The vulnerability of the errlog() system call function in the runtime services library of the IBM AIX operating system allows a perpetrator to execute arbitrary commands.

The vulnerability of the errlog system call function in the runtime services library of the IBM AIX operating system exists because measures to neutralize the special elements used in the operating system commands have not been taken. Exploiting this vulnerability allows an attacker to execute...

IBM Corporation AIX errlog() Log Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1690 IBM Corporation AIX errlog Log Injection Vulnerability April 24, 2023 CVE Number None,CVE-2023-26286 SUMMARY An OS command injection vulnerability exists in the errlog syscall functionality of IBM Corporation AIX 7.2. A specially crafted syscall can lead...

PT-2023-2525 · Ibm · Vios +1

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.1 through 7.3 VIOS version 3.1 Description: The issue allows a non-privileged local user to exploit a vulnerability in the AIX runtime services library, specifically due to the lack of neutralization of special elements use...