Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-3405

Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.

Published

2010-09-16T21:00:01.607

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.1

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	ibm	aix	5.3	Yes
Operating System	ibm	aix	6.1	Yes
Application	ibm	vios	1.5	Yes
Application	ibm	vios	2.1	Yes

References

http://aix.software.ibm.com/aix/efixes/security/sa_snap_advisory.asc Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/41446 Third Party Advisory ([email protected])
http://securitytracker.com/id?1024430 Third Party Advisory, VDB Entry ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ81819 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ82245 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ82630 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ83909 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ83942 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ83975 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IZ84167 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/43207 Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2010/2377 Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/61774 Third Party Advisory, VDB Entry ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12214 Third Party Advisory ([email protected])
http://aix.software.ibm.com/aix/efixes/security/sa_snap_advisory.asc Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/41446 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1024430 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ81819 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ82245 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ82630 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ83909 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ83942 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ83975 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ84167 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/43207 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/2377 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61774 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12214 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)