CVE-2004-0828

Low

2.1/10

Summary

The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Nov 03, 2004

CVE-2004-0828

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS