SHARE
CORE IMPACT v7 - Exploits Update (Thu Oct 04 2007)
AIX Libodm ODMPATH exploit
Exploits/Local [AIX]
• Thu Oct 04 2007
This module exploits a vulnerability in the processing of the ODMPATH environment variable within the odm_searchpath() function. This function reads the ODMPATH variable from the user provided environment, and then copies it into a fixed sized stack buffer without properly validating its length. This results in a stack-based buffer overflow, and allows the saved return address to be overwritten allowing the execution of arbitrary code with root privileges.
Exploits Vulnerabiltiy: CVE-2007-3680