PT-2009-3029 · Ibm · Aix
Published
2009-01-30
·
Updated
2017-09-29
·
CVE-2009-0370
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM AIX versions 5.2.0 through 6.1.2
Description
The issue allows local users to append data to arbitrary files. This is related to the rmsock and rmsock64 functions not creating secure log files.
Recommendations
For IBM AIX versions 5.2.0 through 6.1.2, consider restricting access to the rmsock and rmsock64 functions to minimize the risk of exploitation. Additionally, monitor file system activity for unauthorized modifications. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Aix