Lucene search

[email protected]CVE-2008-1596

HistoryMar 31, 2008 - 11:44 p.m.

CVE-2008-1596

2008-03-3123:44:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm aix

trusted execution

cve-2008-1596

security

vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680.

Affected configurations

NVD

Node

ibmaixMatch5.2

ibmaixMatch5.3

ibmaixMatch6.1

CPENameOperatorVersion
ibm:aixibm aixeq5.2
ibm:aixibm aixeq5.3
ibm:aixibm aixeq6.1

CPE	Name	Operator	Version
ibm:aix	ibm aix	eq	5.2
ibm:aix	ibm aix	eq	5.3
ibm:aix	ibm aix	eq	6.1

References

securitytracker.com/id?1019606

www.ibm.com/support/docview.wss?uid=isg1IZ13418

www.securityfocus.com/bid/28467

www.vupen.com/english/advisories/2008/0865

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4153

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4154

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4155

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-1596

prion2 nvd2 cvelist2 cve1