Vulnerabilities > CVE-2007-2995 - Remote Security vulnerability in IBM AIX 5.2.0/5.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.
Nessus
NASL family AIX Local Security Checks NASL id AIX_U811273.NASL description The remote host is missing AIX PTF U811273, which is related to the security of the package sysmgt.websm.rte. last seen 2020-06-01 modified 2020-06-02 plugin id 28907 published 2007-12-03 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28907 title AIX 5.2 TL 9 : sysmgt.websm.rte (U811273) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U811273. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(28907); script_version ("1.5"); script_cvs_date("Date: 2019/09/16 14:12:48"); script_cve_id("CVE-2007-2995"); script_name(english:"AIX 5.2 TL 9 : sysmgt.websm.rte (U811273)"); script_summary(english:"Check for PTF U811273"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U811273, which is related to the security of the package sysmgt.websm.rte." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95635" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95636" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95637" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.2"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/05"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"520009", patch:"U811273", package:"sysmgt.websm.rte.5.2.0.96") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family AIX Local Security Checks NASL id AIX_U811272.NASL description The remote host is missing AIX PTF U811272, which is related to the security of the package sysmgt.websm.framework. last seen 2020-06-01 modified 2020-06-02 plugin id 28906 published 2007-12-03 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28906 title AIX 5.2 TL 9 : sysmgt.websm.framework (U811272) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U811272. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(28906); script_version ("1.5"); script_cvs_date("Date: 2019/09/16 14:12:48"); script_cve_id("CVE-2007-2995"); script_name(english:"AIX 5.2 TL 9 : sysmgt.websm.framework (U811272)"); script_summary(english:"Check for PTF U811272"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U811272, which is related to the security of the package sysmgt.websm.framework." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95635" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95636" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95637" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.2"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/05"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"520009", patch:"U811272", package:"sysmgt.websm.framework.5.2.0.96") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family AIX Local Security Checks NASL id AIX_U810485.NASL description The remote host is missing AIX PTF U810485, which is related to the security of the package sysmgt.websm.rte. last seen 2020-06-01 modified 2020-06-02 plugin id 28898 published 2007-12-03 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28898 title AIX 5.3 TL 5 / 5.3 TL 6 : sysmgt.websm.rte (U810485) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U810485. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(28898); script_version ("1.5"); script_cvs_date("Date: 2019/09/16 14:12:48"); script_cve_id("CVE-2007-2995"); script_name(english:"AIX 5.3 TL 5 / 5.3 TL 6 : sysmgt.websm.rte (U810485)"); script_summary(english:"Check for PTF U810485"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U810485, which is related to the security of the package sysmgt.websm.rte." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY95526" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/01"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"530005", patch:"U810485", package:"sysmgt.websm.rte.5.3.0.51") < 0 ) flag++; if ( aix_check_patch(ml:"530006", patch:"U810485", package:"sysmgt.websm.rte.5.3.0.51") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
References
- http://osvdb.org/36741
- http://secunia.com/advisories/25458
- http://www.securitytracker.com/id?1018178
- http://www.vupen.com/english/advisories/2007/2003
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95526
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY95637
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34631