4.7

CVE-2014-0930

Exploit
The ptrace system call in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.x, allows local users to cause a denial of service (system crash) or obtain sensitive information from kernel memory via a crafted PT_LDINFO operation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmVios Version2.2.0.10
IbmVios Version2.2.0.11
IbmVios Version2.2.0.12
IbmVios Version2.2.0.13
IbmVios Version2.2.1.0
IbmVios Version2.2.1.1
IbmVios Version2.2.1.3
IbmVios Version2.2.1.4
IbmVios Version2.2.2.0
IbmVios Version2.2.3.0
IbmAix Version5.3
IbmAix Version6.1
IbmAix Version7.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.47% 0.369
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://aix.software.ibm.com/aix/efixes/security/ptrace_advisory.asc
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2014-05/0031.html
http://www.ibm.com/support/docview.wss?uid=isg1IV58766
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IV58840
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IV58861
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IV58888
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IV58948
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IV59045
http://www.ibm.com/support/docview.wss?uid=isg1IV59675
https://exchange.xforce.ibmcloud.com/vulnerabilities/92262
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-0930/
Exploit