CVE-2012-2179

IBM AIX 5.3, 6.1, 7.1 - Arbitrary File Write via Symlink Attack on Temporary File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2179.

AI-analyzed exploit summary The exploit demonstrates a privilege escalation vulnerability in IBM AIX by leveraging a race condition in libodm. It creates a symlink to a target file, exploiting a time-of-check, time-of-use (TOCTOU) race to achieve arbitrary file writes with elevated privileges.

Description

libodm.a in IBM AIX 5.3, 6.1, and 7.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

Exploits (1)

exploitdb WORKING POC

localaix

https://www.exploit-db.com/exploits/33725

View Code ZIP pw:eip

The exploit demonstrates a privilege escalation vulnerability in IBM AIX by leveraging a race condition in libodm. It creates a symlink to a target file, exploiting a time-of-check, time-of-use (TOCTOU) race to achieve arbitrary file writes with elevated privileges.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Racy

Target: IBM AIX 6.1.8 and later

No auth needed

Prerequisites: Access to a vulnerable IBM AIX system · Ability to execute arbitrary code on the target system

MITRE ATT&CK