6 matches found
EUVD-1999-1386
Malware in sbrugna...
IBM AIX <= 4.2.1 snap Insecure Temporary File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/375/info The snap command is a diagnostic utlitiy for gathering system information on AIX platforms. It can only be executed by root, but it copies various system files into /tmp/ibmsupt/ under /tmp/ibmsupt/general/ you...
CVE-1999-1405
CVE-1999-1405 : In AIX prior to 4.3.2, the snap command creates the /tmp/ibmsupt directory with world-readable permissions and does not remove/clear it when snap -a runs. This could allow a local user to access the shadowed password file by pre-creating /tmp/ibmsupt/general/passwd before root exe...
CVE-1999-1405
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap...
CVE-1999-1405
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap...
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
source: https://www.securityfocus.com/bid/375/info The snap command is a diagnostic utlitiy for gathering system information on AIX platforms. It can only be executed by root, but it copies various system files into /tmp/ibmsupt/ under /tmp/ibmsupt/general/ you will find the passwd file with...