CVE Vulnerabilities

CVE-2008-1595

Published: Mar 31, 2008 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:L/AC:L/Au:N/C:C/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.

Affected Software

Name Vendor Start Version End Version
Aix Ibm 5.2 (including) 5.2 (including)
Aix Ibm 5.3 (including) 5.3 (including)
Aix Ibm 6.1 (including) 6.1 (including)

References