CVE-2006-0133

IBM AIX 5.3 ML03 - Local Directory Traversal via getCommand and getShell

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-0133. PoCs published by xfocus.

AI-analyzed exploit summary This exploit demonstrates a local vulnerability in IBM AIX's getShell and getCommand functions, allowing unauthorized read access to shell scripts. The PoC shows how an attacker can execute a script (/tmp/k.sh) to leak process information via a simple command injection.

Description

Multiple directory traversal vulnerabilities in AIX 5.3 ML03 allow local users to determine the existence of files and read partial contents of certain files via a .. (dot dot) in the argument to (1) getCommand.new (aka getCommand) and (2) getShell, a different vulnerability than CVE-2005-4273.

Exploits (2)

exploitdb WORKING POC VERIFIED
by xfocus · textlocalaix
https://www.exploit-db.com/exploits/26997

This exploit demonstrates a local vulnerability in IBM AIX's getShell and getCommand functions, allowing unauthorized read access to shell scripts. The PoC shows how an attacker can execute a script (/tmp/k.sh) to leak process information via a simple command injection.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: IBM AIX (unspecified version)
Auth required
Prerequisites: Local access to the AIX system · Presence of vulnerable getShell/getCommand functions
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by xfocus · textlocalaix
https://www.exploit-db.com/exploits/26996

This exploit demonstrates a local file enumeration vulnerability in IBM AIX's getShell and getCommand utilities. By attempting to access files via relative paths, attackers can infer file existence based on error messages.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: IBM AIX (unspecified version)
Auth required
Prerequisites: Local access to the target system · Presence of vulnerable getShell/getCommand utilities
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015429
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16102
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16103
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/420589/100/0/threaded

Scores

EPSS 0.0099
EPSS Percentile 58.0%

Details

Status published
Products (1)
ibm/aix 5.3_ml03
Published Jan 09, 2006
Tracked Since Feb 18, 2026