CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.3%
IBM AIX getconf
contains a buffer overflow vulnerability that may lead to arbitrary code execution.
IBM AIX contains the getconf
command that provides information about system configuration. An unspecified buffer overflow condition has been identified in getconf
and may lead to arbitrary code execution by local users.
Local, authenticated users may be able to execute arbitrary code.
Apply an update
IBM has issued updates to address this issue. Please see documents IY73850 and IY73814 for more information.
602300
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: September 29, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
IBM has issued updates to address this issue. Please see documents IY73850 and IY73814 for more information.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23602300 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to IBM for reporting this vulnerability.
This document was written by Ken MacInnis.
CVE IDs: | CVE-2005-3060 |
---|---|
Severity Metric: | 10.13 Date Public: |