Описание
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-1786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50636
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6276
- https://www.exploit-db.com/exploits/9306
- http://aix.software.ibm.com/aix/efixes/security/libc_advisory.asc
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=802
- http://secunia.com/advisories/35146
- http://securitytracker.com/id?1022261
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50121
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50129
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50139
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50445
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50447
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50500
- http://www.ibm.com/support/docview.wss?uid=isg1IZ50517
- http://www.osvdb.org/54617
- http://www.securityfocus.com/bid/35034
- http://www.vupen.com/english/advisories/2009/1380
Связанные уязвимости
nvd
больше 16 лет назад
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable.