10

CVE-2004-2388

Exploit
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmAix Version4.3.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.15% 0.797
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/11085
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1IY53507
Vendor Advisory
http://www.ciac.org/ciac/bulletins/o-102.shtml
Vendor Advisory
Exploit
http://www.osvdb.org/4248
Patch
http://www.securityfocus.com/bid/9835
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15455