|
|
>> IBM AIX Multiple Privilege Escalation and Denial of Service Vulnerabilities
|
Multiple vulnerabilities have been identified in IBM AIX, which could be exploited by local attackers to obtain elevated privileges or cause a denial of service.
The first issue is caused by buffer overflow errors in the fcstat, ibstat, mkpath, swcons, uucp and xlplm programs, and in the directory enabled System V print commands provided with the bos.svprint file set, which could be exploited by local attackers to execute arbitrary code with elevated privileges.
The second vulnerability is caused by an unspecified error in the inventory scout code, which may be exploited by a malicious user to delete system files.
The third issue is caused by an error in the "bos.perf.perfstat" fileset kernel extension, which could be exploited by local attackers to cause a denial of service.
Affected Products
IBM AIX version 5.2.0
IBM AIX version 5.3.0
Solution
IBM AIX 5.2.0 - Apply APARs IY94739, IY98506 (available approx. 11/27/07), IY91132, IZ02717 (available approx. 10/31/07), IY98819 (available approx. 10/31/07), IY97215, and IZ00997 (available approx. 10/31/07).
IBM AIX 5.3.0 - Apply APARs IY94761, IY97233, IY98506 (available approx. 11/27/07), IY91145, IY97309, IZ02718 (available approx. 11/27/07), IY98804 (available approx. 11/27/07), IY95852, and IZ00997 (available approx. 11/27/07).
Or apply interim fixes :
ftp://aix.software.ibm.com/aix/efixes/security/fc_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/ib_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/invscout_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/mkpath_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/perfstat_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/svprint_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/swcons_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/uucp200707_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/xlplm_ifix.tar.Z
References
http://www.vupen.com/english/advisories/2007/3059
ftp://aix.software.ibm.com/aix/efixes/security/README
http://www-1.ibm.com/support/docview.wss?uid=isg1IY94739
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506
http://www-1.ibm.com/support/docview.wss?uid=isg1IY91132
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ02717
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98819
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97215
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00997
http://www-1.ibm.com/support/docview.wss?uid=isg1IY94761
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97233
http://www-1.ibm.com/support/docview.wss?uid=isg1IY91145
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97309
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ02718
http://www-1.ibm.com/support/docview.wss?uid=isg1IY98804
http://www-1.ibm.com/support/docview.wss?uid=isg1IY95852
Credits
Vulnerabilities reported by the vendor.
ChangeLog
2007-09-06 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
