-3389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3389"
},
{
"name": "IY88737",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
},
{
"name": "21620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21620"
},
{
"name": "IY88722",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
},
{
"name": "19708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19708"
},
{
"name": "IY88699",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22106"
},
{
"name": "aix-mkvg-privilege-escalation(29165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
},
{
"name": "1016920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016920"
},
{
"name": "20197",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20197"
},
{
"name": "ADV-2006-3389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3389"
},
{
"name": "IY88737",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
},
{
"name": "21620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21620"
},
{
"name": "IY88722",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
},
{
"name": "19708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19708"
},
{
"name": "IY88699",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22106"
},
{
"name": "aix-mkvg-privilege-escalation(29165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29165"
},
{
"name": "1016920",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016920"
},
{
"name": "20197",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20197"
},
{
"name": "ADV-2006-3389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3389"
},
{
"name": "IY88737",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88737"
},
{
"name": "21620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21620"
},
{
"name": "IY88722",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88722"
},
{
"name": "19708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19708"
},
{
"name": "IY88699",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88699"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4416",
"datePublished": "2006-08-28T20:00:00",
"dateReserved": "2006-08-28T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5008 (GCVE-0-2006-5008)
Vulnerability from cvelistv5 – Published: 2006-09-27 01:00 – Updated: 2024-08-07 19:32
VLAI?
EPSS
Summary
Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IY88642",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88642"
},
{
"name": "22119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22119"
},
{
"name": "20187",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20187"
},
{
"name": "aix-utape-file-overwrite(29154)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29154"
},
{
"name": "aix-utape-privilege-escalation(29151)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29151"
},
{
"name": "IY88641",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88641"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "1016916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016916"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "IY88642",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88642"
},
{
"name": "22119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22119"
},
{
"name": "20187",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20187"
},
{
"name": "aix-utape-file-overwrite(29154)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29154"
},
{
"name": "aix-utape-privilege-escalation(29151)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29151"
},
{
"name": "IY88641",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88641"
},
{
"name": "ADV-2006-3770",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "1016916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016916"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IY88642",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88642"
},
{
"name": "22119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22119"
},
{
"name": "20187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20187"
},
{
"name": "aix-utape-file-overwrite(29154)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29154"
},
{
"name": "aix-utape-privilege-escalation(29151)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29151"
},
{
"name": "IY88641",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY88641"
},
{
"name": "ADV-2006-3770",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3770"
},
{
"name": "1016916",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016916"
},
{
"name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5008",
"datePublished": "2006-09-27T01:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…