New Search

IBM AIX 'nddstat' Commands Let Local Users Gain Root Privileges

oval:org.mitre.oval:def:5468

The nddstat programs on IBM AIX 5.2 5.3 and 6.1 do not properly handle environment variables which allows local users to gain privileges by invoking (1) atmstat (2) entstat (3) fddistat (4) hdlcstat or (5) tokstat.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • IBM AIX 6.1
  • IBM AIX 5.3
  • IBM AIX 5.2
Class:
vulnerability
Reference(s):
  • CVE-2008-1599
Product(s):