AIX dpsexec Vulnerability

AIX versions previous and up to 3.2.5 (and possibly later) ship with a DPS Server. When run under XDM (a login utility under certian X-Windows versions) this server assumes root privileges. Due to this, and no proper UID checking, users can write to any file on the system therefore gaining root privileges.


Privacy Statement
Copyright 2010, SecurityFocus