CVE-2006-1247 — Link Following in IBM AIX

CWE-59 — Link Following4 documents4 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 90.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedApr 19

Latest updateMay 1

Description

rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages1 packages

▶NVDibm/aix13 versions+12

Patches

Patch: secunia.com ↗Patch: www-1.ibm.com ↗Patch: www.nsfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-8h2x-qhm8-r594: rm_mlcache_file in bos↗2022-05-01

▶

CVEList

CVE-2006-1247: rm_mlcache_file in bos↗2006-04-19

▶

💥Exploits & PoCs

Exploit-DB

Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)↗2008-06-24

▶