Back to search
CVE-2004-1329
Published: Jan 6, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
701
exploit
x_refsource_EXPLOIT-DB
IY64389
vendor-advisory
x_refsource_AIXAPAR
20041220 AIX 5.1/5.2/5.3 local root exploits
mailing-list
x_refsource_BUGTRAQ
20070330 AIX 4.3 lsmcode local root command execution
mailing-list
x_refsource_BUGTRAQ
IY64277
vendor-advisory
x_refsource_AIXAPAR
12041
vdb-entry
x_refsource_BID
aix-diagnostics-gain-privileges(18620)
vdb-entry
x_refsource_XF
20070402 Re: AIX 4.3 lsmcode local root command execution
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now