The RemoteClient component in IBM Rational ClearCase 8.0.0.03 up to and including 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm rational clearcase 8.0.0.3 |
||
ibm rational clearcase 8.0.0.4 |
||
ibm rational clearcase 8.0.1 |
||
ibm rational clearcase 8.0.0.5 |
||
ibm rational clearcase 8.0.0.6 |
||
ibm rational clearcase 8.0.0.7 |
Vulmon