AIX setsenv Buffer Overflow Vulnerability

AIX is a version of the UNIX Operating System distributed by IBM. A problem exists that could allow a user elevated priviledges.

The problem occurs in the setsenv binary. It has been reported that a buffer overflow exists in this binary which could allow a user to overwrite variables on the stack, including the return address. This makes it possible for a malicious user to execute arbitrary code, and potentially attain a UID of 0.


 

Privacy Statement
Copyright 2010, SecurityFocus