Vulnerabilities > CVE-2011-1385 - Resource Management Errors vulnerability in IBM AIX and Vios
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 12 | |
| OS | 3 |
Common Weakness Enumeration (CWE)
Nessus
NASL family AIX Local Security Checks NASL id AIX_U849141.NASL description The remote host is missing AIX PTF U849141, which is related to the security of the package bos.net.tcp.client. last seen 2020-06-01 modified 2020-06-02 plugin id 59075 published 2012-05-11 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59075 title AIX 6.1 TL 6 : bos.net.tcp.client (U849141) NASL family AIX Local Security Checks NASL id AIX_U842598.NASL description The remote host is missing AIX PTF U842598, which is related to the security of the package bos.net.tcp.client. last seen 2020-06-01 modified 2020-06-02 plugin id 59073 published 2012-05-11 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59073 title AIX 6.1 TL 5 : bos.net.tcp.client (U842598) NASL family AIX Local Security Checks NASL id AIX_U846526.NASL description The remote host is missing AIX PTF U846526, which is related to the security of the package bos.net.tcp.client. last seen 2020-06-01 modified 2020-06-02 plugin id 59074 published 2012-05-11 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59074 title AIX 7.1 : bos.net.tcp.client (U846526) NASL family AIX Local Security Checks NASL id AIX_IV13827.NASL description There is an error in the handling of a particular ICMP packet in which a remote user can cause a denial of service. Note: The ifixes provided also contain the fix for CVE-2012-0194 since they affect the same fileset. See the following for CVE-2012-0194: http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc. last seen 2017-10-29 modified 2014-03-11 plugin id 63708 published 2013-01-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=63708 title AIX 5.3 TL 12 : icmp (IV13827) NASL family AIX Local Security Checks NASL id AIX_IV13820.NASL description There is an error in the handling of a particular ICMP packet in which a remote user can cause a denial of service. Note: The ifixes provided also contain the fix for CVE-2012-0194 since they affect the same fileset. See the following for CVE-2012-0194: http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc. last seen 2017-10-29 modified 2014-03-11 plugin id 64301 published 2013-01-30 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=64301 title AIX 6.1 TL 6 : icmp (IV13820) NASL family AIX Local Security Checks NASL id AIX_U846741.NASL description The remote host is missing AIX PTF U846741, which is related to the security of the package bos.net.tcp.client. last seen 2020-06-01 modified 2020-06-02 plugin id 72843 published 2014-03-06 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72843 title AIX 7.1 TL 1 : bos.net.tcp.client (U846741) NASL family AIX Local Security Checks NASL id AIX_IV13751.NASL description There is an error in the handling of a particular ICMP packet in which a remote user can cause a denial of service. Note: The ifixes provided also contain the fix for CVE-2012-0194 since they affect the same fileset. See the following for CVE-2012-0194: http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc. last seen 2017-10-29 modified 2014-03-11 plugin id 64300 published 2013-01-30 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=64300 title AIX 6.1 TL 5 : icmp (IV13751) NASL family AIX Local Security Checks NASL id AIX_U846071.NASL description The remote host is missing AIX PTF U846071, which is related to the security of the package bos.net.tcp.client. last seen 2020-06-01 modified 2020-06-02 plugin id 72841 published 2014-03-06 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72841 title AIX 6.1 TL 7 : bos.net.tcp.client (U846071) NASL family AIX Local Security Checks NASL id AIX_IV14210.NASL description There is an error in the handling of a particular ICMP packet in which a remote user can cause a denial of service. Note: The ifixes provided also contain the fix for CVE-2012-0194 since they affect the same fileset. See the following for CVE-2012-0194: http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc. last seen 2017-10-29 modified 2014-03-11 plugin id 64303 published 2013-01-30 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=64303 title AIX 7.1 TL 0 : icmp (IV14210) NASL family AIX Local Security Checks NASL id AIX_U846347.NASL description The remote host is missing AIX PTF U846347, which is related to the security of the package bos.net.tcp.client. Vulnerability which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. Note: The ifix provided also contains the fix for CVE-2012-0194 and CVE-2011-1385 since they affect the same fileset. See the following for CVE-2012-0194: http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc CVE-2011-1385: http://aix.software.ibm.com/aix/efixes/security/icmp_advisor y.asc. last seen 2020-06-01 modified 2020-06-02 plugin id 72842 published 2014-03-06 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72842 title AIX 5.3 TL 12 : bos.net.tcp.client (U846347) NASL family AIX Local Security Checks NASL id AIX_U841068.NASL description The remote host is missing AIX PTF U841068, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic. last seen 2020-06-01 modified 2020-06-02 plugin id 72839 published 2014-03-06 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72839 title AIX 6.1 TL 7 : bos.net.tcp.client (U841068) NASL family AIX Local Security Checks NASL id AIX_U843468.NASL description The remote host is missing AIX PTF U843468, which is related to the security of the package bos.net.tcp.client. AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic. last seen 2020-06-01 modified 2020-06-02 plugin id 72840 published 2014-03-06 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72840 title AIX 7.1 TL 1 : bos.net.tcp.client (U843468)
References
- http://aix.software.ibm.com/aix/efixes/security/icmp_advisory.asc
- http://osvdb.org/79631
- http://secunia.com/advisories/48149
- http://www.ibm.com/support/docview.wss?uid=isg1IV03369
- http://www.ibm.com/support/docview.wss?uid=isg1IV04695
- http://www.ibm.com/support/docview.wss?uid=isg1IV07188
- http://www.ibm.com/support/docview.wss?uid=isg1IV08255
- http://www.ibm.com/support/docview.wss?uid=isg1IV13554
- http://www.ibm.com/support/docview.wss?uid=isg1IV13672
- http://www.securityfocus.com/bid/52172
- http://www.securitytracker.com/id?1026742