fkie_cve-2008-0586
Vulnerability from fkie_nvd
Published
2008-02-05 03:00
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh.
References
cve@mitre.orghttp://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc
cve@mitre.orghttp://osvdb.org/40427
cve@mitre.orghttp://osvdb.org/40428
cve@mitre.orghttp://osvdb.org/40429
cve@mitre.orghttp://secunia.com/advisories/28609Vendor Advisory
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=isg1IY98448
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=isg1IY98450
cve@mitre.orghttp://www.ibm.com/support/docview.wss?uid=isg1IY98331
cve@mitre.orghttp://www.ibm.com/support/docview.wss?uid=isg1IY98340
cve@mitre.orghttp://www.ibm.com/support/docview.wss?uid=isg1IY99537
cve@mitre.orghttp://www.ibm.com/support/docview.wss?uid=isg1IZ00559
cve@mitre.orghttp://www.ibm.com/support/docview.wss?uid=isg1IZ10828
cve@mitre.orghttp://www.securityfocus.com/bid/27431
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/0261
cve@mitre.orghttp://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4068
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/39907
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5704
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/40427
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/40428
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/40429
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28609Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=isg1IY98448
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=isg1IY98450
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/docview.wss?uid=isg1IY98331
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/docview.wss?uid=isg1IY98340
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/docview.wss?uid=isg1IY99537
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/docview.wss?uid=isg1IZ00559
af854a3a-2127-422b-91ae-364da2661108http://www.ibm.com/support/docview.wss?uid=isg1IZ10828
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27431
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0261
af854a3a-2127-422b-91ae-364da2661108http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4068
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/39907
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5704
Impacted products
Vendor Product Version
ibm aix 5.2
ibm aix 5.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en IBM AIX 5.2 y 5.3. Permiten a usuarios locales conseguir priviledios por medio de vectores no especificados relacionados con los programas (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg y (5) lvgenminor en bos.rte.lvm; y el programa tellclvmd en bos.clvm.enh."
    }
  ],
  "id": "CVE-2008-0586",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-05T03:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40427"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40428"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40429"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28609"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY98448"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY98450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY98331"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY98340"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY99537"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ00559"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ10828"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/27431"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0261"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4068"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39907"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40427"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY98448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY98450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY98331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY98340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IY99537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ00559"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ10828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5704"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.