Lucene search

MitreCVE-2007-2996

HistoryJun 04, 2007 - 5:30 p.m.

CVE-2007-2996

2007-06-0417:30:00

mitre

web.nvd.nist.gov

cve

vulnerability

perl.rte

ibm aix

privilege escalation

nvd

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and “waiting for a legitimate user to execute a binary that ships with Perl.”

Affected configurations

Nvd

Node

ibmaixMatch5.2

ibmaixMatch5.3

VendorProductVersionCPE
ibmaix5.2cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
ibmaix5.3cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	aix	5.2	cpe:2.3:o:ibm:aix:5.2:::::::*
ibm	aix	5.3	cpe:2.3:o:ibm:aix:5.3:::::::*

References

ftp://aix.software.ibm.com/aix/efixes/security/perl_ifix.tar.Z

osvdb.org/36754

secunia.com/advisories/25478

www-1.ibm.com/support/docview.wss?uid=isg1IY98394

www-1.ibm.com/support/docview.wss?uid=isg1IY98395

www-1.ibm.com/support/search.wss?rs=0&q=IY98396&apar=only

www.securityfocus.com/bid/24241

www.securitytracker.com/id?1018177

www.vupen.com/english/advisories/2007/2004

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-2996