Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1486

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-1999-1486
Last Modified 10 Sep 2008 03:02:03
Published 25 Feb 1998 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-1999-1486

Summary

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems

Operating System

  • Ibm Aix 4.1

  • Ibm Aix 4.1.1

  • Ibm Aix 4.1.2

  • Ibm Aix 4.1.3

  • Ibm Aix 4.1.4

  • Ibm Aix 4.1.5

  • Ibm Aix 4.2

  • Ibm Aix 4.2.1

  • Ibm Aix 4.3


References

BID - 408

CONFIRM - http://techsupport.services.ibm.com/aix/fixes/v4/os/bos.acct.4.3.1.0.info

XF - aix-sadc-timex(7675)

AIXAPAR - IX76853

AIXAPAR - IX76330

AIXAPAR - IX75554


Last Updated: 27 May 2016 10:35:28