AIX 7.1 TL 5 : trace (IJ32940)

high Nessus Plugin ID 150804

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote AIX host is missing a security patch.

Description

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29706 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201-29706 IBM AIX could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service.

Solution

Install the appropriate interim fix.

See Also

http://aix.software.ibm.com/aix/efixes/security/trace_advisory.asc

Plugin Details

Severity: High

ID: 150804

File Name: aix_IJ32940.nasl

Version: 1.1

Type: local

Published: 6/16/2021

Updated: 6/16/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

Vulnerability Information

CPE: cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*

Required KB Items: Host/local_checks_enabled, Host/AIX/version, Host/AIX/lslpp

Patch Publication Date: 6/15/2021

Vulnerability Publication Date: 6/15/2021

Reference Information

CVE: CVE-2021-29706