CVE-2007-5804 - cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons,

CVE-2007-5804

Summary

cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.

References

Vulnerable Configurations

cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 29-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

aixapar	IZ03055 IZ03061
bid	26258
confirm	ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200710%2FSECURITY%2F20071030%2Fdatafile100405
idefense	20071030 IBM AIX swcons Local Arbitrary File Access Vulnerability
secunia	27437
xf	aix-swcons-insecure-permissions(38154)

Last major update

29-07-2017 - 01:33

Published

05-11-2007 - 17:46

Last modified

29-07-2017 - 01:33