World-writable permissions on rcleartool script in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07 and 8.0.1 allow local privilege escalation.

CVE-2013-5373

The RemoteClient component in IBM Rational ClearCase 8.0.0.03 through 8.0.0.07, and 8.0.1, uses world-writable permissions for the rcleartool script, which allows local users to gain privileges by appending commands.

Learn more about our Cis Benchmark Audit For Ibm I.