7.2
CVE-2008-4018
- EPSS 0.39%
- Veröffentlicht 11.09.2008 01:13:52
- Zuletzt bearbeitet 16.06.2026 22:57:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.307 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc
http://secunia.com/advisories/31739
http://securitytracker.com/id?1020818
http://www.ibm.com/support/docview.wss?uid=isg1IZ18334
http://www.ibm.com/support/docview.wss?uid=isg1IZ18335
http://www.ibm.com/support/docview.wss?uid=isg1IZ18338
http://www.ibm.com/support/docview.wss?uid=isg1IZ18339
http://www.ibm.com/support/docview.wss?uid=isg1IZ18341
http://www.ibm.com/support/docview.wss?uid=isg1IZ28943
http://www.securityfocus.com/bid/30999
http://www.vupen.com/english/advisories/2008/2490
https://exchange.xforce.ibmcloud.com/vulnerabilities/44903
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5932