Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 19/06/2001 Updated: 07/11/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm aix 4.3
ibm aix 5.1

source: wwwsecurityfocuscom/bid/2916/info AIX ships with a diagnostic reporting utility called 'diagrpt' This utility is installed setuid root by default When 'diagrpt' executes, it relies on an environment variable to locate another utility which it executes This utility is executed by 'diagrpt' as root An attacker can gain root pr ...

NVD-CWE-Other http://www.securityfocus.com/bid/2916 https://exchange.xforce.ibmcloud.com/vulnerabilities/6734 http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/MSS-OAR-E01-2001.225.1/%24file/oar225.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/20965/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-1080

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect