Vulnerabilities > CVE-2004-2634 - Console Commands Symbolic Link vulnerability in Multiple IBM AIX
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
References
- http://secunia.com/advisories/11496
- http://securitytracker.com/id?1009975
- http://www.osvdb.org/5711
- http://www.osvdb.org/5712
- http://www.securityfocus.com/bid/10231
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16008
- https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279