CVE-2004-1028

Name of the Vulnerable Software and Affected Versions: AIX versions 5.1.0 through 5.3.0

Description: The issue allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program. This program is then executed from chcod, enabling untrusted execution paths.

Recommendations: For AIX versions 5.1.0 through 5.3.0, consider restricting modifications to the PATH environment variable to prevent malicious "grep" programs from being executed. As a temporary workaround, restrict access to the chcod function to minimize the risk of exploitation.