4 results (0.004 seconds)

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership. reset_diragent_keys en el agente Common en IBM Systems Director v6.2.0 tiene 754 de permisos, lo que permite a usuarios locales obtener privilegios aprovechando su pertenencia al grupo del sistema • http://secunia.com/advisories/42239 http://securitytracker.com/id?1024736 http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821 http://www.securityfocus.com/bid/44839 http://www.vupen.com/english/advisories/2010/2978 https://exchange.xforce.ibmcloud.com/vulnerabilities/63238 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts. Director Agent v6.1 anterior a v6.1.2.3 en IBM Systems Director en AIX y Linux utiliza permisos incorrectos para las secuencias de comandos (1) diruninstall and (2) opt/ibm/director/bin/wcitinst, lo cual permite a usuarios locales conseguir privilegios mediante la ejecución de estas secuencias de comandos. • http://osvdb.org/63595 http://secunia.com/advisories/39194 http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236 http://www.securityfocus.com/bid/39305 http://www.securitytracker.com/id?1023831 http://www.vupen.com/english/advisories/2010/0830 https://exchange.xforce.ibmcloud.com/vulnerabilities/57611 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 34EXPL: 0

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. • http://secunia.com/advisories/10696 http://www.ciac.org/ciac/bulletins/o-066.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml http://www.kb.cert.org/vuls/id/602734 http://www.osvdb.org/3692 http://www.securityfocus.com/bid/9468 http://www.securitytracker.com/id?1008814 https://exchange.xforce.ibmcloud.com/vulnerabilities/14900 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 17%CPEs: 34EXPL: 1

Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. • http://secunia.com/advisories/10696 http://www.ciac.org/ciac/bulletins/o-066.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml http://www.kb.cert.org/vuls/id/721092 http://www.osvdb.org/3691 http://www.securityfocus.com/bid/9469 http://www.securitytracker.com/id?1008814 https://exchange.xforce.ibmcloud.com/vulnerabilities/14901 • CWE-399: Resource Management Errors •