Detections
Analytics
AIX 7.1 TL 2 : cmdque (IV47430)
medium Nessus Plugin ID 70277
Language:
Synopsis
The remote AIX host is missing a security patch.Description
Printer commands mkque and mkquedev are susceptible to buffer overflow by users belonging to the 'printq' group. These commands are owned by 'root' and SUID bit set. The group is set to 'printq'. By default, no users are belong to the 'printq'.Solution
Install the appropriate interim fix.See Also
https://aix.software.ibm.com/aix/efixes/security/cmdque_advisory.asc
Plugin Details
Severity: Medium
ID: 70277
File Name: aix_IV47430.nasl
Version: 1.11
Type: local
Family: AIX Local Security Checks
Published: 10/3/2013
Updated: 4/21/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6.9
Temporal Score: 6
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:ibm:aix:7.1
Required KB Items: Host/local_checks_enabled, Host/AIX/version, Host/AIX/lslpp
Exploit Ease: No known exploits are available
Patch Publication Date: 9/25/2013
Vulnerability Publication Date: 9/25/2013
Reference Information
CVE: CVE-2013-5419
BID: 62796