CVE-2004-0828

2004-11-03T05:00:00
ID CVE-2004-0828
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:30:00

Description

The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.