CVE-2004-2634

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-2634
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.

6.2 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://secunia.com/advisories/11496 Patch Vendor Advisory
http://securitytracker.com/id?1009975 Patch
http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only
http://www.osvdb.org/5711 Patch
http://www.osvdb.org/5712 Patch
http://www.securityfocus.com/bid/10231 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/16008
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279 Patch
http://secunia.com/advisories/11496 Patch Vendor Advisory
http://securitytracker.com/id?1009975 Patch
http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only
http://www.osvdb.org/5711 Patch
http://www.osvdb.org/5712 Patch
http://www.securityfocus.com/bid/10231 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/16008
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279 Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
History

20 Nov 2024, 23:53

Type Values Removed Values Added
References () http://secunia.com/advisories/11496 - Patch, Vendor Advisory () http://secunia.com/advisories/11496 - Patch, Vendor Advisory
References () http://securitytracker.com/id?1009975 - Patch () http://securitytracker.com/id?1009975 - Patch
References () http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only - () http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only -
References () http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only - () http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only -
References () http://www.osvdb.org/5711 - Patch () http://www.osvdb.org/5711 - Patch
References () http://www.osvdb.org/5712 - Patch () http://www.osvdb.org/5712 - Patch
References () http://www.securityfocus.com/bid/10231 - Patch () http://www.securityfocus.com/bid/10231 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/16008 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/16008 -
References () https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279 - Patch () https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279 - Patch
Information

Published : 2004-12-31 05:00

Updated : 2024-11-20 23:53

NVD link : CVE-2004-2634

Mitre link : CVE-2004-2634

CVE.ORG link : CVE-2004-2634

JSON object : View

Products Affected

ibm

  • aix
CWE
NVD-CWE-Other