Vulnerability Details : CVE-2009-0370
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
Exploit prediction scoring system (EPSS) score for CVE-2009-0370
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-0370
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2009-0370
-
http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ40386
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42787
Patch
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41510
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41599
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42785
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41593
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42788
Patch
-
http://www.securityfocus.com/bid/33522
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42786
Patch
Products affected by CVE-2009-0370
- cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3_l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.8:*:*:*:*:*:*:*