CVE-2005-2236

IBM AIX 5.3 - Format String Vulnerability in paginit Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2236. PoCs published by intropy.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in IBM AIX's paginit utility (CVE-2005-2236) to achieve local privilege escalation. It leverages environment variable manipulation and a crafted buffer to execute shellcode, spawning a root shell.

Description

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by intropy · clocalaix

https://www.exploit-db.com/exploits/1046

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IBM AIX's paginit utility (CVE-2005-2236) to achieve local privilege escalation. It leverages environment variable manipulation and a crafted buffer to execute shellcode, spawning a root shell.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IBM AIX paginit (tested on AIX 5.2)

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable paginit binary

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13911

Vendor Advisory x_refsource_misc

http://www.caughq.org/advisories/CAU-2005-0003.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1014132

Scores

EPSS 0.0103

EPSS Percentile 59.3%

Details

Status published

Products (1)

ibm/aix 5.3

Published Jul 12, 2005

Tracked Since Feb 18, 2026