CVE Vulnerabilities

CVE-2005-2136

Published: Jul 05, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.

Affected Software

Name Vendor Start Version End Version
Dominion Raritan sx4 sx4
Dominion Raritan sx8 sx8
Dominion Raritan sx16 sx16
Dominion Raritan sx32 sx32
Dominion Raritan sx32_2.4.6_firmware sx32_2.4.6_firmware
Dominion Raritan sxa-48 sxa-48

References