Vulnerability Description
Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Director Agent | 6.1 |
| Ibm | Aix | All versions |
| Linux | Linux Kernel | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/63595
- http://secunia.com/advisories/39194Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236Vendor Advisory
- http://www.securityfocus.com/bid/39305
- http://www.securitytracker.com/id?1023831
- http://www.vupen.com/english/advisories/2010/0830Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57611
- http://osvdb.org/63595
- http://secunia.com/advisories/39194Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236Vendor Advisory
- http://www.securityfocus.com/bid/39305
- http://www.securitytracker.com/id?1023831
- http://www.vupen.com/english/advisories/2010/0830Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57611
FAQ
What is CVE-2010-1347?
CVE-2010-1347 is a vulnerability with a CVSS score of 7.2 (HIGH). Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users t...
How severe is CVE-2010-1347?
CVE-2010-1347 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1347?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Director Agent, Ibm Aix, Linux Linux Kernel.