IBM AIX LSMCode Local Privilege Escalation Vulnerability
BID:18114
CVE-2006-2647 |Info
IBM AIX LSMCode Local Privilege Escalation Vulnerability
| Bugtraq ID: | 18114 |
| Class: | Unknown |
| CVE: |
CVE-2006-2647 |
| Remote: | No |
| Local: | Yes |
| Published: | May 26 2006 12:00AM |
| Updated: | Nov 03 2007 12:06AM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
IBM AIX 4.3 IBM AIX 5.3 IBM AIX 5.2 IBM AIX 5.1 |
| Not Vulnerable: | |
Discussion
IBM AIX LSMCode Local Privilege Escalation Vulnerability
IBM AIX is prone to a local vulnerability in the 'lsmcode' command. Attackers may be able to execute arbitrary machine code with superuser privileges.
IBM AIX 5.1, 5.2, and 5.3 are affected by this issue.
IBM AIX is prone to a local vulnerability in the 'lsmcode' command. Attackers may be able to execute arbitrary machine code with superuser privileges.
IBM AIX 5.1, 5.2, and 5.3 are affected by this issue.
Exploit / POC
IBM AIX LSMCode Local Privilege Escalation Vulnerability
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
IBM AIX LSMCode Local Privilege Escalation Vulnerability
Solution:
IBM has released an advisory to address this issue. Please see the referenced advisory for more information.
IBM AIX 5.1
IBM AIX 5.2
IBM AIX 5.3
Solution:
IBM has released an advisory to address this issue. Please see the referenced advisory for more information.
IBM AIX 5.1
IBM AIX 5.2
IBM AIX 5.3
References
IBM AIX LSMCode Local Privilege Escalation Vulnerability
References:
References: