header-logo
Suggest Exploit
vendor:
AIX
by:
SecurityFocus
2.1
CVSS
LOW
Privilege Escalation
264
CWE
Product Name: AIX
Affected Version From: 4.x.x
Affected Version To: 4.x.x
Patch Exists: NO
Related CWE: N/A
CPE: aix:4.x.x
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: AIX
2002

AIX 4.x.x netstat -Zi Vulnerability

A vulnerability exists in versions 4.x.x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could potentially interfere with programs that track statistical information.

Mitigation:

Restrict access to the netstat command to privileged users only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1660/info

A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could potentially interfere with programs that track statistical information.

$ netstat -in --> shows stats
$ netstat -Zi --> clears them without checking the uid

Navigation

Suggest Exploit

Services By CQR