Vulnerability Description
The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
CVSS Score
6.2
MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | 5.1 |
References
- http://secunia.com/advisories/11496PatchVendor Advisory
- http://securitytracker.com/id?1009975Patch
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only
- http://www.osvdb.org/5711Patch
- http://www.osvdb.org/5712Patch
- http://www.securityfocus.com/bid/10231Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16008
- https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=Patch
- http://secunia.com/advisories/11496PatchVendor Advisory
- http://securitytracker.com/id?1009975Patch
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only
- http://www.osvdb.org/5711Patch
- http://www.osvdb.org/5712Patch
FAQ
What is CVE-2004-2634?
CVE-2004-2634 is a vulnerability with a CVSS score of 6.2 (MEDIUM). The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors.
How severe is CVE-2004-2634?
CVE-2004-2634 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2634?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix.