vendor:
AIX
by:
Tim Brown
7.5
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: AIX
Affected Version From: 6.1.2008
Affected Version To:
Patch Exists: NO
Related CWE: CVE-2014-3977
CPE: o:ibm:aix:6.1.8
Platforms Tested:
2014
Privilege Escalation in IBM AIX
libodm allows privilege escalation via arbitrary file writes with elevated privileges (utilising SetGID and SetUID programs). A new file /etc/pwned is created with permissions of rw-rw-rw.