CVE-2008-2513

Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://aix.software.ibm.com/aix/efixes/security/unix_advisory.asc
http://secunia.com/advisories/30349
http://securitytracker.com/id?1020083
http://www.ibm.com/support/docview.wss?uid=isg1IZ19911	Patch
http://www.ibm.com/support/docview.wss?uid=isg1IZ21481	Patch
http://www.ibm.com/support/docview.wss?uid=isg1IZ22368
http://www.ibm.com/support/docview.wss?uid=isg1IZ22369
http://www.ibm.com/support/docview.wss?uid=isg1IZ22370
http://www.securityfocus.com/bid/29329
http://www.vupen.com/english/advisories/2008/1626/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5684

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:ibm:aix:5.2:::::::*
	cpe:2.3:o:ibm:aix:5.3:::::::*
	cpe:2.3:o:ibm:aix:6.1:::::::*

History

No history.

Information

Published : 2008-06-02 21:30

Updated : 2024-02-04 17:33

NVD link : CVE-2008-2513

Mitre link : CVE-2008-2513

CVE.ORG link : CVE-2008-2513

JSON object : View

Products Affected

ibm

aix

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2008-2513", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-06-02T21:30:00.000", "references": [{"url": "http://aix.software.ibm.com/aix/efixes/security/unix_advisory.asc", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/30349", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1020083", "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ19911", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ21481", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ22368", "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ22369", "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ22370", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/29329", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1626/references", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42577", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5684", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en el kernel en IBM AIX versiones 5.2, 5.3 y 6.1, permite a los usuarios locales ejecutar c\u00f3digo arbitrario en modo kernel por medio de vectores de ataque desconocidos."}], "lastModified": "2017-09-29T01:31:11.973", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B"}, {"criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507"}, {"criteria": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD518B94-9CD7-4C45-8766-578CF427B4CF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}