Vulnerabilities > CVE-2006-2647 - Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ibm

NVD

Published: 2006-05-30

Updated: 2011-03-08

Summary

Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX 5.1 IBM AIX 5.2 IBM AIX 5.3	3

References

http://secunia.com/advisories/20325
http://securitytracker.com/id?1016166
http://www.securityfocus.com/bid/18114
http://www.vupen.com/english/advisories/2006/2007
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85517&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85518&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY88524&apar=only