Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.
Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM) on UNIX allow local users to gain privileges via unspecified vectors.
Unspecified vulnerability in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unknown vectors.
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
Buffer overflow in IBM Rational ClearCase through 7.1.2.12, 8.0.0.x before 8.0.0.9, and 8.0.1.x before 8.0.1.2 allows local users to gain privileges via unspecified vectors.
Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors.
Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges.
IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via format string specifiers in a command line argument, which is not properly handled when printing an error message.
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741.
Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code.
Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.
IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997.
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain root privileges on the vulnerable system. IBM X-Force ID: 157511.
A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files.
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system. IBM X-Force ID: 161667,
IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190.
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments.
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges.
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable.
AIX cdmount allows local users to gain root privileges via shell metacharacters.
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.