ID CVE-2009-0370
Summary Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
References
Vulnerable Configurations
  • IBM AIX 5.2
    cpe:2.3:o:ibm:aix:5.2
  • IBM AIX 5.2 L
    cpe:2.3:o:ibm:aix:5.2_l
  • IBM AIX 5.2.2
    cpe:2.3:o:ibm:aix:5.2.2
  • IBM AIX 5.3
    cpe:2.3:o:ibm:aix:5.3
  • IBM AIX 5.3 L
    cpe:2.3:o:ibm:aix:5.3_l
  • IBM AIX 5.3.7
    cpe:2.3:o:ibm:aix:5.3.7
  • IBM AIX 5.3.8
    cpe:2.3:o:ibm:aix:5.3.8
  • IBM AIX 5.3.9
    cpe:2.3:o:ibm:aix:5.3.9
  • IBM AIX 6.1
    cpe:2.3:o:ibm:aix:6.1
  • IBM AIX 6.1.1
    cpe:2.3:o:ibm:aix:6.1.1
  • IBM AIX 6.1.2
    cpe:2.3:o:ibm:aix:6.1.2
CVSS
Base: 7.2 (as of 02-02-2009 - 09:52)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family AIX Local Security Checks
    NASL id AIX_U821384.NASL
    description The remote host is missing AIX PTF U821384, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 38274
    published 2009-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38274
    title AIX 5.3 TL 7 : bos.net.tcp.client (U821384)
  • NASL family AIX Local Security Checks
    NASL id AIX_U821948.NASL
    description The remote host is missing AIX PTF U821948, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 38293
    published 2009-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38293
    title AIX 5.3 TL 6 : bos.net.tcp.client (U821948)
  • NASL family AIX Local Security Checks
    NASL id AIX_U821800.NASL
    description The remote host is missing AIX PTF U821800, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 37116
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37116
    title AIX 6.1 TL 2 : bos.net.tcp.client (U821800)
  • NASL family AIX Local Security Checks
    NASL id AIX_U823545.NASL
    description The remote host is missing AIX PTF U823545, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 35525
    published 2009-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35525
    title AIX 5.2 TL 10 : bos.net.tcp.client (U823545)
  • NASL family AIX Local Security Checks
    NASL id AIX_U820015.NASL
    description The remote host is missing AIX PTF U820015, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 38230
    published 2009-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38230
    title AIX 5.3 TL 9 : bos.net.tcp.client (U820015)
  • NASL family AIX Local Security Checks
    NASL id AIX_U819861.NASL
    description The remote host is missing AIX PTF U819861, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 37233
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37233
    title AIX 6.1 TL 1 : bos.net.tcp.client (U819861)
  • NASL family AIX Local Security Checks
    NASL id AIX_U822048.NASL
    description The remote host is missing AIX PTF U822048, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 38372
    published 2009-04-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38372
    title AIX 5.3 TL 8 : bos.net.tcp.client (U822048)
  • NASL family AIX Local Security Checks
    NASL id AIX_U818420.NASL
    description The remote host is missing AIX PTF U818420, which is related to the security of the package bos.net.tcp.client.
    last seen 2019-02-21
    modified 2013-03-14
    plugin id 35830
    published 2009-03-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35830
    title AIX 6.1 : bos.net.tcp.client (U818420)
oval via4
accepted 2009-09-21T04:00:05.256-04:00
class vulnerability
contributors
name Aharon Chernin
organization DTCC
definition_extensions
  • comment IBM AIX 5200-10 is installed
    oval oval:org.mitre.oval:def:5076
  • comment IBM AIX 5300-00 is installed
    oval oval:org.mitre.oval:def:6195
  • comment IBM AIX 5300-01 through 5300-06 is installed
    oval oval:org.mitre.oval:def:5973
  • comment IBM AIX 5300-07 is installed
    oval oval:org.mitre.oval:def:5707
  • comment IBM AIX 5300-08 is installed
    oval oval:org.mitre.oval:def:5293
  • comment IBM AIX 5300-09 is installed
    oval oval:org.mitre.oval:def:6306
  • comment IBM AIX 6100-00 is installed
    oval oval:org.mitre.oval:def:5589
  • comment IBM AIX 6100-01 is installed
    oval oval:org.mitre.oval:def:5959
  • comment IBM AIX 6100-02 is installed
    oval oval:org.mitre.oval:def:5685
description Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
family unix
id oval:org.mitre.oval:def:6028
status accepted
submitted 2009-08-07T08:18:16-04:00
title Multiple unspecified vulnerabilities in IBM AIX rmsock."
version 40
refmap via4
aixapar
  • IZ40386
  • IZ41510
  • IZ41593
  • IZ41599
  • IZ42785
  • IZ42786
  • IZ42787
  • IZ42788
bid 33522
confirm http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
Last major update 21-08-2010 - 01:30
Published 30-01-2009 - 14:30
Last modified 28-09-2017 - 21:33
Back to Top