Info

Disclosure

Jun 29, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Dominion SX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the /bin/busybox file having default permissions of world-writable, which may allow an attacker replace the file causing arbitrary code execution with another user's privileges.

Classification

Location: Local Access Required
Attack Type: Other
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Raritan has released a patch to address this vulnerability.

Products

Raritan Computer Inc.

Dominion SX

2.2.11

References

Bugtraq ID: 14084
Secunia Advisory ID: 15853
Related OSVDB ID: 17620
CVE ID: 2005-2136 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0248.html
Vendor URL: http://www.raritan.com/products/
Vendor Specific Solution URL: http://www.raritan.com/support/sup_upgrades.aspx

Credit

Dirk Wetter -

Direct URL: http://osvdb.org/36218