3 matches found
CVE-2004-1329
The CVE describes an untrusted execution path vulnerability in IBM AIX 5.1–5.3: the diag commands (lsmcode, diag_exec, invscout, invscoutd) can be coerced into running arbitrary code when the DIAGNOSTICS environment variable is modified to reference a malicious Dctrl program. Affected components/...
Immunity Canvas: CVE_2004_1329
Name| CVE20041329 ---|--- CVE| CVE-2004-1329 Exploit Pack| CANVAS Description| CVE-2004-1329: DIAGNOSTICS environment handling Notes| CVE Name: CVE-2004-1329 VENDOR: IBM VersionsAffected: 5.X Repeatability: unlimited CVE URL: https://vulners.com/cve/CVE-2004-1329 CVSS: 7.2...
CVE-2004-1329
Untrusted execution path vulnerability in the diag commands 1 lsmcode, 2 diagexec, 3 invscout, and 4 invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program...