Lucene search

MitreCVE-2008-5387

HistoryDec 09, 2008 - 12:30 a.m.

CVE-2008-5387

2008-12-0900:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-5387

buffer overflow

ibm aix

nvd

security

vulnerability

privilege escalation

access control

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors.

Affected configurations

Nvd

Node

ibmaixMatch6.1

ibmaixMatch6.1.1

ibmaixMatch6.1.2

VendorProductVersionCPE
ibmaix6.1cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
ibmaix6.1.1cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*
ibmaix6.1.2cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	aix	6.1	cpe:2.3:o:ibm:aix:6.1:::::::*
ibm	aix	6.1.1	cpe:2.3:o:ibm:aix:6.1.1:::::::*
ibm	aix	6.1.2	cpe:2.3:o:ibm:aix:6.1.2:::::::*

References

aix.software.ibm.com/aix/efixes/security/aix61_advisory.asc

osvdb.org/50216

secunia.com/advisories/32916

www-01.ibm.com/support/docview.wss?uid=isg1IZ30231

www-01.ibm.com/support/docview.wss?uid=isg1IZ34393

www-01.ibm.com/support/docview.wss?uid=isg1IZ34753

www.securityfocus.com/bid/32493

www.securitytracker.com/id?1021289

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6303

CVSS2

6.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-5387