Lucene search
MitreCVE-2004-2697HistoryOct 06, 2007 - 9:00 p.m.
CVE-2004-2697
2007-10-0621:00:00
CWE-362
mitre
web.nvd.nist.gov
26
cve-2004-2697
inventory scout daemon
invscoutd
aix
symlink attack
privilege escalation
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.006
Percentile
79.0%
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
Affected configurations
Node
ibmaixMatch4.3.3
ORibmaixMatch5.1
ORibmaixMatch5.1l
Related
cvelist
cvelist
CVE-2004-2697
2007-10-06 21:00:00
CVE-2006-5002
2006-09-27 01:00:00
nvd
nvd
CVE-2004-2697
2004-12-31 05:00:00
CVE-2006-5002
2006-09-27 01:07:00
exploitdb
exploitdb
AIX 4.3.3/5.1 - Invscoutd Symbolic Link
2003-05-29 00:00:00
nessus
nessus
AIX 5.2 TL 9 / 5.3 TL 5 : invscout.rte (U810933)
2007-12-03 00:00:00
cve
cve
CVE-2006-5002
2006-09-27 01:07:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.006
Percentile
79.0%
Related for CVE-2004-2697