IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
BID:51059
Info
IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
| Bugtraq ID: | 51059 |
| Class: | Design Error |
| CVE: |
CVE-2011-1384 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 14 2011 12:00AM |
| Updated: | Mar 19 2015 08:23AM |
| Credit: | IBM |
| Vulnerable: |
IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3 |
| Not Vulnerable: | |
Discussion
IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
IBM AIX is prone to a symbolic link vulnerability and an arbitrary file-deletion vulnerability.
Attackers can exploit these issues to delete or modify arbitrary system files. Successful exploits will allow attackers to corrupt files or cause a denial-of-service condition.
IBM AIX is prone to a symbolic link vulnerability and an arbitrary file-deletion vulnerability.
Attackers can exploit these issues to delete or modify arbitrary system files. Successful exploits will allow attackers to corrupt files or cause a denial-of-service condition.
Exploit / POC
IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
Attackers can use readily available tools to exploit this issue.
Attackers can use readily available tools to exploit this issue.
Solution / Fix
IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
IBM AIX Inventory Scout Code Symbolic Link and Arbitrary File Deletion Vulnerability
References:
References: