CVE-2011-0637 - The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocatin

CVE-2011-0637

Summary

The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecified vectors.

References

http://osvdb.org/70519
http://secunia.com/advisories/42962
http://www.securityfocus.com/bid/45931
http://www.vupen.com/english/advisories/2011/0176
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ92478
https://exchange.xforce.ibmcloud.com/vulnerabilities/64817

Vulnerable Configurations

cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

refmap via4

aixapar	IZ92478
bid	45931
osvdb	70519
secunia	42962
vupen	ADV-2011-0176
xf	ibm-aix-fcscsi-dos(64817)

Last major update

17-08-2017 - 01:33

Published

25-01-2011 - 01:00

Last modified

17-08-2017 - 01:33