Computer Security
[EN] securityvulns.ru no-pyccku


IBM AIX privilege escalation
Published:14.10.2014
Source:
SecurityVulns ID:14014
Type:local
Threat Level:
5/10
Description:Privilege escalation via runtime linker.
Affected:IBM : AIX 6.1
 IBM : AIX 7.1
 IBM : VIOS 2.2
CVE:CVE-2014-3074 (The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.)
Original documentdocumentadvisories_(at)_portcullis-security.com, CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX (14.10.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod