Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4018

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-4018
Last Modified 07 Mar 2011 10:11:48
Published 10 Sep 2008 09:13:52
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4018

Summary

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.

Vulnerable Systems

Operating System

  • Ibm Aix 5.2

  • Ibm Aix 5.3

  • Ibm Aix 6.1


References

XF - ibm-aix-swcons-code-execution(44903)

VUPEN - ADV-2008-2490

BID - 30999

AIXAPAR - IZ28943

AIXAPAR - IZ18341

AIXAPAR - IZ18339

AIXAPAR - IZ18338

AIXAPAR - IZ18335

AIXAPAR - IZ18334

SECTRACK - 1020818

SECUNIA - 31739

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc


Last Updated: 27 May 2016 10:48:22