Back to search
CVE-2009-3699
Published: Oct 15, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2009-2846
vdb-entry
x_refsource_VUPEN
IZ62237
vendor-advisory
x_refsource_AIXAPAR
IZ62570
vendor-advisory
x_refsource_AIXAPAR
IZ61628
vendor-advisory
x_refsource_AIXAPAR
1022996
vdb-entry
x_refsource_SECTRACK
20091007 IBM AIX rpc.cmsd Stack Buffer Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc
x_refsource_CONFIRM
IZ62569
vendor-advisory
x_refsource_AIXAPAR
ibm-aix-rpccmsd-bo(53681)
vdb-entry
x_refsource_XF
IZ62571
vendor-advisory
x_refsource_AIXAPAR
IZ62123
vendor-advisory
x_refsource_AIXAPAR
IZ62672
vendor-advisory
x_refsource_AIXAPAR
IZ62572
vendor-advisory
x_refsource_AIXAPAR
36978
third-party-advisory
x_refsource_SECUNIA
IZ61717
vendor-advisory
x_refsource_AIXAPAR
58726
vdb-entry
x_refsource_OSVDB
36615
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now