Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2634

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2004-2634
Last Modified 05 Sep 2008 04:44:41
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2004-2634

Summary

The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.

Vulnerable Systems


References

CONFIRM - https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279

XF - aix-console-commands-symlink(16008)

BID - 10231

OSVDB - 5712

OSVDB - 5711

SECTRACK - 1009975

SECUNIA - 11496

AIXAPAR - IY55790

AIXAPAR - IY55789


Last Updated: 27 May 2016 10:39:34