https://www.securityfocus.com/bid/82894
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200201-001

(1)grpck和(2)pwck存在缓冲区溢出漏洞。当setuid安装在AIX文档推荐的系统上时，本地用户可以借助超长命令行参数提升特权。

Pwck Pwck 0

Grpck Grpck 0

来源:US-CERTVulnerabilityNote:VU#877811
名称:VU#877811
链接:http://www.kb.cert.org/vuls/id/877811
来源:US-CERTVulnerabilityNote:VU#121891
名称:VU#121891
链接:http://www.kb.cert.org/vuls/id/121891
来源:XF
名称:pwck-command-line-bo(7859)
链接:http://xforce.iss.net/xforce/xfdb/7859
来源:XF
名称:grpck-command-line-bo(7857)
链接:http://xforce.iss.net/xforce/xfdb/7857
来源:publib.boulder.ibm.com
链接:http://publib.boulder.ibm.com/infocenter/pseries/topic/com.ibm.aix.doc/cmds/aixcmds2/grpck.htm
来源:VULNWATCH
名称:20020102blackshell3:multiplepwck/grpckvulnerabilities
链接:http://marc.theaimsgroup.com/?l=vulnwatch&m;=100998205010794&w;=2
来源:VULN-DEV
名称:20020102Re:[VulnWatch]blackshell3:multiplepwck/grpckvulnerabilities
链接:http://marc.theaimsgroup.com/?l=vuln-dev&m;=100999352406822&w;=2