Vulnerability Description
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Raritan | Dominion Sx4 Firmware | - |
| Raritan | Dominion Sx4 | - |
| Raritan | Dominion Sx8 Firmware | - |
| Raritan | Dominion Sx8 | - |
| Raritan | Dominion Sx16 Firmware | - |
| Raritan | Dominion Sx16 | - |
| Raritan | Dominion Sx32 Firmware | 2.4.6 |
| Raritan | Dominion Sx32 | - |
| Raritan | Dominion Sxa-48 Firmware | - |
| Raritan | Dominion Sxa-48 | - |
Related Weaknesses (CWE)
References
- http://seclists.org/lists/bugtraq/2005/Jun/0251.htmlExploitMailing ListPatch
- http://secunia.com/advisories/15853Not ApplicablePatchVendor Advisory
- http://www.securityfocus.com/bid/14084Broken LinkThird Party AdvisoryVDB Entry
- http://seclists.org/lists/bugtraq/2005/Jun/0251.htmlExploitMailing ListPatch
- http://secunia.com/advisories/15853Not ApplicablePatchVendor Advisory
- http://www.securityfocus.com/bid/14084Broken LinkThird Party AdvisoryVDB Entry
FAQ
What is CVE-2005-2136?
CVE-2005-2136 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows loc...
How severe is CVE-2005-2136?
CVE-2005-2136 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2136?
Check the references section above for vendor advisories and patch information. Affected products include: Raritan Dominion Sx4 Firmware, Raritan Dominion Sx4, Raritan Dominion Sx8 Firmware, Raritan Dominion Sx8, Raritan Dominion Sx16 Firmware.