IBM AIX 'swcons' Insecure File Creation Vulnerability
BID:30999
Info
IBM AIX 'swcons' Insecure File Creation Vulnerability
| Bugtraq ID: | 30999 |
| Class: | Design Error |
| CVE: |
CVE-2008-4018 |
| Remote: | No |
| Local: | Yes |
| Published: | Sep 03 2008 12:00AM |
| Updated: | May 07 2015 05:24PM |
| Credit: | iDefense Labs |
| Vulnerable: |
IBM AIX 6.1 IBM AIX 5.3 IBM AIX 5.2 |
| Not Vulnerable: | |
Discussion
IBM AIX 'swcons' Insecure File Creation Vulnerability
AIX 'swcons' is prone to a vulnerability that lets attackers create arbitrary files as the root user.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. Note that to run the 'swcons' utility, local users must belong to the 'system' group.
This issue affects AIX 5.2, 5.3, and 6.1; fixes are available.
AIX 'swcons' is prone to a vulnerability that lets attackers create arbitrary files as the root user.
A local attacker can exploit this issue to execute arbitrary code with superuser privileges. Note that to run the 'swcons' utility, local users must belong to the 'system' group.
This issue affects AIX 5.2, 5.3, and 6.1; fixes are available.
Exploit / POC
IBM AIX 'swcons' Insecure File Creation Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
IBM AIX 'swcons' Insecure File Creation Vulnerability
Solution:
The vendor has released updates. Please see the vendor references for more information.
IBM AIX 6.1
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor has released updates. Please see the vendor references for more information.
IBM AIX 6.1
-
IBM IZ18341
http://www.ibm.com/support/docview.wss?uid=isg1IZ18341 -
IBM IZ28943
http://www.ibm.com/support/docview.wss?uid=isg1IZ28943
IBM AIX 5.2
IBM AIX 5.3