Privilege Escalation via Runtime Linker Vulnerability

Privilege Escalation via Runtime Linker Vulnerability

CVE-2014-3074 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program.

Learn more about our Cis Benchmark Audit For Apple Ios.