Privilege Escalation Vulnerability in rexecd for AIX 4.3.3

Privilege Escalation Vulnerability in rexecd for AIX 4.3.3

CVE-2004-2388 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.

Learn more about our Cis Benchmark Audit For Ibm Aix.