CVE-2007-4004

IBM AIX <5.3 SP6 & 5.2.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4004. PoCs published by qaaz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in IBM AIX's ftp client (CVE-2007-4004) to achieve local privilege escalation. It leverages environment variable manipulation and shellcode execution to spawn a root shell.

Description

Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.

Exploits (1)

exploitdb WORKING POC VERIFIED

by qaaz · clocalaix

https://www.exploit-db.com/exploits/4233

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in IBM AIX's ftp client (CVE-2007-4004) to achieve local privilege escalation. It leverages environment variable manipulation and shellcode execution to spawn a root shell.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IBM AIX ftp client <= 5.3 sp6

No auth needed

Prerequisites: Local access to an IBM AIX system with vulnerable ftp client

MITRE ATT&CK