SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   IBM AIX Vendors:   IBM
IBM AIX Buffer Overflow in 'rpc.cmsd' Lets Remote Users Obtain Root Privileges
SecurityTracker Alert ID:  1022996
SecurityTracker URL:  http://securitytracker.com/id/1022996
CVE Reference:   CVE-2009-3699   (Links to External Site)
Updated:  Oct 20 2009
Original Entry Date:  Oct 7 2009
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.3, 6.1; and prior versions
Description:   A vulnerability was reported in the IBM AIX calendar daemon. A remote user can execute arbitrary code on the target system.

A remote user can send specially crafted data to the calendar daemon ('rpc.cmsd') to trigger a buffer overflow in the calendar daemon library ('libcsa.a') and execute arbitrary code on the target system. The code will run with root privileges.

Rodrigo Rubira Branco and iDefense Labs reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system with root privileges.
Solution:   The vendor has issued the following APARs (with availability date shown):

5.3.0 IZ62672 interm fix only
5.3.7 IZ61628 11/11/09 (sp10)
5.3.8 IZ62237 11/11/09 (sp8)
5.3.9 IZ61717 11/11/09 (sp5)
5.3.10 IZ62123 11/11/09 (sp2)
6.1.0 IZ62569 12/16/09 (sp11)
6.1.1 IZ62570 12/16/09 (sp7)
6.1.2 IZ62571 12/16/09 (sp6)
6.1.3 IZ62572 12/16/09 (sp3)

The vendor's advisories are available at:

http://www.ibm.com/support/docview.wss?uid=isg1IZ62672
http://www.ibm.com/support/docview.wss?uid=isg1IZ61628
http://www.ibm.com/support/docview.wss?uid=isg1IZ62237
http://www.ibm.com/support/docview.wss?uid=isg1IZ61717
http://www.ibm.com/support/docview.wss?uid=isg1IZ62123
http://www.ibm.com/support/docview.wss?uid=isg1IZ62569
http://www.ibm.com/support/docview.wss?uid=isg1IZ62570
http://www.ibm.com/support/docview.wss?uid=isg1IZ62571
http://www.ibm.com/support/docview.wss?uid=isg1IZ62572
http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc

Vendor URL:  aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc (Links to External Site)
Cause:   Boundary error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC