Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4856

Overview

Vulnerability Score 7.9 7.9
CVE Id CVE-2012-4856
Last Modified 29 Jan 2013 12:00:00
Published 20 Dec 2012 07:02:18
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4856

Summary

The Service Processor in the IBM Power 5 91##-### and 940#-### before SF240_418_382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Operating System

  • Ibm Power 5 System Firmware Sf240 201 201

  • Ibm Power 5 System Firmware Sf240 202 201

  • Ibm Power 5 System Firmware Sf240 219 201

  • Ibm Power 5 System Firmware Sf240 222 201

  • Ibm Power 5 System Firmware Sf240 233 201

  • Ibm Power 5 System Firmware Sf240 258 201

  • Ibm Power 5 System Firmware Sf240 259 201

  • Ibm Power 5 System Firmware Sf240 261 201

  • Ibm Power 5 System Firmware Sf240 284 201

  • Ibm Power 5 System Firmware Sf240 298 201

  • Ibm Power 5 System Firmware Sf240 299 201

  • Ibm Power 5 System Firmware Sf240 320 201

  • Ibm Power 5 System Firmware Sf240 332 201

  • Ibm Power 5 System Firmware Sf240 338 201

  • Ibm Power 5 System Firmware Sf240 358 201

  • Ibm Power 5 System Firmware Sf240 371

  • Ibm Power 5 System Firmware Sf240 382 382

  • Ibm Power 5 System Firmware Sf240 403 382

  • Ibm Power 5 System Firmware Sf240 415 382

  • Ibm Power 5 System Firmware Sf240 417

  • Ibm Power 5 System Firmware Sf240 418


References

CERT-VN - VU#194604

XF - ibm-power-default-accounts(79736)

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/squadrons_advisory.asc


Last Updated: 27 May 2016 11:01:28