EUVD-2004-1026

Malware in sbrugna...

AIX 5.2 : IY64355

The remote host is missing AIX Critical Security Patch number IY64355 SECURITY: POSSIBLY SECURITY EXPOSURE IN CHCOD COMMAND. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

AIX 5.3 : IY64354

The remote host is missing AIX Critical Security Patch number IY64354 SECURITY: POSSIBILE SECURITY EXPOSURE IN CHCOD COMMAND. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

AIX 5.1 : IY64356

The remote host is missing AIX Critical Security Patch number IY64356 SECURITY: POSSIBLE SECURITY EXPOSURE IN CHCOD COMMAND. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...

CVE-2004-1028

CVE-2004-1028 describes a local privilege-escalation in IBM AIX chcod. The setuid root chcod on AIX 5.1.0/5.2.0/5.3.0 trusts PATH and invokes an external program named “grep.” If a local attacker can place a malicious grep in a directory in PATH and run chcod, arbitrary code could be executed wit...

[Full-Disclosure] iDEFENSE Security Advisory 12.20.04: IBM AIX chcod Local Privilege Escalation Vulnerability

IBM AIX chcod Local Privilege Escalation Vulnerability iDEFENSE Security Advisory 12.20.04 www.idefense.com/application/poi/display?id=170&type=vulnerabilities December 20, 2004 I. BACKGROUND The chcod program is a setuid root application, installed by default under newer versions of IBM AIX, tha...