Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1054 — IBM AIX vulnerability

5 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 41.79%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

IBM AIX

Timeline

PublishedJan 10

Latest updateApr 29

Description

Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/aix7 versions+6

🔴Vulnerability Details

GHSA

GHSA-5435-g8fg-8jmh: Untrusted execution path vulnerability in invscout in IBM AIX 5↗2022-04-29

▶

CVEList

CVE-2004-1054: Untrusted execution path vulnerability in invscout in IBM AIX 5↗2004-12-22

▶

💥Exploits & PoCs

Exploit-DB

AIX 5.3.0 - 'invscout' Local Command Execution↗2005-03-25

▶

Exploit-DB

AIX 4.3/5.1 < 5.3 - 'lsmcode' Execution Privilege Escalation↗2004-12-21

▶