Exploit the possiblities
Showing 26 - 50 of 408 RSS Feed

Operating System: AIX

IBM AIX 6.1.8+ Privilege Escalation
Posted Jun 12, 2014
Authored by Tim Brown | Site portcullis-security.com

IBM AIX versions 6.1.8 and later suffer from a local privilege escalation vulnerability in libodm due to an arbitrary file write.

tags | exploit, arbitrary, local
systems | aix
advisories | CVE-2014-3977
MD5 | 319e4008a767f106fb7dc54a17237ed2
IBM AIX Kernel Memory Leak / Denial Of Service
Posted May 6, 2014
Authored by Tim Brown | Site portcullis-security.com

IBM AIX versions 5.3, 6.1 and 7.1 releases VIOS 2.2.* suffer from kernel memory leak and denial of service vulnerabilities. It has been identified that the ptrace() system call can be manipulated by an unprivileged user into leaking uninitialized kernel memory and that the method by which this is achieved may also lead to a denial of service condition. This can be achieved by manipulating the parameters that are passed to the ptrace() system call when performing the PT_LDINFO operation. By calling ptrace(PT_LDINFO, childpid, leakbuffer, maximumleak, NULL) with a value of maximumleak that greater than that required for the expected result of the PT_LDINFO operation, the AIX kernel will xmalloc() this space (without initializing it), populate it and then perform a copy operation that returns the result within leakbuffer.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | aix
advisories | CVE-2014-0930
MD5 | 4236298d7ba606989f3262b37ad6c132
Samhain File Integrity Checker 3.1.1
Posted May 1, 2014
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: All-numeric hostnames are correctly recognized now, and inline asm has been disabled on Cygwin/Windows.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | ba5dfb540f52b906216485cd35c11560
BMC Patrol For AIX Insecure RPATH Use
Posted Apr 14, 2014
Authored by Tim Brown | Site portcullis-security.com

It has been identified that binaries that are executed with elevated privileges (SetGID and SetUID programs) have been compiled in manner that means they searched for libraries in insecure locations. Version 3.9.00 of BMC Patrol for AIX is affected.

tags | exploit
systems | aix
advisories | CVE-2014-2591
MD5 | 82e142ecb7429ecf312c0bc873447d0a
HP Security Bulletin HPSBMU02874 3
Posted Dec 14, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 3 - Potential security vulnerabilities have been identified with HP Service Manager and ServiceCenter for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 3 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
MD5 | b6b8674b75eceb0753056a4a45db9da6
HP Security Bulletin HPSBMU02874 SSRT101184 2
Posted Nov 1, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 SSRT101184 2 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 2 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
MD5 | 2c1e9015eb0ad12290d4a5d39108f883
Samhain File Integrity Checker 3.1.0
Posted Oct 31, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Support for sha2-256 has been added and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 770dfcca74db744fc453fa18f54543b4
IBM AIX 6.1 / 7.1 Local Root Privilege Escalation
Posted Sep 24, 2013
Authored by Kristian Hermansen

IBM AIX versions 6.1 and 7.1 local root privilege escalation exploit.

tags | exploit, local, root
systems | aix
advisories | CVE-2013-4011, OSVDB-95420
MD5 | e5611fde696ce3f8486c6c6c17f2ed14
Samhain File Integrity Checker 3.0.13
Posted Jun 20, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: A regression in the handling of growing log files has been fixed. For compiling with the kernel check option, the detection of an existing yet non-functional /dev/kmem device has been improved.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 722b6db04657eb330e638e374cd2e1dd
HP Security Bulletin HPSBMU02884
Posted Jun 12, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02884 - Two potential security vulnerabilities have been identified with HP Service Manager and HP ServiceCenter running on AIX, HP-UX, intelLinux, sparcSOL, and Windows Server. The vulnerabilities could be exploited remotely resulting in the disclosure of information or via cross site scripting. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
systems | windows, aix, hpux
advisories | CVE-2013-2336, CVE-2013-2337
MD5 | a7d6833e695114ee994ef403178db805
HP Security Bulletin HPSBMU02874 SSRT101184
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 SSRT101184 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
MD5 | 79c70c37adbfafb90017b4fa51428c59
HP Security Bulletin HPSBMU02873 SSRT101182
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02873 SSRT101182 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Apache Tomcat environment has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2733, CVE-2012-3546, CVE-2012-4431, CVE-2012-4534
MD5 | 134f8575c9609064436934f44a5277bd
Samhain File Integrity Checker 3.0.11
Posted Apr 17, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Log rotation can be handled more gracefully now. An option to ignore modifications of transient files during their lifetime has been added, and it is possible now to build a Debian client package with a preset password. A problem with large groups has been fixed, as well as reconnecting to a temporarily unavailable Oracle database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 5db1ec45f958632cde82adc17c99dfd0
From Write To Root On AIX
Posted Feb 27, 2013
Authored by Silent Signal | Site silentsignal.hu

This whitepaper is the story of Silent Signal LLC sharing a case study on achieving remote user-level access on an AIX server.

tags | paper, remote
systems | aix
MD5 | 3de7de9039353f06768485d630f5dda2
Samhain File Integrity Checker 3.0.10
Posted Jan 13, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: This release fixes a regression that made samhain block indefinitely if the inotify mode for file checking was used.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | ecd7b965a823306043da32f043d349b5
Samhain File Integrity Checker 3.0.9
Posted Dec 21, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | d43e3b3d833c11ab3aa5fad3a596e114
Secunia Security Advisory 51106
Posted Oct 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in BIND included in AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
MD5 | bdd19a636ff1e00d3f462d27630fa238
Secunia Security Advisory 51009
Posted Oct 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | aix
MD5 | 81c799dcd22cecd24197403feddb4d7b
Secunia Security Advisory 50708
Posted Oct 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | aix
MD5 | 207bdc28800d535435e8f6816b58969e
Secunia Security Advisory 50619
Posted Sep 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
MD5 | a05fafaff956bdf0b128a24486703bc1
IBM Java Security Vulnerabilities
Posted Sep 11, 2012
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations discovered multiple security vulnerabilities in IBM SDK, Java Technology Edition software. This is IBM's implementation of Java SE technology for AIX, Linux, z/OS and IBMi platforms. Among a total of 17 security weaknesses found, there are issues that can lead to the complete compromise of a target IBM Java environment.

tags | advisory, java, vulnerability
systems | linux, aix
MD5 | 232f03e81139e97ba599891e2e363fc2
HP Security Bulletin HPSBMU02796 SSRT100594 3
Posted Aug 3, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02796 SSRT100594 3 - Potential security vulnerabilities have been identified with HP Operations Agent and HP Performance Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 3 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2019, CVE-2012-2020
MD5 | d6b3e9050d33abbeba7b072544e86852
Secunia Security Advisory 50097
Posted Aug 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in OpenSSL included in AIX and Virtual I/O Server, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | aix
MD5 | 5e8c1ea7d99bfda641faf62ca9bcdcaf
Secunia Security Advisory 50003
Posted Jul 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM AIX and IBM Virtual I/O Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
MD5 | 666f9a04480dc5e02a05e260589d4525
Secunia Security Advisory 49917
Posted Jul 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in BIND included in AIX, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
MD5 | bd81d59247b7683750d99f1845cce25c
Page 2 of 17
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close