IBM AIX Swcons Arbitrary File Access Vulnerability
BID:26258
Info
IBM AIX Swcons Arbitrary File Access Vulnerability
| Bugtraq ID: | 26258 |
| Class: | Design Error |
| CVE: |
CVE-2007-5804 CVE-2007-5805 |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 30 2007 12:00AM |
| Updated: | Jul 05 2016 10:00PM |
| Credit: | Alex DeLarge is credited with discovering this vulnerability. |
| Vulnerable: |
IBM AIX 5.3 IBM AIX 5.2 |
| Not Vulnerable: | |
Discussion
IBM AIX Swcons Arbitrary File Access Vulnerability
AIX 'swcons' is prone to a vulnerability that lets attackers access arbitrary files because the utility fails to adequately verify user-supplied input.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. Note that to run the 'swcons' utility, local users must belong to the 'system' group.
This issue affects AIX 5.2 and 5.3; fixes are available.
AIX 'swcons' is prone to a vulnerability that lets attackers access arbitrary files because the utility fails to adequately verify user-supplied input.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. Note that to run the 'swcons' utility, local users must belong to the 'system' group.
This issue affects AIX 5.2 and 5.3; fixes are available.
Exploit / POC
IBM AIX Swcons Arbitrary File Access Vulnerability
To exploit this issue, an attacker needs local interactive access to the computer.
To exploit this issue, an attacker needs local interactive access to the computer.
Solution / Fix
IBM AIX Swcons Arbitrary File Access Vulnerability
Solution:
The vendor has released updates to address this issue. Please see the vendor references for more information.
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor has released updates to address this issue. Please see the vendor references for more information.
IBM AIX 5.2
-
IBM cfgcon_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar -
IBM IZ03055
http://www.ibm.com/support/docview.wss?uid=isg1IZ03055
IBM AIX 5.3
-
IBM cfgcon_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/cfgcon_ifix.tar -
IBM IZ03061
http://www.ibm.com/support/docview.wss?uid=isg1IZ03061
References
IBM AIX Swcons Arbitrary File Access Vulnerability
References:
References: