CVE-2004-2092

eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.excluded.org/advisories/advisory10.txt
http://www.securityfocus.com/bid/9616
http://www.osvdb.org/3896	Vendor Advisory
http://secunia.com/advisories/10833	Vendor Advisory
http://marc.info/?l=bugtraq&m=107635584431518&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15103

Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*

Information

Published : 2004-02-08 21:00

Updated : 2021-04-09 10:00

NVD link : CVE-2004-2092

Mitre link : CVE-2004-2092

JSON object : View

CWE

NVD-CWE-Other

Products Affected

broadcom

inoculateit

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.excluded.org/advisories/advisory10.txt", "name": "http://www.excluded.org/advisories/advisory10.txt", "tags": [], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/9616", "name": "9616", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/3896", "name": "3896", "tags": ["Vendor Advisory"], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/10833", "name": "10833", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://marc.info/?l=bugtraq&m=107635584431518&w=2", "name": "20040209 [local problems] eTrust Virus Protection 6.0 InoculateIT for linux", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15103", "name": "etrust-inoculateit-insecure-permissions(15103)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-2092", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2004-02-09T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-04-09T17:00Z"}

4.6 /10