Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-0370

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

Published

2009-01-30T19:30:00.343

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	ibm	aix	5.2	Yes
Operating System	ibm	aix	5.2.2	Yes
Operating System	ibm	aix	5.2_l	Yes
Operating System	ibm	aix	5.3	Yes
Operating System	ibm	aix	5.3.7	Yes
Operating System	ibm	aix	5.3.8	Yes
Operating System	ibm	aix	5.3.9	Yes
Operating System	ibm	aix	5.3_l	Yes
Operating System	ibm	aix	6.1	Yes
Operating System	ibm	aix	6.1.1	Yes
Operating System	ibm	aix	6.1.2	Yes

References

http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ40386 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ41510 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ41593 ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ41599 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ42785 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ42786 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ42787 Patch ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ42788 Patch ([email protected])
http://www.securityfocus.com/bid/33522 Patch ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028 ([email protected])
http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ40386 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ41510 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ41593 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ41599 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ42785 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ42786 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ42787 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ42788 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/33522 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028 (af854a3a-2127-422b-91ae-364da2661108)