Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.
lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code.
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified URL.
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
iscdeploy in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 on the IBM i platform sets weak permissions under systemapps/isclite.ear/ and bin/client_ffdc/, which allows local users to read or modify files via standard filesystem operations.
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.
AIX piodmgrsu command allows local users to gain additional group privileges.
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writing to this file.
dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.
IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the mount command which could lead to code execution. IBM X-Force ID: 212952.
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors. IBM X-Force ID: 111643.
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.
The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.
IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 153633.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858.
IBM Campaign 9.1.0 and 9.1.2 could allow a local user to obtain admini privileges due to the application not validating access permissions. IBM X-Force ID: 153382.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859.
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 152078.
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection. IBM X-Force ID: 103694.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 142648.
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access to the Python interpreter with nova credentials, which allows KVM guest OS users to discover certain PowerVC credentials and bypass intended access restrictions via unspecified Python code.
IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: 140977.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023.
IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 does not properly restrict encrypted files, which allows local users to obtain sensitive information or possibly have unspecified other impact via a (1) download or (2) upload action.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Force ID: 140210.
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim users password. IBM X-Force ID: 139754.
IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081.
IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972.
IBM Spectrum Scale 5.1.0.1 could allow a local with access to the GUI pod container to obtain sensitive cryptographic keys that could allow them to elevate their privileges. IBM X-Force ID: 200883.
Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1.
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 149640.
lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack.
IBM Security Verify Access 20.07 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with elevated privileges.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 146364.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 146369.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 143022.
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 196075.
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.
Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.