Detections
Analytics
AIX 7.1 TL 2 : wparcre (IV51421)
medium Nessus Plugin ID 72927
Language:
Synopsis
The remote AIX host is missing a security patch.Description
If ftpd is run in a 5.2 or 5.3 WPAR, a non-root user who logs in via ftp is allowed to access all files within the WPAR.Solution
Install the appropriate interim fix.See Also
http://www.nessus.org/u?583faf6d
https://aix.software.ibm.com/aix/efixes/security/wparcre_advisory.asc
Plugin Details
Severity: Medium
ID: 72927
File Name: aix_IV51421.nasl
Version: 1.6
Type: local
Family: AIX Local Security Checks
Published: 3/11/2014
Updated: 4/21/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: Medium
Base Score: 5.5
Temporal Score: 4.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P
Vulnerability Information
CPE: cpe:/o:ibm:aix:7.1
Required KB Items: Host/local_checks_enabled, Host/AIX/version, Host/AIX/lslpp
Exploit Ease: No known exploits are available
Patch Publication Date: 3/6/2014
Vulnerability Publication Date: 3/6/2014
Reference Information
CVE: CVE-2014-0899
BID: 66051