PT-2004-1890 · Ibm · Rsct

Published

2004-09-28

Updated

2017-07-11

CVE-2004-0828

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: RSCT versions 2.3.0.0 and earlier

Description: The issue is related to the ctstrtcasd program, which does not properly drop privileges before executing the -f option. This allows local users to modify or create arbitrary files.

Recommendations: For RSCT versions 2.3.0.0 and earlier, consider restricting access to the ctstrtcasd program until a fix is available, and ensure that the program is executed with the least privileges necessary to minimize potential damage.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0828

Affected Products

Rsct

PT-2004-1890 · Ibm · Rsct

CVE-2004-0828

Related Identifiers

Affected Products

References · 5