Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-1596

EPSS 0.05% · P16
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-1596

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to missing checks in the TSD_FILES_LOCK policy for modifications performed via hard links, a different vulnerability than CVE-2007-6680.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM AIX trustchk_block_write函数权限提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM AIX 6.1版本中的信任执行存在权限提升漏洞。由于在调用trustchk_block_write函数时使用不正确的路径名自变量,这可能使得本地用户修改获得信任的文件。当未对SD_FILES_LOCK中的修改(借助硬链接hard links执行)进行验证时,该漏洞会被触发。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2008-1596

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2008-1596

登录查看更多情报信息。

Same Patch Batch · n/a · 2008-03-31 · 37 CVEs total

CVE-2008-1551RunCMS 'viewcat.php' SQL注入漏洞
CVE-2008-1567phpMyAdmin Session文件本地信息泄露漏洞
CVE-2008-1568Comix 'filename' 远程指令执行漏洞
CVE-2008-1569policyd-weight socket不安全临时文件创建漏洞
CVE-2008-1570Policyd-weight create_lockpath函数 竞争条件错误漏洞
CVE-2008-0070Orb Networks Orb RPC请求远程整数溢出漏洞
CVE-2008-1548Aeries Browser Interface 多个跨站脚本攻击漏洞
CVE-2008-1549Aeries Browser Interface 多个SQL注入漏洞
CVE-2008-1550CubeCart index.php多个跨站脚本攻击漏洞
CVE-2008-1566ManageEngine Applications Manager 'Search.do' 跨站脚本攻击漏洞
CVE-2008-1552SILC客户端及服务器密钥协商远程整数溢出漏洞
CVE-2008-1553TopperMod 'mod.php' 目录遍历漏洞
CVE-2008-1554TopperMod 'localita'参数 SQL注入漏洞
CVE-2008-1555BolinOS 'gbincluder.php' 目录遍历漏洞
CVE-2008-1556BolinOS 多个跨站脚本攻击漏洞
CVE-2008-1557BolinOS 'gBphpInfo.php' 信息泄露漏洞
CVE-2008-1558MPlayer 'sdpplin.c' sdpplin_parse()函数 整数溢出漏洞
CVE-2008-1559Joomla!Mambo Alphacontent 组件 'id'参数 SQL注入漏洞
CVE-2008-1599IBM AIX nddstat程序权限许可和访问控制漏洞
CVE-2008-0706HP Compaq Notebook PC BIOS 未明本地未授权访问漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2008-1596

No comments yet

Leave a comment