2 matches found
Security Bulletin: Vulnerability in the IBM Installation Manager script (CVE-2015-7442)
Summary IBM Installation Manager "consoleinst.sh" script is subject to a vulnerability that may allow a local user to obtain administrative access. Vulnerability Details CVEID: CVE-2015-7442 DESCRIPTION: There is a "/tmp" race condition in IBM's Installation Manager "consoleinst.sh" script that...
CVE-2015-7442
The CVE-2015-7442 issue affects IBM Installation Manager (and IBM Packaging Utility) scripts, notably consoleinst.sh, with a local privilege escalation via a race condition in /tmp. An attacker could place a Trojan horse executable named based on a predictable PID value to run with administrator/...