Security Bulletin: Vulnerabilities in bellmail, caccelstat, iostat, lquerypv, restbyinode, and vmstat affect AIX (CVE-2017-1692)

Summary There is a potential root privilege escalation vulnerability in bellmail, caccelstat, iostat, lquerypv, restbyinode, and vmstat on AIX. Vulnerability Details CVEID: CVE-2017-1692 DESCRIPTION: IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to...

AIX 5.3L /usr/sbin/lquerypv Local Root Privilege Escalation Exploit

/AIX 5.3L /usr/sbin/lquerypv local root privilege escalation =========================================================== AIX5.3L includes a setuid root binary "lquerypv" which contains a stack-based overflow in the handling of -V command line argument. However, prior to the vulnerability being...

AIX lquerypv Advisory : suid_advisory.asc (IJ00951) (IV99548) (IV99550) (IV99551) (IV99552)

The version of lquerypv installed on the remote AIX host is affected by a privilege escalation vulnerability. A local attacker can exploit this to gain root privileges. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid111971; scriptversion"1.4";...

IBM AIX Privilege Vulnerability

AIX Advanced Interactive eXecutive is a UNIX-like operating system developed by IBM based on the AT&T Unix System V. It runs on top of IBM's proprietary Power Series chip-designed minicomputer hardware systems. Multiple IBM's Aix systems suffer from a privilege-lifting vulnerability that can be...

(bellmail) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692),(bellmail) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect VIOS (CVE-2017-1692),(caccelstat) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692),(iostat) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692),(lquerypv) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692),(lquerypv) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect VIOS (CVE-2017-1692),(restbyinode) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692),(restbyinode) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect VIOS (CVE-2017-1692),(vmstat) Vulnerabilities in bellmail / caccelstat / iostat / lquerypv / restbyinode / vmstat affect AIX (CVE-2017-1692)

IBM SECURITY ADVISORY First Issued: Mon Feb 5 13:19:26 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/suidadvisory.asc https://aix.software.ibm.com/aix/efixes/security/suidadvisory.asc...

IBM AIX <= 4.2.1 lquerypv Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/455/info There exists a vulnerability in the lquerypv command under AIX. By using the '-h' flaq, a user may read any file on the file system in hex format. /usr/sbin/lquerypv -h /pathtofilename...

Immunity Canvas: CVE_2007_4513

Name| CVE20074513 ---|--- CVE| CVE-2007-4513 Exploit Pack| CANVAS Description| CVE-2007-4513: lquerypv Notes| CVE Name: CVE-2007-4513 VENDOR: IBM VersionsAffected: 5.X Repeatability: unlimited CVE URL: https://vulners.com/cve/CVE-2007-4513 CVSS: 7.2...

CVE-2007-4513

Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the 1 "-p" option to lqueryvg or 2 the "-V" option to lquerypv...

IBM AIX 4.2.1 - &#039;lquerypv&#039; File Read

source: https://www.securityfocus.com/bid/455/info There exists a vulnerability in the lquerypv command under AIX. By using the '-h' flaq, a user may read any file on the file system in hex format. /usr/sbin/lquerypv -h /pathtofilename...

IBM AIX 4.2.1 - lquerypv File Read

IBM AIX 4.2.1 - lquerypv File Read source: https://www.securityfocus.com/bid/455/info There exists a vulnerability in the lquerypv command under AIX. By using the '-h' flaq, a user may read any file on the file system in hex format. /usr/sbin/lquerypv -h /pathtofilename...