Conversation
cR0w@infosec.exchange

cR0w 🦃

Y'all like AIX vulns, right? How about four of them? Okay well what if three are sev:CRIT? Fine, one is a perfect 10 if that's what it takes to get y'all to care. 🥳

https://www.ibm.com/support/pages/node/7251173

Vulnerabilities in AIX could allow a remote attacker to execute arbitrary commands (CVE-2025-36251, CVE-2025-36250), obtain Network Installation Manager (NIM) private keys (CVE-2025-36096), or traverse directories (CVE-2025-36236). These vulnerabilities are addressed through the fixes referenced as part of this bulletin. These vulnerabilities are exploitable only when an attacker can establish network connectivity to the affected host.

2
4
1
cR0w@infosec.exchange

cR0w 🦃

Reply to @cR0w@infosec.exchange

I can't remember who it was that was interested in the AIX NIM stuff. I think it was @buherator .

1
1
1
ljrk@todon.eu

lj·rk

Reply to @cR0w@infosec.exchange

@cR0w Ah, Alien UNIX keeps on giving!

1
0
0
cR0w@infosec.exchange

cR0w 🦃

Reply to @ljrk@todon.eu

@ljrk Always. I can barely keep up with all the advisories but these ones are too good to not share.

0
1
0
buherator

buherator

Reply to @cR0w@infosec.exchange
@cR0w As my bio says "I'm interested in all kinds of astronomy" :)
1
0
2
cR0w@infosec.exchange

cR0w 🦃

Reply to @buherator

@buherator Since I'm already on a roll here.

0
2
0
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.