Vulnerabilities > CVE-1999-1486 - Unspecified vulnerability in IBM AIX

CVSS 1.2 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

high complexity

ibm

NVD

Published: 1998-02-25

Updated: 2017-10-10

Summary

sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX 4.1 IBM AIX 4.1.1 IBM AIX 4.1.2 IBM AIX 4.1.3 IBM AIX 4.1.4 IBM AIX 4.1.5 IBM AIX 4.2 IBM AIX 4.2.1 IBM AIX 4.3	9

References

http://techsupport.services.ibm.com/aix/fixes/v4/os/bos.acct.4.3.1.0.info
http://www.securityfocus.com/bid/408
http://www-1.ibm.com/support/search.wss?rs=0&q=IX75554&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IX76330&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IX76853&apar=only
https://exchange.xforce.ibmcloud.com/vulnerabilities/7675