CVE-2014-2591 — MEDIUM (6.9)

Vulnerability Description

Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.

CVSS Score

6.9

MEDIUM

AV:L/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Bmc	Patrol Agent	3.9.00

References

http://seclists.org/fulldisclosure/2014/Apr/199
https://www.portcullis-security.com/security-research-and-downloads/security-advExploit
http://seclists.org/fulldisclosure/2014/Apr/199
https://www.portcullis-security.com/security-research-and-downloads/security-advExploit

FAQ

What is CVE-2014-2591?

CVE-2014-2591 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.

How severe is CVE-2014-2591?

CVE-2014-2591 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-2591?

Check the references section above for vendor advisories and patch information. Affected products include: Bmc Patrol Agent.