Vulnerability Details : CVE-2011-1385
IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-1385
Probability of exploitation activity in the next 30 days: 6.90%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-1385
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2011-1385
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1385
-
http://www.ibm.com/support/docview.wss?uid=isg1IV07188
IBM IV07188: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 6100-07Vendor Advisory
-
http://www.ibm.com/support/docview.wss?uid=isg1IV13672
IBM IV13672: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 6100-05Vendor Advisory
-
http://secunia.com/advisories/48149
Sign in
-
http://osvdb.org/79631
-
http://aix.software.ibm.com/aix/efixes/security/icmp_advisory.asc
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/52172
IBM AIX CVE-2011-1385 Remote Denial of Service Vulnerability
-
http://www.ibm.com/support/docview.wss?uid=isg1IV08255
IBM IV08255: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 7100-01Vendor Advisory
-
http://www.ibm.com/support/docview.wss?uid=isg1IV13554
IBM IV13554: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 6100-06Vendor Advisory
-
http://www.ibm.com/support/docview.wss?uid=isg1IV03369
IBM IV03369: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 5300-12Vendor Advisory
-
http://www.securitytracker.com/id?1026742
IBM AIX ICMP Processing Flaw Lets Remote Users Deny Service - SecurityTracker
-
http://www.ibm.com/support/docview.wss?uid=isg1IV04695
IBM IV04695: MISCELLANEOUS SECURITY UPDATES APPLIES TO AIX 7100-00Vendor Advisory
Products affected by CVE-2011-1385
- cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.1.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.1.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*