AOL default insecure permissions
| aol-default-insecure-permissions (28445) |  Medium Risk |
Description:
AOL has default directory permissions that could allow a local attacker to execute arbitrary code. The "America Online 9.0" directory and all related directories are assigned the default access permissions of 'Full Control' in the 'Everyone' group. A local attacker could exploit this vulnerability to gain administrator access and view, add, delete, or change any file in the application or to upload and execute arbitrary code.
*CVSS:
| Base Score: | 7 |
| Access Vector: | Local |
| Access Complexity: | Low |
| Authentication: | Not Required |
| Confidentiality Impact: | Complete |
| Integrity Impact: | Complete |
| Availability Impact: | Complete |
| Temporal Score: | 5.2 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Gain Privileges
Remedy:
Upgrade to the latest, patched version of AOL Security Edition 9.0, available from the AOL Web site. See References.
References:
- AOL Web site: AOL.com - Welcome to America Online.
- BID-19583: AOL Security Edition Local Privilege Escalation Vulnerability
- CVE-2006-0948: AOL 9.0 Security Edition revision 4184.2340, and probably other versions, uses insecure permissions (Everyone/Full Control) for the America Online 9.0 directory, which allows local users to gain privileges by replacing critical files.
- OSVDB ID: 27995: AOL Directory Permission Weakness Local Privilege Escalation
- SA18734: AOL Insecure Default Directory Permissions
- SECTRACK ID: 1016717: AOL Client Insecure Default Permissions Lets Local Users Modify Files
- VUPEN/ADV-2006-3317: AOL America Online 9.0 Insecure Directory Permissions and File Manipulation Vulnerability
Platforms Affected:
- AOL AOL 9.0 SE 4184.2340
Reported:
Aug 18, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.