A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1.
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
| Link | Tags |
|---|---|
| http://www.ibm.com/support/docview.wss?uid=isg1IZ54593 | vendor advisory |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ56204 | patch vendor advisory |
| http://secunia.com/advisories/36156 | third party advisory |
| http://aix.software.ibm.com/aix/efixes/security/libC_advisory.asc | vendor advisory |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ56203 | patch vendor advisory |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ54090 | vendor advisory |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ54091 | vendor advisory |
| http://www.securityfocus.com/bid/35934 | vdb entry patch |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ56205 | patch vendor advisory |
| http://www.vupen.com/english/advisories/2009/2151 | vdb entry |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=815 | third party advisory |
| http://www.ibm.com/support/docview.wss?uid=isg1IZ56206 | patch vendor advisory |