CVE-2004-0828 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-0828

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.

Affected Software

Name	Vendor	Start Version	End Version
Aix	Ibm	5.2 (including)	5.2 (including)
Aix	Ibm	5.3 (including)	5.3 (including)

References

http://secunia.com/advisories/12664/
http://securitytracker.com/id?1011429
http://www.securityfocus.com/bid/11264
https://exchange.xforce.ibmcloud.com/vulnerabilities/17514
http://secunia.com/advisories/12664/
http://securitytracker.com/id?1011429
http://www.securityfocus.com/bid/11264
https://exchange.xforce.ibmcloud.com/vulnerabilities/17514