Vulnerabilities > CVE-2009-0370 - Unspecified vulnerability in IBM AIX

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ibm

nessus

NVD

Published: 2009-01-30

Updated: 2017-09-29

Summary

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX 5.2 IBM AIX 5.2.2 IBM AIX 5.2_L IBM AIX 5.3 IBM AIX 5.3.7 IBM AIX 5.3.8 IBM AIX 5.3.9 IBM AIX 5.3_L IBM AIX 6.1 IBM AIX 6.1.1 IBM AIX 6.1.2	11

Nessus

NASL family	AIX Local Security Checks
NASL id	AIX_U822048.NASL
description	The remote host is missing AIX PTF U822048, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	38372
published	2009-04-30
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/38372
title	AIX 5.3 TL 8 : bos.net.tcp.client (U822048)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U822048. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(38372); script_version ("1.4"); script_cvs_date("Date: 2019/09/16 14:12:53"); script_cve_id("CVE-2009-0370"); script_name(english:"AIX 5.3 TL 8 : bos.net.tcp.client (U822048)"); script_summary(english:"Check for PTF U822048"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U822048, which is related to the security of the package bos.net.tcp.client." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ42787" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/29"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"530008", patch:"U822048", package:"bos.net.tcp.client.5.3.8.8") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	AIX Local Security Checks
NASL id	AIX_U823545.NASL
description	The remote host is missing AIX PTF U823545, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	35525
published	2009-01-29
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35525
title	AIX 5.2 TL 10 : bos.net.tcp.client (U823545)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U823545. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(35525); script_version ("1.5"); script_cvs_date("Date: 2019/09/16 14:12:52"); script_cve_id("CVE-2009-0370"); script_name(english:"AIX 5.2 TL 10 : bos.net.tcp.client (U823545)"); script_summary(english:"Check for PTF U823545"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U823545, which is related to the security of the package bos.net.tcp.client." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ40108" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ40109" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ40386" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.2"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/12/16"); script_set_attribute(attribute:"patch_publication_date", value:"2008/12/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/01/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"520010", patch:"U823545", package:"bos.net.tcp.client.5.2.0.113") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	AIX Local Security Checks
NASL id	AIX_U818420.NASL
description	The remote host is missing AIX PTF U818420, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	35830
published	2009-03-11
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35830
title	AIX 6.1 : bos.net.tcp.client (U818420)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U818420. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(35830); script_version ("1.5"); script_cvs_date("Date: 2019/09/16 14:12:52"); script_cve_id("CVE-2009-0370"); script_name(english:"AIX 6.1 : bos.net.tcp.client (U818420)"); script_summary(english:"Check for PTF U818420"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U818420, which is related to the security of the package bos.net.tcp.client." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ41599" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:6.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/14"); script_set_attribute(attribute:"patch_publication_date", value:"2009/01/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/03/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"610000", patch:"U818420", package:"bos.net.tcp.client.6.1.0.8") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	AIX Local Security Checks
NASL id	AIX_U821384.NASL
description	The remote host is missing AIX PTF U821384, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	38274
published	2009-04-30
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/38274
title	AIX 5.3 TL 7 : bos.net.tcp.client (U821384)

NASL family	AIX Local Security Checks
NASL id	AIX_U821948.NASL
description	The remote host is missing AIX PTF U821948, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	38293
published	2009-04-30
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/38293
title	AIX 5.3 TL 6 : bos.net.tcp.client (U821948)

NASL family	AIX Local Security Checks
NASL id	AIX_U819861.NASL
description	The remote host is missing AIX PTF U819861, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	37233
published	2009-04-23
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/37233
title	AIX 6.1 TL 1 : bos.net.tcp.client (U819861)

NASL family	AIX Local Security Checks
NASL id	AIX_U821800.NASL
description	The remote host is missing AIX PTF U821800, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	37116
published	2009-04-23
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/37116
title	AIX 6.1 TL 2 : bos.net.tcp.client (U821800)

NASL family	AIX Local Security Checks
NASL id	AIX_U820015.NASL
description	The remote host is missing AIX PTF U820015, which is related to the security of the package bos.net.tcp.client.
last seen	2020-06-01
modified	2020-06-02
plugin id	38230
published	2009-04-30
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/38230
title	AIX 5.3 TL 9 : bos.net.tcp.client (U820015)

Oval

accepted

2009-09-21T04:00:05.256-04:00

class

vulnerability

contributors

name	Aharon Chernin
organization	DTCC

definition_extensions

comment IBM AIX 5200-10 is installed
oval oval:org.mitre.oval:def:5076
comment IBM AIX 5300-00 is installed
oval oval:org.mitre.oval:def:6195
comment IBM AIX 5300-01 through 5300-06 is installed
oval oval:org.mitre.oval:def:5973
comment IBM AIX 5300-07 is installed
oval oval:org.mitre.oval:def:5707
comment IBM AIX 5300-08 is installed
oval oval:org.mitre.oval:def:5293
comment IBM AIX 5300-09 is installed
oval oval:org.mitre.oval:def:6306
comment IBM AIX 6100-00 is installed
oval oval:org.mitre.oval:def:5589
comment IBM AIX 6100-01 is installed
oval oval:org.mitre.oval:def:5959
comment IBM AIX 6100-02 is installed
oval oval:org.mitre.oval:def:5685

description

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

family

unix

oval:org.mitre.oval:def:6028

status

accepted

submitted

2009-08-07T08:18:16-04:00

title

Multiple unspecified vulnerabilities in IBM AIX rmsock."

version

Summary

Vulnerable Configurations

Nessus

Oval

References