TROYANOSYVIRUS
Back to CVEs

CVE-2014-8904

N/A

Description

lquerylv in cmdlvm in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x allows local users to gain privileges via a crafted DBGCMD_LQUERYLV environment-variable value.

CVE Details

CVSS v3.1 ScoreN/A
Published1/15/2015
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0

Affected Products

ibm:aixibm:vios

Weaknesses (CWE)

CWE-264

References

http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc(psirt@us.ibm.com)
http://secunia.com/advisories/62195(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=isg1IV67907(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=isg1IV67908(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=isg1IV68070(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=isg1IV68082(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=isg1IV68478(psirt@us.ibm.com)
http://www.securitytracker.com/id/1031596(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99193(psirt@us.ibm.com)
https://www.exploit-db.com/exploits/38576/(psirt@us.ibm.com)
http://aix.software.ibm.com/aix/efixes/security/lvm_advisory.asc(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62195(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV67907(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV67908(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV68070(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV68082(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV68478(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1031596(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99193(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/38576/(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.