CVE-2003-0696 — Uncontrolled Resource Consumption in IBM AIX

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 32.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedJan 20

Latest updateApr 29

Description

The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/aix5.1, 5.2+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-2qr9-mgp2-258p: The getipnodebyname() API in AIX 5↗2022-04-29

▶

CVEList

CVE-2003-0696: The getipnodebyname() API in AIX 5↗2004-01-08

▶