This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote AIX host is missing a security patch.
There is a buffer overflow vulnerability in the qoslist command. A
locally authenticated attacker can exploit this vulnerability if they
have they have been assigned the aix.network.status or
aix.network.config.no role-based access control authorizations.
The successful exploitation of this vulnerability allows a local
attacker to execute arbitrary code with the innate privileges of the
The following executable is vulnerable :
See also :
Install the appropriate interim fix.
Risk factor :
High / CVSS Base Score : 7.2