ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm http server ssl module common 1.0 |