IBM AIX Runtime Linker Search Path Vulnerability

IBM AIX Runtime Linker Search Path Vulnerability

An example given by the poster of this problem cites the /usr/bin/imnsecd program as being setgid, and having the current directory ('.') as the first place it looks in its library search path. By creating a libc.so in the current directory, calls made by imnsecd can be intercepted, and alternate commands run. This could lead to the compromise of the group imnsecd runs as.