7.2

CVE-2008-4018

EPSS 0.05%
Published 11.09.2008 01:13:52
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors.  NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.

Affected products Warnungen 0 Metrics 2 CWE 0 References 16

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Aix Version5.2

Ibm ≫ Aix Version5.3

Ibm ≫ Aix Version6.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.143

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc

http://secunia.com/advisories/31739

http://securitytracker.com/id?1020818

http://www.ibm.com/support/docview.wss?uid=isg1IZ18334

http://www.ibm.com/support/docview.wss?uid=isg1IZ18335

http://www.ibm.com/support/docview.wss?uid=isg1IZ18338

http://www.ibm.com/support/docview.wss?uid=isg1IZ18339

http://www.ibm.com/support/docview.wss?uid=isg1IZ18341

http://www.ibm.com/support/docview.wss?uid=isg1IZ28943

http://www.securityfocus.com/bid/30999

http://www.vupen.com/english/advisories/2008/2490

https://exchange.xforce.ibmcloud.com/vulnerabilities/44903

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5932

https://nvd.nist.gov/vuln/detail/CVE-2008-4018

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4018

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4018

EUVD