CVE-2007-0670Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 72.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedFeb 3
Latest updateMay 3

Description

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDibm/aix5.2, 5.3+1

🔴Vulnerability Details

2
GHSA
GHSA-rq8q-222j-mvv2: Buffer overflow in bos2022-05-03
CVEList
CVE-2007-0670: Buffer overflow in bos2007-02-03
CVE-2007-0670 — IBM AIX vulnerability | cvebase