Insecure File Permissions in IBM/Tivoli OPC Tracker Agent
CVE-1999-1403

Currently unrated

Key Information:

Vendor
IBM
Status
Tivoli Opc Tracker Agent
Vendor
CVE Published:
2 October 1998

Summary

The IBM/Tivoli OPC Tracker Agent version 2 release 1 suffers from a significant security flaw where it creates files, directories, and IPC message queues with considerably insecure permissions. These permissions allow local users to access, modify, or delete essential operational files, thereby potentially disrupting system activities and even enabling unauthorized privilege escalations. The presence of world-readable and world-writable permissions highlights a critical need for improved security measures within the software to safeguard against exploitation by malicious insiders.

References

http://www.securityfocus.com/archive/1/10771
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/382
vdb-entryx_refsource_BID

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.