CVE-2005-0261 - Wainscoted Father

Description

lspath in AIX 5.2 5.3 and possibly earlier versions does not drop privileges before processing the -f option which allows local users to read one line of arbitrary files.

Reference

http://www.idefense.com/application/poi/display?id=195&type=vulnerabilities http://www-1.ibm.com/support/search.wss?rs=0&q=IY67457&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY67655&apar=only http://www.securityfocus.com/bid/12513 http://secunia.com/advisories/14232 https://exchange.xforce.ibmcloud.com/vulnerabilities/19281