Oval Definition:oval:org.mitre.oval:def:6028
Revision Date:2009-09-21Version:10
Title:Multiple unspecified vulnerabilities in IBM AIX rmsock."
Description:Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0370
Platform(s):IBM AIX 5.2
IBM AIX 5.3
IBM AIX 6.1
Product(s):
Definition Synopsis
  • Software Section
  • IBM AIX 5200-10 meets CVE-2009-0370
  • IBM AIX 5200-10 is installed
  • AND NOT All filesets for APAR IZ40386 are installed
  • AND The level of fileset bos.net.tcp.client is greater than or equal 5.2.0.0
  • OR IBM AIX 5300-00 meets CVE-2009-0370
  • IBM AIX 5300-00 is installed
  • AND NOT All filesets for APAR IZ42785 are installed
  • AND The level of fileset bos.net.tcp.client is less than or equal 5.3.0.72
  • AND The level of fileset bos.net.tcp.client is greater than or equal 5.3.0.0
  • OR IBM AIX 5300-01 through 5300-06 meets CVE-2009-0370
  • IBM AIX 5300-01 through 5300-06 is installed
  • AND Fileset bos.net.tcp.client is installed
  • OR IBM AIX 5300-07 meets CVE-2009-0370
  • IBM AIX 5300-07 is installed
  • AND NOT All filesets for APAR IZ42786 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 5.3.7.0
  • AND Fileset bos.net.tcp.client is less than or equal 5.3.7.7
  • OR IBM AIX 5300-08 meets CVE-2009-0370
  • IBM AIX 5300-08 is installed
  • AND NOT All filesets for APAR IZ42787 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 5.3.8.0
  • AND Fileset bos.net.tcp.client is less than or equal 5.3.8.6
  • OR IBM AIX 5300-09 meets CVE-2009-0370
  • IBM AIX 5300-09 is installed
  • AND NOT All filesets for APAR IZ42788 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 5.3.9.0
  • AND Fileset bos.net.tcp.client is less than or equal 5.3.9.2
  • OR IBM AIX 6100-00 meets CVE-2009-0370
  • IBM AIX 6100-00 is installed
  • AND NOT All filesets for APAR IZ41599 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 6.1.0.0
  • AND Fileset bos.net.tcp.client is less than or equal 6.1.0.7
  • OR IBM AIX 6100-01 meets CVE-2009-0370
  • IBM AIX 6100-01 is installed
  • AND NOT All filesets for APAR IZ41593 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 6.1.1.0
  • AND Fileset bos.net.tcp.client is less than or equal 6.1.1.3
  • OR IBM AIX 6100-02 meets CVE-2009-0370
  • IBM AIX 6100-02 is installed
  • AND NOT All filesets for APAR IZ41510 are installed
  • AND Fileset bos.net.tcp.client is greater than or equal 6.1.2.0
  • AND Fileset bos.net.tcp.client is less than or equal 6.1.2.2
  • AND Configuration Section
  • /usr/sbin/rmsock is suid
  • OR /usr/sbin/rmsock64 is suid
    • BACK