CVE-2005-2136 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2005-2136

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.

Affected Software

Name	Vendor	Start Version	End Version
Dominion	Raritan	sx4	sx4
Dominion	Raritan	sx8	sx8
Dominion	Raritan	sx16	sx16
Dominion	Raritan	sx32	sx32
Dominion	Raritan	sx32_2.4.6_firmware	sx32_2.4.6_firmware
Dominion	Raritan	sxa-48	sxa-48

References

http://seclists.org/lists/bugtraq/2005/Jun/0251.html
http://secunia.com/advisories/15853
http://www.securityfocus.com/bid/14084