Info

Disclosure

Feb 01, 1994

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

AIX Performance Tools contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to an unspecified error in "bosext1.extcmds.obj" Licensed Program Product, specifically the 'lvedit' utility. This flaw may allow a local attacker to gain root privileges, resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Attack Type Unknown
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.

Products

IBM Corporation	AIX	3.2.4
		3.2.5

References

Related OSVDB ID: 17072 17073 17074 17075 17077 17078 17079 17080 17081 17082 7986
CVE ID: 1999-0338 (see also: NVD)
ISS X-Force ID: 504
Keyword: APAR IX42332 bosext1.extcmds.obj Licensed Program Product PTF U420020 U422510
CERT: CA-1994-03

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/17076

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

IBM Corporation

AIX

References

Credit