Описание
The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.
The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1595
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5321
- http://securitytracker.com/id?1019606
- http://www.ibm.com/support/docview.wss?uid=isg1IZ06022
- http://www.ibm.com/support/docview.wss?uid=isg1IZ06505
- http://www.ibm.com/support/docview.wss?uid=isg1IZ06663
- http://www.securityfocus.com/bid/28467
- http://www.vupen.com/english/advisories/2008/0865
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4153
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4154
- http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4155
EPSS
CVE ID
Связанные уязвимости
The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.
EPSS