Vulnerabilities > CVE-2013-4011 - Local Privilege Escalation vulnerability in IBM AIX
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
Exploit-Db
description ibstat $PATH Privilege Escalation. CVE-2013-4011. Local exploit for linux platform id EDB-ID:32700 last seen 2016-02-03 modified 2014-04-04 published 2014-04-04 reporter metasploit source https://www.exploit-db.com/download/32700/ title ibstat $PATH - Privilege Escalation description IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation. CVE-2013-4011. Local exploit for aix platform id EDB-ID:28507 last seen 2016-02-03 modified 2013-09-24 published 2013-09-24 reporter Kristian Erik Hermansen source https://www.exploit-db.com/download/28507/ title IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation
Metasploit
| description | This module exploits the trusted $PATH environment variable of the SUID binary "ibstat". |
| id | MSF:EXPLOIT/AIX/LOCAL/IBSTAT_PATH |
| last seen | 2020-06-02 |
| modified | 2017-07-24 |
| published | 2014-02-27 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/aix/local/ibstat_path.rb |
| title | ibstat $PATH Privilege Escalation |
Nessus
NASL family AIX Local Security Checks NASL id AIX_IV43561.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68964 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68964 title AIX 7.1 TL 2 : infiniband (IV43561) NASL family AIX Local Security Checks NASL id AIX_U855867.NASL description The remote host is missing AIX PTF U855867, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69308 published 2013-08-13 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69308 title AIX 7.1 TL 1 : devices.common.IBM.ib.rte (U855867) NASL family AIX Local Security Checks NASL id AIX_U857762.NASL description The remote host is missing AIX PTF U857762, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69351 published 2013-08-15 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69351 title AIX 6.1 TL 6 : devices.common.IBM.ib.rte (U857762) NASL family AIX Local Security Checks NASL id AIX_U857552.NASL description The remote host is missing AIX PTF U857552, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69287 published 2013-08-10 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69287 title AIX 7.1 TL 2 : devices.common.IBM.ib.rte (U857552) NASL family AIX Local Security Checks NASL id AIX_U855978.NASL description The remote host is missing AIX PTF U855978, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69286 published 2013-08-10 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69286 title AIX 6.1 TL 8 : devices.common.IBM.ib.rte (U855978) NASL family AIX Local Security Checks NASL id AIX_IV43580.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68966 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68966 title AIX 6.1 TL 8 : infiniband (IV43580) NASL family AIX Local Security Checks NASL id AIX_U859167.NASL description The remote host is missing AIX PTF U859167, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69353 published 2013-08-15 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69353 title AIX 6.1 TL 7 : devices.common.IBM.ib.rte (U859167) NASL family AIX Local Security Checks NASL id AIX_IV43827.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68969 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68969 title AIX 6.1 TL 7 : infiniband (IV43827) NASL family AIX Local Security Checks NASL id AIX_IV43756.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68968 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68968 title AIX 7.1 TL 1 : infiniband (IV43756) NASL family AIX Local Security Checks NASL id AIX_IV43562.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68965 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68965 title AIX 7.1 TL 0 : infiniband (IV43562) NASL family AIX Local Security Checks NASL id AIX_IV43582.NASL description Both last seen 2020-06-01 modified 2020-06-02 plugin id 68967 published 2013-07-19 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68967 title AIX 6.1 TL 6 : infiniband (IV43582) NASL family AIX Local Security Checks NASL id AIX_U858349.NASL description The remote host is missing AIX PTF U858349, which is related to the security of the package devices.common.IBM.ib.rte. Both last seen 2020-06-01 modified 2020-06-02 plugin id 69311 published 2013-08-13 reporter This script is Copyright (C) 2013-2014 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69311 title AIX 7.1 / 7.1 TL 3 : devices.common.IBM.ib.rte (U858349)
Oval
| accepted | 2014-01-06T04:00:15.684-05:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:19167 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2013-11-18T10:06:56.357-05:00 | ||||||||||||||||||||||||
| title | Security Vulnerabilities in AIX InfiniBand | ||||||||||||||||||||||||
| version | 48 |
Packetstorm
data source https://packetstormsecurity.com/files/download/126014/ibstat_path.rb.txt id PACKETSTORM:126014 last seen 2016-12-05 published 2014-04-03 reporter Kristian Hermansen source https://packetstormsecurity.com/files/126014/ibstat-PATH-Privilege-Escalation.html title ibstat $PATH Privilege Escalation data source https://packetstormsecurity.com/files/download/123369/ibmaix-escalate.txt id PACKETSTORM:123369 last seen 2016-12-05 published 2013-09-24 reporter Kristian Hermansen source https://packetstormsecurity.com/files/123369/IBM-AIX-6.1-7.1-Local-Root-Privilege-Escalation.html title IBM AIX 6.1 / 7.1 Local Root Privilege Escalation
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:82068 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-82068 |
| title | IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation |
References
- http://aix.software.ibm.com/aix/efixes/security/infiniband_advisory.asc
- http://osvdb.org/95419
- http://osvdb.org/95420
- http://secunia.com/advisories/54215
- http://www.ibm.com/support/docview.wss?uid=isg1IV43561
- http://www.ibm.com/support/docview.wss?uid=isg1IV43562
- http://www.ibm.com/support/docview.wss?uid=isg1IV43580
- http://www.ibm.com/support/docview.wss?uid=isg1IV43582
- http://www.ibm.com/support/docview.wss?uid=isg1IV43756
- http://www.ibm.com/support/docview.wss?uid=isg1IV43827
- http://www.securityfocus.com/bid/61287
- http://www.securitytracker.com/id/1028792
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85617
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19167