CVE-1999-1405

Name of the Vulnerable Software and Affected Versions: AIX versions prior to 4.3.2

Description: The issue allows local users to access the shadowed password file by creating a specific directory before the root runs a certain command. This could potentially lead to unauthorized access to sensitive information.

Recommendations: For AIX versions prior to 4.3.2, consider restricting access to the /tmp/ibmsupt directory to prevent local users from accessing the shadowed password file until a fix is applied. As a temporary workaround, ensure that the /tmp/ibmsupt directory is properly secured and monitored to minimize the risk of exploitation.