IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
BID:22456
Info
IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 22456 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0670 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 07 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | The vendor disclosed this issue. |
| Vulnerable: |
IBM AIX 5.3 IBM AIX 5.2 |
| Not Vulnerable: | |
Discussion
IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
IBM AIX remote-access commands are prone to an unspecified buffer-overflow vulnerability because the applications fail to bounds-check user-supplied data before copying it into an insufficiently size buffer.
An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. A successful exploit could lead to a complete compromise of affected computers.
AIX versions 5.2 and 5.3 and are vulnerable to this issue.
IBM AIX remote-access commands are prone to an unspecified buffer-overflow vulnerability because the applications fail to bounds-check user-supplied data before copying it into an insufficiently size buffer.
An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. A successful exploit could lead to a complete compromise of affected computers.
AIX versions 5.2 and 5.3 and are vulnerable to this issue.
Exploit / POC
IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
Solution:
The vendor has issued a fix to address this issue. Please see the referenced advisory for information how to obtain and apply the fix.
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor has issued a fix to address this issue. Please see the referenced advisory for information how to obtain and apply the fix.
IBM AIX 5.2
-
IBM rcmds_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/rcmds_ifix.tar.Z
IBM AIX 5.3
-
IBM rcmds_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/rcmds_ifix.tar.Z
References
IBM AIX Remote Access Commands Unspecified Buffer Overflow Vulnerability
References:
References: