Vulnerability Name:

CVE-2006-1247 (CCN-25848)

Assigned:2006-04-17
Published:2006-04-17
Updated:2018-10-18
Summary:rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:3.3 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-59
Vulnerability Consequences:File Manipulation
References:Source: CCN
Type: IBM FTP site
README

Source: MITRE
Type: CNA
CVE-2006-1247

Source: CCN
Type: SA19656
IBM AIX rm_mlcache_file Arbitrary File Overwrite

Source: SECUNIA
Type: Patch, Vendor Advisory
19656

Source: CCN
Type: SECTRACK ID: 1015952
IBM AIX rm_mlcache_file Command May Let Local Users Gain Elevated Privileges

Source: SECTRACK
Type: UNKNOWN
1015952

Source: AIXAPAR
Type: Patch
IY82357

Source: CCN
Type: IBM Support & downloads
IY82357: SECURITY ISSUE IN BOS.RTE.INSTALL

Source: CCN
Type: NSFOCUS Security Advisory (SA2006-03)
IBM AIX rm_mlcache_file Local Race Condition Vulnerability

Source: MISC
Type: Patch, Vendor Advisory
http://www.nsfocus.com/english/homepage/research/0603.htm

Source: OSVDB
Type: UNKNOWN
24706

Source: CCN
Type: OSVDB ID: 24706
IBM AIX rm_mlcache_file Symlink Arbitrary File Overwrite

Source: BUGTRAQ
Type: UNKNOWN
20060424 NSFOCUS SA2006-03 : IBM AIX rm_mlcache_file Local Race Condition Vulnerability

Source: BUGTRAQ
Type: UNKNOWN
20060424 NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability

Source: BID
Type: Patch
17576

Source: CCN
Type: BID-17576
IBM AIX RM_MLCache_File Insecure Temporary File Creation Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2006-1389

Source: XF
Type: UNKNOWN
aix-rm-mlcache-file-overwrite(25848)

Source: XF
Type: UNKNOWN
aix-rm-mlcache-file-overwrite(25848)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.1l:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2.0.50:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2.0.54:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2_l:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.0.10:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.0.20:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3_l:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3_ml03:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:ibm:aix:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm aix 5.1
    ibm aix 5.1l
    ibm aix 5.2
    ibm aix 5.2.0.50
    ibm aix 5.2.0.54
    ibm aix 5.2.2
    ibm aix 5.2_l
    ibm aix 5.3
    ibm aix 5.3.0
    ibm aix 5.3.0.10
    ibm aix 5.3.0.20
    ibm aix 5.3_l
    ibm aix 5.3_ml03
    ibm aix 5.1
    ibm aix 5.2
    ibm aix 5.3