Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4004Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-1177Use of Prohibited CodeCWE-242Use of Inherently Dangerous Function6 documents5 sources
Severity
6.9MEDIUMNVD
EPSS
0.5%
top 35.63%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM AIX
Timeline
PublishedJul 26
Latest updateMay 3

Description

Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix5.2.0, 5.3+1

🔴Vulnerability Details

2
GHSA
GHSA-r8j9-j996-53pm: Buffer overflow in the ftp client in IBM AIX 52022-05-03
CVEList
CVE-2007-4004: Buffer overflow in the ftp client in IBM AIX 52007-07-26

💥Exploits & PoCs

1
Exploit-DB
IBM AIX 5.3 SP6 - FTP 'gets()' Local Privilege Escalation2007-07-27

📐Framework References

2
CWE
Use of Prohibited Code
CWE
Use of Inherently Dangerous Function
CVE-2007-4004 — IBM AIX vulnerability | cvebase