Command Execution Vulnerability in AIX FTP Client by IBM
CVE-1999-0097

Currently unrated

Key Information:

Vendor: HP
Status: HP-ux; Sunos; Aix; Solaris
Vendor: CVE Published:; 29 October 1997

Summary

The AIX FTP client is susceptible to a command execution vulnerability that allows attackers to run arbitrary commands by utilizing shell metacharacters, such as the pipe character. This exploitation occurs when a user connects to a malicious FTP server, potentially leading to unauthorized command execution on the client system. Affected users should implement stringent security practices and apply necessary patches to mitigate the risk of exploitation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-...

x_refsource_MISC

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Oct 29, 1997