The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows malicious users to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm aix 6.1 |
||
ibm aix 7.1 |
||
ibm vios 2.2.1.4 |