This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote AIX host is missing a security patch.
The nddstat family of commands contains an environment variable
handling error. A local attacker may exploit this error to execute
arbitrary code with root privileges because the commands are setuid
The following files are vulnerable :
/usr/sbin/atmstat /usr/sbin/entstat /usr/sbin/fddistat
See also :
Install the appropriate interim fix.
Risk factor :
High / CVSS Base Score : 7.2