CVE-2008-4018 — IBM AIX vulnerability

3 documents3 sources
Severity
7.2HIGHNVD
CNA6.9
EPSS
0.0%
top 85.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedSep 11
Latest updateMay 2

Description

swcons in bos.rte.console in IBM AIX 5.2.0 through 6.1.1 allows local users in the system group to create or overwrite an arbitrary file, and establish weak permissions and root ownership for this file, via unspecified vectors. NOTE: this can be leveraged to gain privileges. NOTE: this issue exists because of an incomplete fix for CVE-2007-5805.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

â–¶NVDibm/aix5.2, 5.3, 6.1+2

🔴Vulnerability Details

2
GHSA
GHSA-6cm5-fvqr-8cxh: swcons in bos↗2022-05-02
â–¶
CVEList
CVE-2008-4018: swcons in bos↗2008-09-10
â–¶
CVE-2008-4018 — IBM AIX vulnerability | cvebase