2 matches found
Security Bulletin: Elevated privileges vulnerability in Connect:Direct for UNIX on AIX 6.1 and above (CVE-2013-2989)
Abstract A user who has been successfully authenticated by Connect:Direct for UNIX executes Connect:Direct’s file copying functionality with elevated file system privileges. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-2989 DESCRIPTION: A user who has been successfully authenticated by...
CVE-2013-2989
IBM Sterling Connect:Direct for UNIX on AIX 6.1 and above is affected by CVE-2013-2989. The file-copying functionality can execute with elevated file-system privileges when a user is authenticated, allowing bypass of read and write permissions. Affected versions include 3.8.00, 4.0.00, and 4.1.0....