10 matches found
AIX 7.1 - lquerylv Local Privilege Escalation Vulnerability
Exploit for aix platform in category local exploits !/bin/sh Exploit Title: AIX 7.1 lquerylv privilege escalation Date: 2015.10.30 Exploit Author: S2 Crew Hungary Vendor Homepage: www.ibm.com Software Link: - Version: - Tested on: AIX 7.1 7100-02-03-1334 CVE : CVE-2014-8904 From file writing to...
AIX 7.1 - lquerylv Local Privilege Escalation
AIX 7.1 - lquerylv Local Privilege Escalation !/bin/sh Exploit Title: AIX 7.1 lquerylv privilege escalation Date: 2015.10.30 Exploit Author: S2 Crew Hungary Vendor Homepage: www.ibm.com Software Link: - Version: - Tested on: AIX 7.1 7100-02-03-1334 CVE : CVE-2014-8904 From file writing to command...
AIX 7.1 - 'lquerylv' Local Privilege Escalation
!/bin/sh Exploit Title: AIX 7.1 lquerylv privilege escalation Date: 2015.10.30 Exploit Author: S2 Crew Hungary Vendor Homepage: www.ibm.com Software Link: - Version: - Tested on: AIX 7.1 7100-02-03-1334 CVE : CVE-2014-8904 From file writing to command execution ; export DBGCMDLQUERYLV=1 umask 0 l...
AIX 6.1 TL 8 : bos.rte.lvm (U868378)
The remote host is missing AIX PTF U868378, which is related to the security of the package bos.rte.lvm. The running of lquerylv command with variable DBGCMDLQUERYLV set may allow a local user to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
AIX 7.1 TL 3 : bos.rte.lvm (U865854)
The remote host is missing AIX PTF U865854, which is related to the security of the package bos.rte.lvm. The running of lquerylv command with variable DBGCMDLQUERYLV set may allow a local user to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
AIX 6.1 TL 9 : bos.rte.lvm (U865862)
The remote host is missing AIX PTF U865862, which is related to the security of the package bos.rte.lvm. The running of lquerylv command with variable DBGCMDLQUERYLV set may allow a local user to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
AIX 6.1 TL 9 : lvm (IV67907)
The running of lquerylv command with variable DBGCMDLQUERYLV set may allow a local user to gain root privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory lvmadvisory.asc. include'deprecatednasllevel.inc';...
CVE-2014-8904
CVE-2014-8904 affects IBM AIX (versions 5.3, 6.1, 7.1) and VIOS 2.2.x. The vulnerability is a local privilege escalation in lquerylv (cmdlvm) where a crafted DBGCMD_LQUERYLV environment variable enables a local user to gain root privileges. Public exploitation exists: exploit code and demonstrati...
AIX 6.1 TL 9 : lvm (IV68099) (deprecated)
The running of lquerylv command with variable DBGCMDLQUERYLV set may allow a local user to gain root privileges. This plugin is deprecated and has been replaced by plugin 81108. %NASLMINLEVEL 999999 C Tenable Network Security, Inc. @DEPRECATED@ The text in the description was extracted from AIX...
AIX cmdlvm vulnerability,VIOS cmdlvm vulnerability
IBM SECURITY ADVISORY First Issued: Tue Jan 13 12:44:56 AM CST 2015 Updated: Tue Jan 20 08:37:23 CST 2015 Update: Added Acknowledgment Updated: Fri Jan 30 09:02:40 CST 2015 Update: Updated iFixes |Updated: Tue Feb 17 14:15:48 CST 2015 |Update: Updated 6.1.8 and 7.1.2 SPs The most recent version o...