Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1117 — IBM AIX vulnerability

4 documents4 sources

Severity

2.1LOWNVD

EPSS

0.4%

top 40.27%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedDec 31

Latest updateApr 30

Description

lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

▶NVDibm/aix4.1, 4.2+1

GHSA

GHSA-g9xm-g3q5-pm76: lquerypv in AIX 4↗2022-04-30

▶

CVEList

CVE-1999-1117: lquerypv in AIX 4↗2002-03-09

▶

Exploit-DB

IBM AIX 4.2.1 - 'lquerypv' File Read↗1996-11-24

▶