CVE-2001-0573

Severity

46%

Complexity

39%

Confidentiality

106%

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named (1) grep or (2) lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 23 years ago

2001-08-02 04:00:00

Last updated 7 years ago

2017-10-10 01:29:00

Affected Software

IBM AIX 4

4

References

IY16909

Exploit, Patch, Vendor Advisory

VU#123651

US Government Resource

5582

aix-lsfs-path(7007)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.