// For flags

CVE-2009-3699

AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.

Desbordamiento de búfer basado en pila en libcsa.a (también conocido como biblioteca del demonio calendario (calendar daemon library)) en IBM AIX v5.x hasta v5.3.10 y v6.x hasta v6.1.3, y VIOS v2.1 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de una cadena XDR larga en el primer argumento al procedimiento 21 de rpc.cmsd.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-10-14 CVE Reserved
  • 2009-10-15 CVE Published
  • 2010-11-11 First Exploit
  • 2024-08-07 CVE Updated
  • 2024-10-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
Vios
Search vendor "Ibm" for product "Vios"
<= 2.1.0
Search vendor "Ibm" for product "Vios" and version " <= 2.1.0"
-
Affected
Ibm
Search vendor "Ibm"
Vios
Search vendor "Ibm" for product "Vios"
1.4
Search vendor "Ibm" for product "Vios" and version "1.4"
-
Affected
Ibm
Search vendor "Ibm"
Vios
Search vendor "Ibm" for product "Vios"
1.5.0
Search vendor "Ibm" for product "Vios" and version "1.5.0"
-
Affected
Ibm
Search vendor "Ibm"
Vios
Search vendor "Ibm" for product "Vios"
1.5.1
Search vendor "Ibm" for product "Vios" and version "1.5.1"
-
Affected
Ibm
Search vendor "Ibm"
Vios
Search vendor "Ibm" for product "Vios"
1.5.2
Search vendor "Ibm" for product "Vios" and version "1.5.2"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5
Search vendor "Ibm" for product "Aix" and version "5"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.1
Search vendor "Ibm" for product "Aix" and version "5.1"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.1.0.10
Search vendor "Ibm" for product "Aix" and version "5.1.0.10"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.1l
Search vendor "Ibm" for product "Aix" and version "5.1l"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2
Search vendor "Ibm" for product "Aix" and version "5.2"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2.0
Search vendor "Ibm" for product "Aix" and version "5.2.0"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2.0.50
Search vendor "Ibm" for product "Aix" and version "5.2.0.50"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2.0.54
Search vendor "Ibm" for product "Aix" and version "5.2.0.54"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2.2
Search vendor "Ibm" for product "Aix" and version "5.2.2"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.2_l
Search vendor "Ibm" for product "Aix" and version "5.2_l"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3
Search vendor "Ibm" for product "Aix" and version "5.3"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3
Search vendor "Ibm" for product "Aix" and version "5.3"
sp6
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.0
Search vendor "Ibm" for product "Aix" and version "5.3.0"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.0.20
Search vendor "Ibm" for product "Aix" and version "5.3.0.20"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.7
Search vendor "Ibm" for product "Aix" and version "5.3.7"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.8
Search vendor "Ibm" for product "Aix" and version "5.3.8"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.9
Search vendor "Ibm" for product "Aix" and version "5.3.9"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3.10
Search vendor "Ibm" for product "Aix" and version "5.3.10"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3_l
Search vendor "Ibm" for product "Aix" and version "5.3_l"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5.3_ml03
Search vendor "Ibm" for product "Aix" and version "5.3_ml03"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
5l
Search vendor "Ibm" for product "Aix" and version "5l"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
6.1
Search vendor "Ibm" for product "Aix" and version "6.1"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
6.1.0
Search vendor "Ibm" for product "Aix" and version "6.1.0"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
6.1.1
Search vendor "Ibm" for product "Aix" and version "6.1.1"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
6.1.2
Search vendor "Ibm" for product "Aix" and version "6.1.2"
-
Affected
Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
6.1.3
Search vendor "Ibm" for product "Aix" and version "6.1.3"
-
Affected