CVE-2009-0370
First published: Fri Jan 30 2009(Updated: )
Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM AIX | =5.3.8 | |
| IBM AIX | =5.3.7 | |
| IBM AIX | =5.3_l | |
| IBM AIX | =5.3 | |
| IBM AIX | =5.2 | |
| IBM AIX | =6.1.1 | |
| IBM AIX | =5.2_l | |
| IBM AIX | =6.1 | |
| IBM AIX | =5.3.9 | |
| IBM AIX | =5.2.2 | |
| IBM AIX | =6.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://aix.software.ibm.com/aix/efixes/security/rmsock_advisory.asc
- http://www.ibm.com/support/docview.wss?uid=isg1IZ40386
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41510
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42785
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42786
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41593
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42787
- http://www.ibm.com/support/docview.wss?uid=isg1IZ42788
- http://www.securityfocus.com/bid/33522
- http://www.ibm.com/support/docview.wss?uid=isg1IZ41599
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6028
Frequently Asked Questions
What is the severity of CVE-2009-0370?
CVE-2009-0370 has a moderate severity level due to the potential for local users to append data to arbitrary files.
How do I fix CVE-2009-0370?
To fix CVE-2009-0370, it is recommended to update to the latest patches provided by IBM for affected AIX versions.
Which versions of IBM AIX are affected by CVE-2009-0370?
CVE-2009-0370 affects IBM AIX versions from 5.2.0 through 6.1.2.
What are the implications of CVE-2009-0370 for local users?
Local users can exploit CVE-2009-0370 to manipulate log files, potentially compromising system integrity.
Is CVE-2009-0370 addressed by IBM support?
Yes, IBM has addressed CVE-2009-0370 and recommends specific updates to mitigate the vulnerabilities.
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm aix
- version/ibm aix/5.3.8
- version/ibm aix/5.3.7
- version/ibm aix/5.3_l
- version/ibm aix/5.3
- version/ibm aix/5.2
- version/ibm aix/6.1.1
- version/ibm aix/5.2_l
- version/ibm aix/6.1
- version/ibm aix/5.3.9
- version/ibm aix/5.2.2
- version/ibm aix/6.1.2