IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
BID:12516
Info
IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
| Bugtraq ID: | 12516 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0262 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 10 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | iDEFENSE Labs is credited with the discovery of this issue. |
| Vulnerable: |
IBM AIX 5.3 IBM AIX 5.2 IBM AIX 5.1 |
| Not Vulnerable: | |
Discussion
IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
A local buffer overflow vulnerability reportedly affects IBMs AIX 'ipl_varyon' utility. This issue is due to a failure of the application to securely copy user-supplied data into finite process buffers.
A local attacker may leverage this issue to execute arbitrary code on an affected computer with superuser privileges, facilitating privilege escalation.
A local buffer overflow vulnerability reportedly affects IBMs AIX 'ipl_varyon' utility. This issue is due to a failure of the application to securely copy user-supplied data into finite process buffers.
A local attacker may leverage this issue to execute arbitrary code on an affected computer with superuser privileges, facilitating privilege escalation.
Exploit / POC
IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
Solution:
The vendor has released an advisory (IBM-19-06-2005) and fixes to address this issue:
IBM AIX 5.1
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor has released an advisory (IBM-19-06-2005) and fixes to address this issue:
IBM AIX 5.1
-
IBM IY66933
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html -
IBM IY67750
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html -
IBM IY67812
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html
IBM AIX 5.2
-
IBM IY66933
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html -
IBM IY67750
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html -
IBM IY67812
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html
IBM AIX 5.3
References
IBM AIX IPL_Varyon Local Buffer Overflow Vulnerability
References:
References: