Lucene search

HistoryDec 21, 2023 - 12:00 a.m.

AIX 7.3 TL 1 : printers (IJ48539)

2023-12-2100:00:00

www.tenable.com

ibm aix

security patch

printers

vulnerability

non-privileged user

privilege escalation

denial of service

local user

cvss

exploit

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

https://vulners.com/cve/CVE-2023-45166 IBM AIX could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to obtain elevated privileges. IBM AIX could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service.
IBM AIX could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text in the description was extracted from AIX Security
# Advisory printers_advisory.asc.
#

include('deprecated_nasl_level.inc');
include("compat.inc");

if (description)
{
  script_id(187167);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/06");

  script_cve_id("CVE-2023-45166", "CVE-2023-45170", "CVE-2023-45174");

  script_name(english:"AIX 7.3 TL 1 : printers (IJ48539)");
  script_summary(english:"Check for APAR IJ48539");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote AIX host is missing a security patch."
  );
  script_set_attribute(
    attribute:"description",
    value:
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45166 IBM AIX
could allow a non-privileged local user to exploit a vulnerability in
the piodmgrsu command to obtain elevated privileges. IBM AIX could
allow a privileged local user to exploit a vulnerability in the
qdaemon command to escalate privileges or cause a denial of service.
IBM AIX could allow a non-privileged local user to exploit a
vulnerability in the piobe command to escalate privileges or cause a
denial of service."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://aix.software.ibm.com/aix/efixes/security/printers_advisory.asc"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Install the appropriate interim fix."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-45174");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:7.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/12/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/12/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"AIX Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version");

  exit(0);
}



include("audit.inc");
include("global_settings.inc");
include("aix.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);

if ( get_kb_item("Host/AIX/emgr_failure" ) ) exit(0, "This iFix check is disabled because : "+get_kb_item("Host/AIX/emgr_failure") );

flag = 0;

if (aix_check_ifix(release:"7.3", ml:"01", sp:"01", patch:"IJ48539m1b", package:"bos.rte.printers", minfilesetver:"7.3.1.0", maxfilesetver:"7.3.1.1") < 0) flag++;
if (aix_check_ifix(release:"7.3", ml:"01", sp:"01", patch:"IJ48539m1b", package:"printers.rte", minfilesetver:"7.3.1.0", maxfilesetver:"7.3.1.1") < 0) flag++;
if (aix_check_ifix(release:"7.3", ml:"01", sp:"02", patch:"IJ48539m2b", package:"bos.rte.printers", minfilesetver:"7.3.1.0", maxfilesetver:"7.3.1.1") < 0) flag++;
if (aix_check_ifix(release:"7.3", ml:"01", sp:"02", patch:"IJ48539m2b", package:"printers.rte", minfilesetver:"7.3.1.0", maxfilesetver:"7.3.1.1") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

VendorProductVersionCPE
ibmaix7.3cpe:/o:ibm:aix:7.3

Vendor	Product	Version	CPE
ibm	aix	7.3	cpe:/o:ibm:aix:7.3

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45166

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45170

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45174

aix.software.ibm.com/aix/efixes/security/printers_advisory.asc

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for AIX_IJ48539.NASL