2 matches found
CVE-1999-1405
CVE-1999-1405 : In AIX prior to 4.3.2, the snap command creates the /tmp/ibmsupt directory with world-readable permissions and does not remove/clear it when snap -a runs. This could allow a local user to access the shadowed password file by pre-creating /tmp/ibmsupt/general/passwd before root exe...
CVE-1999-1405
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap...