CVE-2004-2388 in AIXinfo

Summary

rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/16/2005

Disclosure

12/31/2004

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
560	IBM AIX rexecd privileges management	269	Not defined	Official fix	CVE-2004-2388

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!