IBM AIX 5.3/5.3 L WebSM getShell/getCommand privileges management
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.8 | $0-$5k | 0.00 |
A vulnerability was found in IBM AIX 5.3/5.3 L (Operating System). It has been rated as critical. This issue affects the function getShell/getCommand of the component WebSM. The manipulation with an unknown input leads to a privileges management vulnerability. Using CWE to declare the problem leads to CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
The weakness was published 12/16/2005 by David Litchfield with NGSSoftware (Website). The advisory is shared at www-1.ibm.com. The identification of this vulnerability is CVE-2005-4271 since 12/15/2005. The attack needs to approached within the local network. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available. MITRE ATT&CK project uses the attack technique T1068 for this issue.
It is declared as proof-of-concept.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at aix.software.ibm.com.
Similar entries are available at 1923, 1926, 1924 and 27522.
Product
Type
Vendor
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.6VulDB Meta Temp Score: 6.8
VulDB Base Score: 7.6
VulDB Temp Score: 6.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Privileges managementCWE: CWE-269 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Partially
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Patch: aix.software.ibm.com
Timeline
12/15/2005 🔍12/15/2005 🔍
12/15/2005 🔍
12/16/2005 🔍
12/16/2005 🔍
12/21/2005 🔍
04/11/2019 🔍
Sources
Vendor: ibm.comAdvisory: www-1.ibm.com
Researcher: David Litchfield
Organization: NGSSoftware
Status: Not defined
CVE: CVE-2005-4271 (🔍)
SecurityFocus: 15881 - IBM AIX Debug Malloc Tools Local Buffer Overflow Vulnerability
Secunia: 18088 - AIX Multiple Privilege Escalation Vulnerabilities, Less Critical
Vupen: ADV-2005-2947
See also: 🔍
Entry
Created: 12/21/2005 11:04Updated: 04/11/2019 23:47
Changes: 12/21/2005 11:04 (67), 04/11/2019 23:47 (5)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.