Vulnerabilities

CVE-2004-1054

by Fred · 22/12/2004

Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.

Date published : 2004-12-22

http://www-1.ibm.com/support/search.wss?rs=0&q=IY64820&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IY64852&apar=only

Similar

Tags: Cybersecurity Alert