IBM AIX lqueryvg Local Privilege Escalation Vulnerability
BID:26256
Info
IBM AIX lqueryvg Local Privilege Escalation Vulnerability
| Bugtraq ID: | 26256 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4513 |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 30 2007 12:00AM |
| Updated: | Oct 24 2008 04:06PM |
| Credit: | Sean Larsson of VeriSign iDefense Labs is credited with the discovery of this vulnerability. |
| Vulnerable: |
IBM AIX 5.3 IBM AIX 5.2 |
| Not Vulnerable: | |
Discussion
IBM AIX lqueryvg Local Privilege Escalation Vulnerability
IBM AIX is prone to a local privilege-escalation vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code using superuser privileges. Successful exploits will completely compromise affected computers.
IBM AIX is prone to a local privilege-escalation vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers can exploit this issue to execute arbitrary code using superuser privileges. Successful exploits will completely compromise affected computers.
Exploit / POC
IBM AIX lqueryvg Local Privilege Escalation Vulnerability
The following exploit is available to members of the Immunity Partners Program:
https://www.immunityinc.com/downloads/immpartners/aixrooter03.tar
The following exploit is available to members of the Immunity Partners Program:
https://www.immunityinc.com/downloads/immpartners/aixrooter03.tar
Solution / Fix
IBM AIX lqueryvg Local Privilege Escalation Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
IBM AIX 5.2
-
IBM lqueryvg_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/lqueryvg_ifix.tar
IBM AIX 5.3
-
IBM lqueryvg_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/lqueryvg_ifix.tar
References
IBM AIX lqueryvg Local Privilege Escalation Vulnerability
References:
References:
- AIX Homepage (IBM)
- iDefense Security Advisory 10.30.07: IBM AIX lqueryvg Stack Buffer Overflow Vuln (iDefense Labs
) - IBM AIX lqueryvg Stack Buffer Overflow Vulnerability (iDefense Labs)