- Description
- Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B"
}
],
"operator": "OR"
}
]
}
]