CVE-2008-4018 Information

Feb 14, 2021 cve

Description

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file and establish weak permissions and root ownership for this file via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.

Reference

http://aix.software.ibm.com/aix/efixes/security/swcons_advisory.asc http://secunia.com/advisories/31739 http://securitytracker.com/id?1020818 http://www.ibm.com/support/docview.wss?uid=isg1IZ18334 http://www.ibm.com/support/docview.wss?uid=isg1IZ18335 http://www.ibm.com/support/docview.wss?uid=isg1IZ18338 http://www.ibm.com/support/docview.wss?uid=isg1IZ18339 http://www.ibm.com/support/docview.wss?uid=isg1IZ18341 http://www.ibm.com/support/docview.wss?uid=isg1IZ28943 http://www.securityfocus.com/bid/30999 http://www.vupen.com/english/advisories/2008/2490 https://exchange.xforce.ibmcloud.com/vulnerabilities/44903 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5932

Share on: