Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.AIX_IJ50934.NASL
HistoryMay 10, 2024 - 12:00 a.m.

AIX 7.3 TL 2 : kernel (IJ50934)

2024-05-1000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
aix 7.3 tl 2
missing patch
kernel (ij50934)
privilege escalation
unix domain datagram sockets
so_peerid operation
vulnerability

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

https://vulners.com/cve/CVE-2024-27273 IBM AIX’s Unix domain datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable Network Security, Inc.
#
# The text in the description was extracted from AIX Security
# Advisory kernel_advisory7.asc.
#

include("compat.inc");

if (description)
{
  script_id(195306);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/10");

  script_cve_id("CVE-2024-27273");

  script_name(english:"AIX 7.3 TL 2 : kernel (IJ50934)");
  script_summary(english:"Check for APAR IJ50934");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote AIX host is missing a security patch."
  );
  script_set_attribute(
    attribute:"description",
    value:
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27273 IBM
AIX's Unix domain datagram socket implementation could potentially
expose applications using Unix domain datagram sockets with SO_PEERID
operation and may lead to privilege escalation."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://aix.software.ibm.com/aix/efixes/security/kernel_advisory7.asc"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Install the appropriate interim fix."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:7.3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/05/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/05/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/10");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"AIX Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version");

  exit(0);
}



include("audit.inc");
include("global_settings.inc");
include("aix.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX");
if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);

if ( get_kb_item("Host/AIX/emgr_failure" ) ) exit(0, "This iFix check is disabled because : "+get_kb_item("Host/AIX/emgr_failure") );

flag = 0;

if (aix_check_ifix(release:"7.3", ml:"02", sp:"01", patch:"IJ50934s1a", package:"bos.mp64", minfilesetver:"7.3.2.0", maxfilesetver:"7.3.2.1") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
ibmaix7.3cpe:/o:ibm:aix:7.3

Related

cve 1
nvd 1
ibm 1
aix 1
nessus 3
cvelist 1
cve
cve
CVE-2024-27273
2024-05-07 21:15:09
nvd
nvd
CVE-2024-27273
2024-05-07 21:15:09
ibm
ibm
Security Bulletin: AIX is vulnerable to privilege escalation (CVE-2024-27273)
2024-05-06 19:08:02
aix
aix
AIX is vulnerable to privilege escalation (CVE-2024-27273)
2024-05-06 08:12:16
nessus
nessus
AIX 7.3 TL 1 : kernel (IJ50935)
2024-05-10 00:00:00
AIX 7.3 TL 0 : kernel (IJ50936)
2024-05-10 00:00:00
AIX 7.2 TL 5 : kernel (IJ50910)
2024-05-10 00:00:00
cvelist
cvelist
CVE-2024-27273 IBM AIX privilege escalation
2024-05-07 20:17:47

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON
Related for AIX_IJ50934.NASL
cve1nvd1ibm1aix1nessus3cvelist1