The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat.
securitytracker.com/id?1019604
www.ibm.com/support/docview.wss?uid=isg1IZ16975
www.ibm.com/support/docview.wss?uid=isg1IZ16991
www.ibm.com/support/docview.wss?uid=isg1IZ17058
www.ibm.com/support/docview.wss?uid=isg1IZ17059
www.vupen.com/english/advisories/2008/0865
www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156
www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157
www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5468