CVE-2005-0261 | Vulnerability Database | Aqua Security

lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.

Affected Software

Name	Vendor	Start Version	End Version
Aix	Ibm	5.2 (including)	5.2 (including)
Aix	Ibm	5.3 (including)	5.3 (including)

References

http://secunia.com/advisories/14232
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY67457\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY67655\u0026apar=only
http://www.idefense.com/application/poi/display?id=195\u0026type=vulnerabilities
http://www.securityfocus.com/bid/12513
https://exchange.xforce.ibmcloud.com/vulnerabilities/19281
http://secunia.com/advisories/14232
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY67457\u0026apar=only
http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY67655\u0026apar=only
http://www.idefense.com/application/poi/display?id=195\u0026type=vulnerabilities
http://www.securityfocus.com/bid/12513
https://exchange.xforce.ibmcloud.com/vulnerabilities/19281

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-0261
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html