CVE-2003-0578

cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:u2_universe:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.html - Broken Link, Exploit, Vendor Advisory () http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.html - Broken Link, Exploit, Vendor Advisory
References () http://marc.info/?l=bugtraq&m=105839150004682&w=2 - Mailing List () http://marc.info/?l=bugtraq&m=105839150004682&w=2 - Mailing List

26 Jan 2024, 17:19

Type Values Removed Values Added
CVSS v2 : 4.6
v3 : unknown
v2 : 4.6
v3 : 7.8
CWE NVD-CWE-Other CWE-59
References (VULNWATCH) http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.html - Exploit, Vendor Advisory (VULNWATCH) http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0025.html - Broken Link, Exploit, Vendor Advisory
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=105839150004682&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=105839150004682&w=2 - Mailing List

Information

Published : 2003-08-18 04:00

Updated : 2024-11-20 23:45


NVD link : CVE-2003-0578

Mitre link : CVE-2003-0578

CVE.ORG link : CVE-2003-0578


JSON object : View

Products Affected

ibm

  • u2_universe
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')