Vulnerabilities > CVE-2006-5002 - Local Arbitrary File Overwrite vulnerability in IBM AIX Inventory Scout

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

ibm

nessus

NVD

Published: 2006-09-27

Updated: 2017-07-20

Summary

Unspecified vulnerability in IBM Inventory Scout for AIX 2.2.0.0 through 2.2.0.9 (invscoutClient_VPD_Survey) allows attackers to overwrite arbitrary files via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Inventory Scout 2.2.0.0 IBM Inventory Scout 2.2.0.1 IBM Inventory Scout 2.2.0.2 IBM Inventory Scout 2.2.0.3 IBM Inventory Scout 2.2.0.4 IBM Inventory Scout 2.2.0.5 IBM Inventory Scout 2.2.0.6 IBM Inventory Scout 2.2.0.7 IBM Inventory Scout 2.2.0.8 IBM Inventory Scout 2.2.0.9	10

Nessus

NASL family	AIX Local Security Checks
NASL id	AIX_U810933.NASL
description	The remote host is missing AIX PTF U810933, which is related to the security of the package invscout.rte.
last seen	2020-06-01
modified	2020-06-02
plugin id	28904
published	2007-12-03
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/28904
title	AIX 5.2 TL 9 / 5.3 TL 5 : invscout.rte (U810933)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U810933. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(28904); script_version ("1.10"); script_cvs_date("Date: 2019/09/16 14:12:47"); script_cve_id("CVE-2006-5002"); script_name(english:"AIX 5.2 TL 9 / 5.3 TL 5 : invscout.rte (U810933)"); script_summary(english:"Check for PTF U810933"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U810933, which is related to the security of the package invscout.rte." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY88735" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/08/23"); script_set_attribute(attribute:"patch_publication_date", value:"2006/08/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"520009", patch:"U810933", package:"invscout.rte.2.2.0.10") < 0 ) flag++; if ( aix_check_patch(ml:"530005", patch:"U810933", package:"invscout.rte.2.2.0.10") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

Summary

Vulnerable Configurations

Nessus

References