Vulnerability Description
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | 5.2 |
References
- http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
- http://www.ibm.com/support/docview.wss?uid=isg1IZ40386Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41510Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41593
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41599Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42785Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42786Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42787Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42788Patch
- http://www.securityfocus.com/bid/33522Patch
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
- http://www.ibm.com/support/docview.wss?uid=isg1IZ40386Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41510Patch
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41593
FAQ
What is CVE-2009-0370?
CVE-2009-0370 is a vulnerability with a CVSS score of 7.2 (HIGH). Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
How severe is CVE-2009-0370?
CVE-2009-0370 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0370?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix.