4 matches found
IBM AIX auditselect contains format string vulnerability
Overview IBM AIX auditselect command contains a format string vulnerability that may allow a local attacker to execute arbitrary code. Description According to IBM's Command Reference, the syntax and description of the auditselect command are as follows:$ auditselect -e "Expression" | -f File -m...
[VulnWatch] iDEFENSE Security Advisory 02.08.05: IBM AIX auditselect Local Format String Vulnerability
IBM AIX auditselect Local Format String Vulnerability iDEFENSE Security Advisory 02.08.05 www.idefense.com/application/poi/display?id=193&type=vulnerabilities February 08, 2005 I. BACKGROUND The auditselect program is a setuid root application, installed by default under multiple versions of IBM...
IBM AIX auditselect format string bug
Buffer overflow on parsing command line argument...
CVE-2005-0250
IBM AIX auditselect is affected by a format-string vulnerability that can allow a local user to execute arbitrary code with root privileges. The flaw arises from passing user-supplied data to formatted output routines, where printf-like functions do not adequately filter format specifiers. A loca...