CVE-2004-2092 - eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, inclu

CVE-2004-2092

Summary

eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.

References

http://www.excluded.org/advisories/advisory10.txt
http://www.securityfocus.com/bid/9616
http://www.osvdb.org/3896
http://secunia.com/advisories/10833
http://marc.info/?l=bugtraq&m=107635584431518&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15103

Vulnerable Configurations

cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	9616
bugtraq	20040209 [local problems] eTrust Virus Protection 6.0 InoculateIT for linux
misc	http://www.excluded.org/advisories/advisory10.txt
osvdb	3896
secunia	10833
xf	etrust-inoculateit-insecure-permissions(15103)

Last major update

14-02-2024 - 01:17

Published

09-02-2004 - 05:00

Last modified

14-02-2024 - 01:17