Lucene search
PRIOn knowledge basePRION:CVE-2007-5804HistoryNov 05, 2007 - 5:46 p.m.
Information disclosure
2007-11-0517:46:00
PRIOn knowledge base
www.prio-n.com
2
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the “-p” option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file’s name as the argument.
References
ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar
labs.idefense.com/intelligence/vulnerabilities/display.php?id=611
secunia.com/advisories/27437
www-1.ibm.com/support/docview.wss?uid=isg1IZ03055
www-1.ibm.com/support/docview.wss?uid=isg1IZ03061
www.securityfocus.com/bid/26258
www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405
exchange.xforce.ibmcloud.com/vulnerabilities/38154
Related
nvd
nvd
CVE-2007-5804
2007-11-05 17:46:00
CVE-2007-5805
2007-11-05 17:46:00
cvelist
cvelist
CVE-2007-5804
2007-11-05 17:00:00
CVE-2007-5805
2007-11-05 17:00:00
cve
cve
CVE-2007-5804
2007-11-05 17:46:00
CVE-2007-5805
2007-11-05 17:46:00
prion
prion
Design/Logic Flaw
2007-11-05 17:46:00