CVE-2009-3699
AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 - Buffer Overflow
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
Desbordamiento de búfer basado en pila en libcsa.a (también conocido como biblioteca del demonio calendario (calendar daemon library)) en IBM AIX v5.x hasta v5.3.10 y v6.x hasta v6.1.3, y VIOS v2.1 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de una cadena XDR larga en el primer argumento al procedimiento 21 de rpc.cmsd.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-10-14 CVE Reserved
- 2009-10-15 CVE Published
- 2010-11-11 First Exploit
- 2024-08-07 CVE Updated
- 2024-10-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (19)
URL | Tag | Source |
---|---|---|
http://securitytracker.com/id?1022996 | Vdb Entry | |
http://www.osvdb.org/58726 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/53681 | Vdb Entry | |
https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/16929 | 2010-11-11 | |
http://www.securityfocus.com/bid/36615 | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825 | 2017-08-17 | |
http://www.vupen.com/english/advisories/2009/2846 | 2017-08-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Vios Search vendor "Ibm" for product "Vios" | <= 2.1.0 Search vendor "Ibm" for product "Vios" and version " <= 2.1.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Vios Search vendor "Ibm" for product "Vios" | 1.4 Search vendor "Ibm" for product "Vios" and version "1.4" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Vios Search vendor "Ibm" for product "Vios" | 1.5.0 Search vendor "Ibm" for product "Vios" and version "1.5.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Vios Search vendor "Ibm" for product "Vios" | 1.5.1 Search vendor "Ibm" for product "Vios" and version "1.5.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Vios Search vendor "Ibm" for product "Vios" | 1.5.2 Search vendor "Ibm" for product "Vios" and version "1.5.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5 Search vendor "Ibm" for product "Aix" and version "5" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.1 Search vendor "Ibm" for product "Aix" and version "5.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.1.0.10 Search vendor "Ibm" for product "Aix" and version "5.1.0.10" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.1l Search vendor "Ibm" for product "Aix" and version "5.1l" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2 Search vendor "Ibm" for product "Aix" and version "5.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2.0 Search vendor "Ibm" for product "Aix" and version "5.2.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2.0.50 Search vendor "Ibm" for product "Aix" and version "5.2.0.50" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2.0.54 Search vendor "Ibm" for product "Aix" and version "5.2.0.54" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2.2 Search vendor "Ibm" for product "Aix" and version "5.2.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.2_l Search vendor "Ibm" for product "Aix" and version "5.2_l" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3 Search vendor "Ibm" for product "Aix" and version "5.3" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3 Search vendor "Ibm" for product "Aix" and version "5.3" | sp6 |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.0 Search vendor "Ibm" for product "Aix" and version "5.3.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.0.20 Search vendor "Ibm" for product "Aix" and version "5.3.0.20" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.7 Search vendor "Ibm" for product "Aix" and version "5.3.7" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.8 Search vendor "Ibm" for product "Aix" and version "5.3.8" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.9 Search vendor "Ibm" for product "Aix" and version "5.3.9" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3.10 Search vendor "Ibm" for product "Aix" and version "5.3.10" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3_l Search vendor "Ibm" for product "Aix" and version "5.3_l" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5.3_ml03 Search vendor "Ibm" for product "Aix" and version "5.3_ml03" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 5l Search vendor "Ibm" for product "Aix" and version "5l" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 6.1 Search vendor "Ibm" for product "Aix" and version "6.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 6.1.0 Search vendor "Ibm" for product "Aix" and version "6.1.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 6.1.1 Search vendor "Ibm" for product "Aix" and version "6.1.1" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 6.1.2 Search vendor "Ibm" for product "Aix" and version "6.1.2" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | 6.1.3 Search vendor "Ibm" for product "Aix" and version "6.1.3" | - |
Affected
|