AIX 7.1 TL 2 : infiniband (IV43561)

High Nessus Plugin ID 68964

Synopsis

The remote AIX host is missing a security patch.

Description

Both 'ibstat' and .arp.ib. commands have security vulnerabilities that can allow a non-privileged user to run malicious code with privileged authority.

Solution

Install the appropriate interim fix.

See Also

http://www.nessus.org/u?f3dc35f3

Plugin Details

Severity: High

ID: 68964

File Name: aix_IV43561.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2013/07/19

Modified: 2014/06/22

Dependencies: 12634

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/07/16

Vulnerability Publication Date: 2013/07/16

Reference Information

CVE: CVE-2013-4011

BID: 60412, 61287