Detections
Analytics
IBM AIX TCP Large Send Denial of Service Vulnerability
high Nessus Plugin ID 59917
Language:
Synopsis
The remote host is running a version of IBM AIX that is affected by a denial of service vulnerability.Description
The remote host is running a version of IBM AIX that could allow a remote attacker to cause a denial of service, due to an error when the TCP large send offload option is enabled on a network interface.By sending a specially crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic.
Note that this plugin requires RFC 1323 to be enabled on the remote host.
Solution
Apply the fixes as described in the vendor's advisory.See Also
https://aix.software.ibm.com/aix/efixes/security/large_send_advisory.asc
Plugin Details
Severity: High
ID: 59917
File Name: aix_icmp_echo_reply_dos.nbin
Version: 1.78
Type: remote
Family: General
Published: 7/11/2012
Updated: 7/17/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 2.7
CVSS v2
Risk Factor: High
Base Score: 7.1
Temporal Score: 5.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2012-0194
Vulnerability Information
CPE: cpe:/o:ibm:aix
Exploit Ease: No known exploits are available
Patch Publication Date: 2/24/2012
Vulnerability Publication Date: 2/3/2012
Reference Information
CVE: CVE-2012-0194
BID: 51864