4 matches found
EUVD-2008-4003
Malware in sbrugna...
Design/Logic Flaw
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exis...
CVE-2008-4018
CVE-2008-4018 applies to IBM AIX: the swcons component in bos.rte.console on AIX 5.2.0–6.1.1 can allow local users who are members of the system group to create or overwrite an arbitrary file, assign root ownership, and set weak permissions via unspecified vectors. This vulnerability stems from a...
CVE-2007-5805
CVE-2007-5805 affects IBM AIX 5.2 and 5.3; the cfgcon component in swcons misvalidates the -p argument, allowing local users in the system group to create or overwrite an arbitrary file and make it world-writable via a symlink-name attack. This issue is tied to an incomplete fix for CVE-2007-5804...