Detections
Analytics

CVE-2009-0370

high

Description

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028

http://www.securityfocus.com/bid/33522

http://www.ibm.com/support/docview.wss?uid=isg1IZ42788

http://www.ibm.com/support/docview.wss?uid=isg1IZ42787

http://www.ibm.com/support/docview.wss?uid=isg1IZ42786

http://www.ibm.com/support/docview.wss?uid=isg1IZ42785

http://www.ibm.com/support/docview.wss?uid=isg1IZ41599

http://www.ibm.com/support/docview.wss?uid=isg1IZ41593

http://www.ibm.com/support/docview.wss?uid=isg1IZ41510

http://www.ibm.com/support/docview.wss?uid=isg1IZ40386

http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc

Details

Source: Mitre, NVD

Published: 2009-01-30

Updated: 2017-09-29

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: High