7.2

CVE-2008-4018

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors.  NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmAix Version5.2
IbmAix Version5.3
IbmAix Version6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.307
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc
http://secunia.com/advisories/31739
http://securitytracker.com/id?1020818
http://www.ibm.com/support/docview.wss?uid=isg1IZ18334
http://www.ibm.com/support/docview.wss?uid=isg1IZ18335
http://www.ibm.com/support/docview.wss?uid=isg1IZ18338
http://www.ibm.com/support/docview.wss?uid=isg1IZ18339
http://www.ibm.com/support/docview.wss?uid=isg1IZ18341
http://www.ibm.com/support/docview.wss?uid=isg1IZ28943
http://www.securityfocus.com/bid/30999
http://www.vupen.com/english/advisories/2008/2490
https://exchange.xforce.ibmcloud.com/vulnerabilities/44903
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5932