CVE-2000-1121

IBM AIX - Buffer Overflow via enq Command -M Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-1121. PoCs published by watercloud.

AI-analyzed exploit summary This exploit targets a buffer overflow in the AIX 'enq' program to achieve local privilege escalation (LPE) by overwriting stack variables. It generates a malicious payload using Perl and executes it via environment variables to gain an egid=9 shell.

Description

Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by watercloud · bashlocalaix

https://www.exploit-db.com/exploits/20454

View Code ZIP pw:eip

This exploit targets a buffer overflow in the AIX 'enq' program to achieve local privilege escalation (LPE) by overwriting stack variables. It generates a malicious payload using Perl and executes it via environment variables to gain an egid=9 shell.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IBM AIX 4.x (tested on 4.3.3)

No auth needed

Prerequisites: Access to an AIX 4.x system with the 'enq' binary present · Ability to execute shell scripts

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources vendor-advisory x_refsource_aixapar

http://www-1.ibm.com/support/search.wss?rs=0&q=IY08287&apar=only

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2034

Various Sources vendor-advisory x_refsource_aixapar

http://www-1.ibm.com/support/search.wss?rs=0&q=IY08143&apar=only

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=97569466809056&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/5619

Scores

EPSS 0.0099

EPSS Percentile 58.0%

Details

Status published

Products (6)

ibm/aix 4.2

ibm/aix 4.2.1

ibm/aix 4.3

ibm/aix 4.3.1

ibm/aix 4.3.2

ibm/aix 4.3.3

Published Jan 09, 2001

Tracked Since Feb 18, 2026