Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2014-0930
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.7/10
- Exploit Score
- 3.4/10
- Access Vector
- Local
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 6.9/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.1.4:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ibm:vios:2.2.2.0:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://www.ibm.com/support/docview.wss?uid=isg1IV58948
- http://www.ibm.com/support/docview.wss?uid=isg1IV58840
- http://www.ibm.com/support/docview.wss?uid=isg1IV59045
- http://archives.neohapsis.com/archives/bugtraq/2014-05/0031.html
- http://www.ibm.com/support/docview.wss?uid=isg1IV58861
- http://www.ibm.com/support/docview.wss?uid=isg1IV58888
- http://www.ibm.com/support/docview.wss?uid=isg1IV59675
- http://www.ibm.com/support/docview.wss?uid=isg1IV58766
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/
- http://aix.software.ibm.com/aix/efixes/security/ptrace_advisory.asc
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92262