Untrusted Search Path Vulnerability in BMC Patrol for AIX
CVE-2014-2591

Currently unrated

Key Information:

Vendor: Bmc
Status: Patrol Agent
Vendor: CVE Published:; 14 May 2014

What is CVE-2014-2591?

The untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 poses a significant risk by allowing local users to escalate their privileges through the exploitation of an improperly configured RPATH setting. When a user accesses the system, the presence of a crafted library can be leveraged to gain unauthorized access and execute arbitrary code with elevated privileges. This vulnerability underscores the importance of secure coding practices and the need for thorough review of environment configurations to prevent unauthorized access and maintain system integrity.

References

https://www.portcullis-security.com/security-research-and...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Apr/199

mailing-listx_refsource_FULLDISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2014
Vulnerability Reserved
Mar 24, 2014

JSON

Bmc

What is CVE-2014-2591?

References

Timeline