CVE-2007-4798

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

CVSS v2.0 6.6 MEDIUM

6.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:C/A:C

Exploitability : 3.9 / Impact : 9.2

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/40393
http://secunia.com/advisories/26715	Patch Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506	Patch
http://www.securityfocus.com/bid/25556	Patch
http://www.vupen.com/english/advisories/2007/3059
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846	Patch
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/36447
http://osvdb.org/40393
http://secunia.com/advisories/26715	Patch Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506	Patch
http://www.securityfocus.com/bid/25556	Patch
http://www.vupen.com/english/advisories/2007/3059
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846	Patch
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/36447

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:ibm:aix:5.2:::::::*
	cpe:2.3:o:ibm:aix:5.3:::::::*

History

21 Nov 2024, 00:36

Type	Values Removed	Values Added
References	~~() http://osvdb.org/40393 -~~	() http://osvdb.org/40393 -
References	~~() http://secunia.com/advisories/26715 - Patch, Vendor Advisory~~	() http://secunia.com/advisories/26715 - Patch, Vendor Advisory
References	~~() http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506 - Patch~~	() http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506 - Patch
References	~~() http://www.securityfocus.com/bid/25556 - Patch~~	() http://www.securityfocus.com/bid/25556 - Patch
References	~~() http://www.vupen.com/english/advisories/2007/3059 -~~	() http://www.vupen.com/english/advisories/2007/3059 -
References	~~() http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846 - Patch~~	() http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3846 - Patch
References	~~() http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847 - Patch~~	() http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3847 - Patch
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/36447 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/36447 -

Information

Published : 2007-09-10 21:17

Updated : 2024-11-21 00:36

NVD link : CVE-2007-4798

Mitre link : CVE-2007-4798

CVE.ORG link : CVE-2007-4798

JSON object : View

Products Affected

ibm

CWE

CWE-264

Permissions, Privileges, and Access Controls

6.6 /10