CVE-2005-0261

Name of the Vulnerable Software and Affected Versions AIX versions 5.2, 5.3, and possibly earlier versions

Description The issue concerns the lspath command in AIX, which does not properly drop privileges before processing the -f option. This allows local users to read one line of arbitrary files.

Recommendations For AIX versions 5.2 and 5.3, consider restricting access to the lspath command until a fix is available. For versions earlier than 5.2 and 5.3, if affected, apply the same restriction to the lspath command. At the moment, there is no information about a newer version that contains a fix for this vulnerability.