Lucene search

MitreCVELIST:CVE-2008-4018

HistorySep 10, 2008 - 3:00 p.m.

CVE-2008-4018

2008-09-1015:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.

References

aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc

secunia.com/advisories/31739

securitytracker.com/id?1020818

www.ibm.com/support/docview.wss?uid=isg1IZ18334

www.ibm.com/support/docview.wss?uid=isg1IZ18335

www.ibm.com/support/docview.wss?uid=isg1IZ18338

www.ibm.com/support/docview.wss?uid=isg1IZ18339

www.ibm.com/support/docview.wss?uid=isg1IZ18341

www.ibm.com/support/docview.wss?uid=isg1IZ28943

www.securityfocus.com/bid/30999

www.vupen.com/english/advisories/2008/2490

exchange.xforce.ibmcloud.com/vulnerabilities/44903

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5932