Back to search
CVE-2009-1786
Published: May 26, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://aix.software.ibm.com/aix/efixes/security/libc_advisory.asc
x_refsource_CONFIRM
IZ50445
vendor-advisory
x_refsource_AIXAPAR
oval:org.mitre.oval:def:6276
vdb-entry
signature
x_refsource_OVAL
IZ50447
vendor-advisory
x_refsource_AIXAPAR
54617
vdb-entry
x_refsource_OSVDB
IZ50121
vendor-advisory
x_refsource_AIXAPAR
20090520 IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability
third-party-advisory
x_refsource_IDEFENSE
35034
vdb-entry
x_refsource_BID
9306
exploit
x_refsource_EXPLOIT-DB
1022261
vdb-entry
x_refsource_SECTRACK
ADV-2009-1380
vdb-entry
x_refsource_VUPEN
aix-mallocdebug-privilege-escalation(50636)
vdb-entry
x_refsource_XF
IZ50517
vendor-advisory
x_refsource_AIXAPAR
35146
third-party-advisory
x_refsource_SECUNIA
IZ50500
vendor-advisory
x_refsource_AIXAPAR
IZ50129
vendor-advisory
x_refsource_AIXAPAR
IZ50139
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now