|Date: (C)2007-07-26 (M)2017-08-01|
|CVSS Score: 6.9||Access Vector: LOCAL|
|Exploitability Subscore: 3.4||Access Complexity: MEDIUM|
|Impact Subscore: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|
Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.