AIX 5.3 TL 7 : swcons (IZ18338)
High Nessus Plugin ID 63760
SynopsisThe remote AIX host is missing a security patch.
DescriptionA file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group (gid=0) to execute this command.
The following commands are vulnerable :
SolutionInstall the appropriate interim fix.