CVE-2009-0536

Sažetak

at in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 allows local users to read arbitrary files via unspecified vectors, related to failure to drop root privileges.

Reference

http://aix.software.ibm.com/aix/efixes/security/at_advisory.asc
http://osvdb.org/51952
http://secunia.com/advisories/33915
http://www.ibm.com/support/docview.wss?uid=isg1IZ43452
http://www.ibm.com/support/docview.wss?uid=isg1IZ43453
http://www.ibm.com/support/docview.wss?uid=isg1IZ43454
http://www.ibm.com/support/docview.wss?uid=isg1IZ43455
http://www.ibm.com/support/docview.wss?uid=isg1IZ43456
http://www.ibm.com/support/docview.wss?uid=isg1IZ43457
http://www.ibm.com/support/docview.wss?uid=isg1IZ43458
http://www.ibm.com/support/docview.wss?uid=isg1IZ43459
http://www.securityfocus.com/bid/33730
http://www.securitytracker.com/id?1021704
http://www.vupen.com/english/advisories/2009/0405
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4558
https://exchange.xforce.ibmcloud.com/vulnerabilities/48660
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6155

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

29-09-2017 - 01:33

Objavljeno

11-02-2009 - 20:30