4 matches found
Security Bulletin: AIX is affected by a root privilege escalation vulnerability (CVE-2022-41290)
Summary A vulnerability in the AIX rmmlcachefile user command could allow a non-privileged local user to obtain root privileges CVE-2022-41290. Vulnerability Details CVEID:CVE-2022-41290 DESCRIPTION: IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a...
Vulnerabilities fixed in IBM AIX
Vulnerabilities have been fixed in IBM AIX. The vulnerabilities allow a malicious party to obtain elevated user privileges and cause a denial-of-service DoS cause. The vulnerability with attribute CVE-2022-41290 and a CVSSv3 score of 8.4 enables an unauthenticated malicious person to obtain root...
IBM AIX rm_mlcache_file以不安全方式创建临时文件漏洞
IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX所带的rmmlcachefile在处理临时文件时存在一个竞争条件漏洞, rmmlcachefile程序用来删除一些系统的缓存文件,它默认设置了suid root属性,允许本地攻击者覆盖任意文件的内容。攻击者可以直接运行此程序进行攻击,也可以等候root用户执行时进行攻击。依赖于所覆盖的文件,可能造成数据丢失或者系统拒绝服务。 IBM AIX 5.3L IBM AIX 5.3 IBM AIX 5.2L IBM AIX 5.2 IBM AIX 5.1L IBM AIX 5.1 临时解决方法:...
Design/Logic Flaw
rmmlcachefile in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files...