ID CVE-2008-1274
Summary Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.
References
Vulnerable Configurations
  • IBM AIX 6.1.0
    cpe:2.3:o:ibm:aix:6.1.0
CVSS
Base: 6.9 (as of 11-03-2008 - 17:05)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
oval via4
accepted 2008-07-07T04:00:20.040-04:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name Michael Wood
    organization Hewlett-Packard
definition_extensions
  • comment IBM AIX 5.3 is installed
    oval oval:org.mitre.oval:def:5325
  • comment IBM AIX 6.1 is installed
    oval oval:org.mitre.oval:def:5267
description Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory.
family unix
id oval:org.mitre.oval:def:5169
status accepted
submitted 2008-04-11T15:10:44.000-05:00
title IBM AIX "man" Untrusted Binaries Path Privilege Escalation Vulnerability
version 44
refmap via4
aixapar IZ17177
bid 28180
sectrack 1019572
secunia 29301
vupen ADV-2008-0805
xf ibm-aix-man-privilege-escalation(41067)
Last major update 10-03-2011 - 00:00
Published 10-03-2008 - 19:44
Last modified 28-09-2017 - 21:30
Back to Top