ID CVE-2000-1119
Summary Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
References
Vulnerable Configurations
  • cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
aixapar
  • IY08812
  • IY10721
bid 2032
bugtraq 20001201 Fixed local AIX V43 vulnerabilities
osvdb 1676
xf aix-setsenv-bo(5621)
Last major update 10-10-2017 - 01:29
Published 09-01-2001 - 05:00
Last modified 10-10-2017 - 01:29
Back to Top