Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0133Path Traversal in IBM AIX

5 documents4 sources
Severity
3.6LOWNVD
CNA2.1
EPSS
1.4%
top 19.80%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM AIX
Timeline
PublishedJan 9
Latest updateMay 1

Description

Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the existence of files and read partial contents of certain files via a .. (dot dot) in the argument to (1) getCommand.new (aka getCommand) and (2) getShell, a different vulnerability than CVE-2005-4273.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDibm/aix5.3_ml03

🔴Vulnerability Details

2
GHSA
GHSA-742h-6qx5-qrjr: Multiple directory traversal vulnerabilities in AIX 52022-05-01
CVEList
CVE-2006-0133: Multiple directory traversal vulnerabilities in AIX 52006-01-09

💥Exploits & PoCs

2
Exploit-DB
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure2006-01-01
Exploit-DB
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration2005-12-30
CVE-2006-0133 — Path Traversal in IBM AIX | cvebase