4 matches found
AIX 6.1 TL 1 : swcons (IZ28943)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
AIX 5.3 TL 0 : swcons (IZ18339)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
CVE-2008-4018
swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exis...
CVE-2008-4018
CVE-2008-4018 applies to IBM AIX: the swcons component in bos.rte.console on AIX 5.2.0–6.1.1 can allow local users who are members of the system group to create or overwrite an arbitrary file, assign root ownership, and set weak permissions via unspecified vectors. This vulnerability stems from a...