PT-2012-3876 · Ibm · Aix+2

Publicado

2012-06-27

Atualizado

2021-08-31

CVE-2012-2200

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions sendmail in IBM AIX versions 6.1 through 7.1 sendmail in VIOS version 2.2.1.4-FP-25 SP-02

Description The default configuration of sendmail allows local users to gain privileges by entering a command in a .forward file in a home directory.

Recommendations For sendmail in IBM AIX versions 6.1 through 7.1, consider restricting access to the .forward file to prevent local users from gaining privileges. For sendmail in VIOS version 2.2.1.4-FP-25 SP-02, consider restricting access to the .forward file to prevent local users from gaining privileges. As a temporary workaround, consider disabling the use of .forward files in home directories until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2012-2200

Produtos afetados

Aix

Vios

Sendmail

PT-2012-3876 · Ibm · Aix+2

CVE-2012-2200

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9