34 matches found
EUVD-2001-1042
Malware in sbrugna...
IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/usr/bin/sh AIX lsmcode local root exploit. Affected: AIX 6.1/7.1/7.2.0.2 Blog post URL: https://rhinosecuritylabs.com/2016/11/03/unix-nostalgia-hunting-zeroday-vulnerabilities-ibm-aix/ lqueryroot.sh by @hxmonsegur 2016 //RSL...
IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Local Privilege Escalation
!/usr/bin/sh AIX lsmcode local root exploit. Affected: AIX 6.1/7.1/7.2.0.2 Blog post URL: https://rhinosecuritylabs.com/2016/11/03/unix-nostalgia-hunting-zeroday-vulnerabilities-ibm-aix/ lqueryroot.sh by @hxmonsegur 2016 //RSL ROOTSHELL=/tmp/shell-$od -N4 -tu /dev/random | awk 'NR==1 print $2 ' i...
AIX 6.1 / 7.1 / 7.2.0.2 lsmcode Local Root
!/usr/bin/sh AIX lsmcode local root exploit. Affected: AIX 6.1/7.1/7.2.0.2 Blog post URL: https://rhinosecuritylabs.com/2016/11/03/unix-nostalgia-hunting-zeroday-vulnerabilities-ibm-aix/ lqueryroot.sh by @hxmonsegur 2016 //RSL ROOTSHELL=/tmp/shell-$od -N4 -tu /dev/random | awk 'NR==1 print $2 ' i...
IBM AIX 6.17.17.2.0.2 - lsmcode Local Privilege Escalation
IBM AIX 6.17.17.2.0.2 - lsmcode Local Privilege Escalation !/usr/bin/sh AIX lsmcode local root exploit. Affected: AIX 6.1/7.1/7.2.0.2 Blog post URL: https://rhinosecuritylabs.com/2016/11/03/unix-nostalgia-hunting-zeroday-vulnerabilities-ibm-aix/ lqueryroot.sh by @hxmonsegur 2016 //RSL...
AIX 6.1 TL 9 : lsmcode (IV87794)
https://vulners.com/cve/CVE-2016-3053 IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory...
AIX 7.1 TL 3 : lsmcode (IV88457)
https://vulners.com/cve/CVE-2016-3053 IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory...
AIX 7.1 TL 4 : lsmcode (IV88007)
https://vulners.com/cve/CVE-2016-3053 IBM AIX contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory...
Vulnerability in lsmcode affects AIX,Vulnerability in lsmcode affects VIOS
lsmcodeadvisory2.asc: Version 5 Version 5 Issued: Fri Nov 11 08:21:26 CST 2016 Version 5 Changes: iFixes for AIX 7100-04-02 and 7200-00-02 no longer require a reboot. IBM SECURITY ADVISORY First Issued: Mon Oct 17 08:54:26 CDT 2016 |Updated: Fri Nov 11 08:21:26 CST 2016 |Update: iFixes for AIX...
IBM AIX 4.3.x/5.1 LSMCODE Environment Variable Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7871/info Insufficient bounds checking in the lsmcode utility will allow locally based attackers to cause memory to be corrupted with attacker-supplied data. As a result, it is possible to exploit this condition to execut...
AIX 5.2 TL 0 : lsmcode (IZ15276)
The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/sbin/lsmcode. %NASLMINLEVEL 70300 C Tenable Network Security,...
AIX 5.3 TL 0 : lsmcode (IZ15100)
The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root. The following files are vulnerable : /usr/sbin/lsmcode. %NASLMINLEVEL 70300 C Tenable Network Security,...
AIX 5.2 TL 10 : bos.diag.util (U815023)
The remote host is missing AIX PTF U815023, which is related to the security of the package bos.diag.util. The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root...
Authentication flaw
The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329...
CVE-2008-1600
The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329...
CVE-2008-1600
The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329...
CVE-2008-1600
The CVE-2008-1600 issue affects IBM AIX lsmcode (AIX 5.2/5.3/6.1). The lsmcode utility contains an environment variable handling error that can be triggered by an unauthenticated local user, who can gain root privileges because the binary is setuid root. Vulnerable file: /usr/sbin/lsmcode. This i...
AIX 5.3 TL 6 : bos.diag.util (U813985)
The remote host is missing AIX PTF U813985, which is related to the security of the package bos.diag.util. The lsmcode command contains an environment variable handling error. A local attacker may exploit this error to execute arbitrary code with root privileges because the command is setuid root...
AIX 4.3 lsmcode local root command execution
It has been reported on http://www.securityfocus.com/bid/18114/ about this vulnerability in AIX 5.1 - 5.3, some exploits is published in milw0rm to exploits this issue http://milw0rm.com/exploits/701 I have an AIX 4.3 box and it seems vulnerable with this issue too bash-2.04$ mkdirhier /tmp/aap/b...
AIX lsmcode privilege escalation
User's environment variable is used to launch external application...