Vulnerabilities > CVE-2007-2996 - Local Arbitrary Code Execution vulnerability in IBM AIX Perl Interpreter

047910
CVSS 6.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
ibm
nessus

Summary

Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."

Vulnerable Configurations

Part Description Count
OS
Ibm
2

Nessus

  • NASL familyAIX Local Security Checks
    NASL idAIX_U812685.NASL
    descriptionThe remote host is missing AIX PTF U812685, which is related to the security of the package perl.rte.
    last seen2020-06-01
    modified2020-06-02
    plugin id29034
    published2007-12-03
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/29034
    titleAIX 5.3 TL 6 : perl.rte (U812685)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were extracted
    # from AIX Security PTF U812685. The text itself is copyright (C)
    # International Business Machines Corp.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(29034);
      script_version ("1.7");
      script_cvs_date("Date: 2019/09/16 14:12:48");
    
      script_cve_id("CVE-2007-2996");
    
      script_name(english:"AIX 5.3 TL 6 : perl.rte (U812685)");
      script_summary(english:"Check for PTF U812685");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote AIX host is missing a vendor-supplied security patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is missing AIX PTF U812685, which is related to the
    security of the package perl.rte."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY98395"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install the appropriate missing security-related fix."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/05/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/05/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"AIX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp");
    
      exit(0);
    }
    
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("aix.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
    if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    flag = 0;
    
    if ( aix_check_patch(ml:"530006", patch:"U812685", package:"perl.rte.5.8.2.61") < 0 ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyAIX Local Security Checks
    NASL idAIX_U812046.NASL
    descriptionThe remote host is missing AIX PTF U812046, which is related to the security of the package perl.rte.
    last seen2020-06-01
    modified2020-06-02
    plugin id28969
    published2007-12-03
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/28969
    titleAIX 5.2 TL 10 : perl.rte (U812046)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were extracted
    # from AIX Security PTF U812046. The text itself is copyright (C)
    # International Business Machines Corp.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(28969);
      script_version ("1.8");
      script_cvs_date("Date: 2019/09/16 14:12:48");
    
      script_cve_id("CVE-2007-2996");
    
      script_name(english:"AIX 5.2 TL 10 : perl.rte (U812046)");
      script_summary(english:"Check for PTF U812046");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote AIX host is missing a vendor-supplied security patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is missing AIX PTF U812046, which is related to the
    security of the package perl.rte."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IY98394"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install the appropriate missing security-related fix."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2007/05/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2007/05/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/03");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"AIX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp");
    
      exit(0);
    }
    
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("aix.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
    if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    flag = 0;
    
    if ( aix_check_patch(ml:"520010", patch:"U812046", package:"perl.rte.5.8.0.106") < 0 ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");