Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2009-3699 | First vendor Publication | 2009-10-15 |
Vendor | Cve | Last vendor Modification | 2017-08-17 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3699 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58726 | IBM AIX libcsa.a Calendar Manager Service Daemon (rpc.cmsd) Remote Procedure ... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | CMSD UDP CMSD_CREATE array buffer overflow attempt RuleID : 2094-community - Revision : 18 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD UDP CMSD_CREATE array buffer overflow attempt RuleID : 2094 - Revision : 18 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD UDP CMSD_CREATE buffer overflow attempt RuleID : 1907-community - Revision : 18 - Type : PROTOCOL-RPC |
2014-01-10 | CMSD UDP CMSD_CREATE buffer overflow attempt RuleID : 1907 - Revision : 18 - Type : PROTOCOL-RPC |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ61628.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ61717.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62123.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62237.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62569.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62570.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62571.nasl - Type : ACT_GATHER_INFO |
2013-01-30 | Name : The remote AIX host is missing a security patch. File : aix_IZ62572.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2024-02-02 01:11:47 |
|
2024-02-01 12:03:17 |
|
2023-09-05 12:11:02 |
|
2023-09-05 01:03:09 |
|
2023-09-02 12:11:08 |
|
2023-09-02 01:03:10 |
|
2023-08-12 12:13:06 |
|
2023-08-12 01:03:10 |
|
2023-08-11 12:11:11 |
|
2023-08-11 01:03:17 |
|
2023-08-06 12:10:45 |
|
2023-08-06 01:03:11 |
|
2023-08-04 12:10:50 |
|
2023-08-04 01:03:13 |
|
2023-07-14 12:10:47 |
|
2023-07-14 01:03:11 |
|
2023-03-29 01:12:21 |
|
2023-03-28 12:03:17 |
|
2022-10-11 12:09:36 |
|
2022-10-11 01:03:00 |
|
2022-03-19 01:07:43 |
|
2021-09-01 12:06:51 |
|
2021-09-01 01:06:36 |
|
2021-05-05 01:06:19 |
|
2021-05-04 12:10:21 |
|
2021-04-22 01:10:47 |
|
2020-05-23 13:16:53 |
|
2020-05-23 01:40:59 |
|
2020-05-23 00:24:28 |
|
2017-08-17 09:22:45 |
|
2016-06-28 17:52:09 |
|
2016-04-26 19:12:31 |
|
2014-02-17 10:52:03 |
|
2014-01-19 21:26:15 |
|
2013-05-10 23:59:37 |
|