CVE-2009-0370 — IBM AIX vulnerability

6 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 79.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedJan 30

Latest updateMay 2

Description

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix11 versions+10

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-gwch-hrm7-6996: Multiple unspecified vulnerabilities in IBM AIX 5↗2022-05-02

▶

CVEList

CVE-2009-0370: Multiple unspecified vulnerabilities in IBM AIX 5↗2009-01-30

▶

💬Community

Bugzilla

CVE-2009-0601 wireshark: denial of service (application crash) via format string specifiers in the HOME environment variable.↗2009-02-17

▶

Bugzilla

CVE-2009-0600 wireshark: denial of service (application crash) via a crafted Tektronix K12 text capture file↗2009-02-17

▶