Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4833

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-4833
Last Modified 13 Feb 2013 11:57:04
Published 01 Oct 2012 02:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-4833

Summary

fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line.

Vulnerable Systems

Operating System

  • Ibm Aix 6.1

  • Ibm Aix 7.1

  • Ibm Vios 2.2.1.4


References

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/fuser_advisory.asc

XF - aix-fuser-kill-process(78907)

AIXAPAR - IV28756

AIXAPAR - IV28754

AIXAPAR - IV28749

AIXAPAR - IV28151

BID - 55726

SECUNIA - 50708

SECTRACK - 1027586


Last Updated: 27 May 2016 11:00:50