• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IBM AIX Swcons Arbitrary File Access Vulnerability

AIX 'swcons' is prone to a vulnerability that lets attackers access arbitrary files because the utility fails to adequately verify user-supplied input.

A local attacker can exploit this issue to execute arbitrary code with superuser privileges. Note that to run the 'swcons' utility, local users must belong to the 'system' group.

This issue affects AIX 5.2 and 5.3; fixes are available.