CVE-2007-6680 — IBM AIX vulnerability

6 documents3 sources

Severity

7.2HIGHNVD

NVD2.1CNA2.1

EPSS

0.1%

top 78.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedJan 10

Latest updateMay 1

Description

Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/aix5.2, 5.3, 6.1+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-4xjj-727p-r52q: Trusted Execution in IBM AIX 6↗2022-05-01

▶

GHSA

GHSA-wwvr-rrmg-r6c6: Trusted Execution in IBM AIX 6↗2022-05-01

▶

CVEList

CVE-2008-1596: Trusted Execution in IBM AIX 6↗2008-03-31

▶

CVEList

CVE-2007-6680: Trusted Execution in IBM AIX 6↗2008-01-10

▶