CVE-2013-5467

IBM Tivoli Monitoring <6.3.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-5467. PoCs published by Robert Jaroszuk.

AI-analyzed exploit summary This exploit leverages a privilege escalation vulnerability in IBM Tivoli Monitoring V6.2.2 by injecting a malicious shared library (libcrypt.so.1) that overrides glibc functions to spawn a root shell. The exploit compiles a C program with a constructor that escalates privileges and executes /bin/sh.

Description

Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM) on UNIX allow local users to gain privileges via unspecified vectors.

Exploits (1)

exploitdb WORKING POC

by Robert Jaroszuk · bashlocallinux

https://www.exploit-db.com/exploits/35112

View Code ZIP pw:eip

This exploit leverages a privilege escalation vulnerability in IBM Tivoli Monitoring V6.2.2 by injecting a malicious shared library (libcrypt.so.1) that overrides glibc functions to spawn a root shell. The exploit compiles a C program with a constructor that escalates privileges and executes /bin/sh.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IBM Tivoli Monitoring V6.2.2

No auth needed

Prerequisites: Access to a system with IBM Tivoli Monitoring V6.2.2 installed · Ability to compile code on the target system · Execution permissions for /opt/IBM/ITM/tmaitm6/lx8266/bin/kbbacf1

MITRE ATT&CK

T1548.001 - Setuid and Setgid T1574.006 - Dynamic Linker Hijacking

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/88370

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/69436

Vendor Advisory x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21675798

Scores

EPSS 0.0084

EPSS Percentile 53.2%

Details

CWE

CWE-264

Status published

Products (9)

ibm/monitoring_agent_for_unix_logs 6.2.0

ibm/monitoring_agent_for_unix_logs 6.2.1

ibm/monitoring_agent_for_unix_logs 6.2.2

ibm/monitoring_agent_for_unix_logs 6.2.3

ibm/monitoring_server_\(ms\)_and_shared_libraries_\(ax\) 6.2.0

ibm/monitoring_server_\(ms\)_and_shared_libraries_\(ax\) 6.2.1

ibm/monitoring_server_\(ms\)_and_shared_libraries_\(ax\) 6.2.2

ibm/monitoring_server_\(ms\)_and_shared_libraries_\(ax\) 6.2.3

ibm/monitoring_server_\(ms\)_and_shared_libraries_\(ax\) 6.3.0

Published Aug 29, 2014

Tracked Since Feb 18, 2026