PT-2005-1320 · Ibm · Ibm Aix

Published

2005-02-07

Updated

2017-07-11

CVE-2005-0240

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM AIX version 5.2

Description A format string issue in the chdev command allows local users to execute arbitrary code via format string specifiers in a command line argument. This occurs because the argument is not properly handled when printing an error message.

Recommendations For IBM AIX version 5.2, consider restricting access to the chdev command until a patch is available. As a temporary workaround, avoid using format string specifiers in command line arguments for the chdev command to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0240

Affected Products

Ibm Aix

PT-2005-1320 · Ibm · Ibm Aix

CVE-2005-0240

Related Identifiers

Affected Products

References · 5