CVE-2003-1575

Published Jan 28, 2010

Last updated 15 years ago

Overview

Description: VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:vxfs:3.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "683EE687-B787-4F0E-9FA6-BCF2235EAC55"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "258E6782-9672-427A-8C83-ECA6BC68C9DA"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:2.6:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C67E67BE-A376-4034-B2DC-DC84E4F2B6E6"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:7.0:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F830AE29-6AC0-4C78-A637-E69BA63FAF9A"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:vxfs:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "834ED706-03BC-4A40-B699-7D92AFA9687D"
          },
          {
            "criteria": "cpe:2.3:a:symantec:vxfs:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0509EB66-B68B-48F0-9A67-D692878D6200"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sun:solaris:7.0:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F830AE29-6AC0-4C78-A637-E69BA63FAF9A"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2"
          },
          {
            "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References