IBM AIX Swcons Command Line Argument Local Buffer Overflow Vulnerability

IBM AIX Swcons Command Line Argument Local Buffer Overflow Vulnerability

IBM AIX swcons is prone to a local buffer overflow vulnerability. This issue arises because the application fails to perform boundary checks prior to copying user-supplied data into insufficiently-sized memory buffers.

Attackers require gid system privileges to execute the affected setuid-superuser utility. A successful attack allows arbitrary machine code execution with superuser privileges, facilitating privilege escalation.

This vulnerability was reported on AIX 5.3, but other versions are also likely affected.