PT-2001-2223 · Ibm · Aix

Published

2001-06-19

Updated

2017-10-10

CVE-2001-1080

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AIX versions 4.3.x through 5.1

Description The issue allows local users to gain privileges by modifying the DIAGDATADIR environment variable to point to a Trojan horse program, which is then executed by diagrpt.

Recommendations For AIX versions 4.3.x through 5.1, restrict access to the DIAGDATADIR environment variable to prevent unauthorized modifications. As a temporary workaround, consider setting the DIAGDATADIR variable to a trusted directory to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1080

Affected Products

Aix

PT-2001-2223 · Ibm · Aix

CVE-2001-1080

Related Identifiers

Affected Products

References · 5