AIX Performance Tools genkld Unspecified Local Root Access

1994-02-01T00:00:00
ID OSVDB:17074
Type osvdb
Reporter OSVDB
Modified 1994-02-01T00:00:00

Description

Vulnerability Description

AIX Performance Tools contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to an unspecified error in "bosext1.extcmds.obj" Licensed Program Product, specifically the 'genkld' utility. This flaw may allow a local attacker to gain root privileges, resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.

Short Description

AIX Performance Tools contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to an unspecified error in "bosext1.extcmds.obj" Licensed Program Product, specifically the 'genkld' utility. This flaw may allow a local attacker to gain root privileges, resulting in a loss of integrity.

References:

Related OSVDB ID: 17078 Related OSVDB ID: 17081 Related OSVDB ID: 17072 Related OSVDB ID: 17080 Related OSVDB ID: 17075 Related OSVDB ID: 17076 Related OSVDB ID: 17082 Related OSVDB ID: 7986 Related OSVDB ID: 17073 Related OSVDB ID: 17077 Related OSVDB ID: 17079 Keyword: U420020 Keyword: APAR IX42332 Keyword: Licensed Program Product Keyword: U422510 Keyword: bosext1.extcmds.obj Keyword: PTF ISS X-Force ID: 504 CVE-1999-0338 CERT: CA-1994-03