Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1080 — IBM AIX vulnerability

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

3.4%

top 12.55%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

IBM AIX

Timeline

PublishedJun 19

Latest updateApr 30

Description

diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix4.3, 5.1+1

🔴Vulnerability Details

GHSA

GHSA-f6fj-fcmx-fj94: diagrpt in AIX 4↗2022-04-30

▶

CVEList

CVE-2001-1080: diagrpt in AIX 4↗2002-03-09

▶

💥Exploits & PoCs

Exploit-DB

AIX 4.3/5.1 - diagrpt Arbitrary Privileged Program Execution↗2003-05-23

▶