CVE-2004-1028 - Ethnographic Bong

Description

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0 5.2.0 and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious \grep\ program which is executed from chcod.

Reference

http://www.idefense.com/application/poi/display?id=170&type=vulnerabilities http://www-1.ibm.com/support/search.wss?rs=0&q=IY64355&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64354&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY64356&apar=only https://exchange.xforce.ibmcloud.com/vulnerabilities/18625