CVE-2008-1596 — IBM AIX vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

CNA2.1

EPSS

0.1%

top 83.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM AIX

Timeline

PublishedMar 31

Latest updateMay 1

Description

Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix5.2, 5.3, 6.1+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-wwvr-rrmg-r6c6: Trusted Execution in IBM AIX 6↗2022-05-01

▶

CVEList

CVE-2008-1596: Trusted Execution in IBM AIX 6↗2008-03-31

▶