7.2

CVE-2008-1599

The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmAix Version5.2
IbmAix Version5.3
IbmAix Version6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.38% 0.296
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.vupen.com/english/advisories/2008/0865
http://securitytracker.com/id?1019604
http://www.ibm.com/support/docview.wss?uid=isg1IZ16975
Patch
http://www.ibm.com/support/docview.wss?uid=isg1IZ16991
Patch
http://www.ibm.com/support/docview.wss?uid=isg1IZ17058
Patch
http://www.ibm.com/support/docview.wss?uid=isg1IZ17059
Patch
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5468