7.2
CVE-2008-1599
- EPSS 0.38%
- Veröffentlicht 31.03.2008 23:44:00
- Zuletzt bearbeitet 16.06.2026 22:52:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.296 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://www.vupen.com/english/advisories/2008/0865
http://securitytracker.com/id?1019604
http://www.ibm.com/support/docview.wss?uid=isg1IZ16975
http://www.ibm.com/support/docview.wss?uid=isg1IZ16991
http://www.ibm.com/support/docview.wss?uid=isg1IZ17058
http://www.ibm.com/support/docview.wss?uid=isg1IZ17059
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5468