Vulnerability Details : CVE-2009-0370
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
Products affected by CVE-2009-0370
- cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3_l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.9:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:5.3.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0370
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0370
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2009-0370
-
http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ40386
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42787
Patch
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41510
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41599
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42785
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ41593
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42788
Patch
-
http://www.securityfocus.com/bid/33522
Patch
-
http://www.ibm.com/support/docview.wss?uid=isg1IZ42786
Patch
Jump to