Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the Connect:Direct product.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Sterling Connect:Direct for UNIX 本地提权漏洞
Vulnerability Description
IBM Sterling Connect:Direct是美国IBM公司的一套点到点文件传输软件。该软件用于实现企业内和企业间的大容量、安全可靠的文件交付。 AIX 6.1至7.1版本上的IBM Sterling Connect:Direct 3.8.00,4.0.00及4.1.0版本for UNIX中的文件复制功能中存在漏洞,该漏洞源于程序使用不正确的权限。通过对Connect:Direct产品的身份验证信息加以利用,本地攻击者可利用该漏洞绕过文件系统读取权限和写入权限。
CVSS Information
N/A
Vulnerability Type
N/A