SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   IBM AIX Vendors:   IBM
AIX Buffer Overflow in pioout Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1019264
SecurityTracker URL:  http://securitytracker.com/id/1019264
CVE Reference:   CVE-2007-5764   (Links to External Site)
Updated:  Jan 24 2008
Original Entry Date:  Jan 24 2008
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.2, 5.3, 6.1
Description:   A vulnerability was reported in AIX. A local user can obtain elevated privileges on the target system.

A local user can supply a specially crafted command line option to trigger a buffer overflow in '/usr/lib/lpd/pio/etc/pioout' and execute arbitrary code on the target system with root level privileges.

IBM has assigned APAR numbers IZ10840, IZ10841, IZ10842, and IZ10844 to this vulnerability.

The vendor was notified on November 29, 2007.

An anonymous researcher reported this vulnerability via iDefense.

Impact:   A local user can obtain root privileges on the target system.
Solution:   The vendor plans to issue the following APARs (with availability date listed):

5.2.0 IZ10840 05/14/08
5.3.0 IZ10841 02/06/08
5.3.7 IZ10842 02/06/08
6.1.0 IZ10844 02/20/08

An interim fix is available at:

ftp://aix.software.ibm.com/aix/efixes/security/pioout_ifix.tar

The IBM advisories are available at:

http://www.ibm.com/support/docview.wss?uid=isg1IZ10840
http://www.ibm.com/support/docview.wss?uid=isg1IZ10841
http://www.ibm.com/support/docview.wss?uid=isg1IZ10842
http://www.ibm.com/support/docview.wss?uid=isg1IZ10844

Vendor URL:  www.ibm.com/ (Links to External Site)
Cause:   Boundary error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC