Arbitrary File Write

2019-05-0204:52:59

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

ibacm is vulnerable to arbitrary file write. It was found that the ibacm daemon created some files with world-writable permissions. A local attacker could use this flaw to overwrite the contents of the ibacm.log or ibacm.port file, allowing them to mask certain actions from the log or cause ibacm to run on a non-default port.

CPENameOperatorVersion
librdmacmeq1.0.10__2.el6
librdmacmeq1.0.14.1__3.el6
librdmacmeq1.0.15__2.el6
rdmaeq3.3__4.el6_3
rdmaeq3.3__3.el6
rdmaeq1.0__9.el6
rdmaeq1.0__14.el6
libibverbseq1.1.6__4.el6
libibverbseq1.1.4__2.el6
libibverbseq1.1.5__3.el6

Name	Operator	Version
librdmacm	eq	1.0.10__2.el6
librdmacm	eq	1.0.14.1__3.el6
librdmacm	eq	1.0.15__2.el6
rdma	eq	3.3__4.el6_3
rdma	eq	3.3__3.el6
rdma	eq	1.0__9.el6
rdma	eq	1.0__14.el6
libibverbs	eq	1.1.6__4.el6
libibverbs	eq	1.1.4__2.el6
libibverbs	eq	1.1.5__3.el6