Lucene search

[email protected]CVE-2004-0029

HistoryJan 20, 2004 - 5:00 a.m.

CVE-2004-0029

2004-01-2005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

lotus notes

domino

linux

cve-2004-0029

privilege escalation

nvd

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.1%

JSON

Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.

CPENameOperatorVersion
ibm:lotus_dominoibm lotus dominoeq6.0.2

CPE	Name	Operator	Version
ibm:lotus_domino	ibm lotus domino	eq	6.0.2

References

marc.info/?l=bugtraq&m=107340897710308&w=2

secunia.com/advisories/10566

www.excluded.org/advisories/advisory05.txt

www.osvdb.org/3424

www.securityfocus.com/bid/9366

www.securitytracker.com/id?1008623

exchange.xforce.ibmcloud.com/vulnerabilities/14153

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.1%

JSON