[原文]Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.
IBM AIX bos.rte.lvm mklvcopy Local Privilege Escalation
Local Access Required
Loss of Integrity
AIX contains a flaw that may allow a local attacker to gain increased privileges. The 'mklvcopy' command, part of the bos.rte.lvm package, calls external commands in an unsafe manner. This may allow a local attacker to call arbitrary programs that will run with increased privileges.
Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.