gsd - gsd-2009-0370

gsd-2009-0370

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

Aliases

CVE-2009-0370

Aliases

CVE-2009-0370

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0370",
    "description": "Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating \"secure log files.\"",
    "id": "GSD-2009-0370"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0370"
      ],
      "details": "Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating \"secure log files.\"",
      "id": "GSD-2009-0370",
      "modified": "2023-12-13T01:19:43.942051Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-0370",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating \"secure log files.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc",
            "refsource": "CONFIRM",
            "url": "http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc"
          },
          {
            "name": "oval:org.mitre.oval:def:6028",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028"
          },
          {
            "name": "IZ42786",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42786"
          },
          {
            "name": "IZ42787",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42787"
          },
          {
            "name": "IZ42788",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42788"
          },
          {
            "name": "33522",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33522"
          },
          {
            "name": "IZ41599",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41599"
          },
          {
            "name": "IZ41593",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41593"
          },
          {
            "name": "IZ40386",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ40386"
          },
          {
            "name": "IZ41510",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41510"
          },
          {
            "name": "IZ42785",
            "refsource": "AIXAPAR",
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42785"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3_l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:5.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0370"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating \"secure log files.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc"
            },
            {
              "name": "IZ40386",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ40386"
            },
            {
              "name": "IZ41510",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41510"
            },
            {
              "name": "IZ42785",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42785"
            },
            {
              "name": "IZ42786",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42786"
            },
            {
              "name": "IZ41593",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41593"
            },
            {
              "name": "IZ42787",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42787"
            },
            {
              "name": "IZ42788",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ42788"
            },
            {
              "name": "33522",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/33522"
            },
            {
              "name": "IZ41599",
              "refsource": "AIXAPAR",
              "tags": [
                "Patch"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ41599"
            },
            {
              "name": "oval:org.mitre.oval:def:6028",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-09-29T01:33Z",
      "publishedDate": "2009-01-30T19:30Z"
    }
  }
}

cve-2009-0370

Vulnerability from cvelistv5

Published

2009-01-30 19:00

Modified

2024-08-07 04:31

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

References

▼	URL	Tags
	http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028	vdb-entry, signature, x_refsource_OVAL
	http://www.ibm.com/support/docview.wss?uid=isg1IZ42786	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ42787	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ42788	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/33522	vdb-entry, x_refsource_BID
	http://www.ibm.com/support/docview.wss?uid=isg1IZ41599	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ41593	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ40386	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ41510	vendor-advisory, x_refsource_AIXAPAR
	http://www.ibm.com/support/docview.wss?uid=isg1IZ42785	vendor-advisory, x_refsource_AIXAPAR

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website