IBM ARP Command Local Privilege Escalation Vulnerability

Bugtraq ID:	25071
Class:	Boundary Condition Error
CVE:
Remote:	No
Local:	Yes
Published:	Jul 26 2007 12:00AM
Updated:	Jul 27 2007 04:55PM
Credit:	The vendor reported this issue.
Vulnerable:	IBM AIX 5.3 IBM AIX 5.2
Not Vulnerable:

IBM ARP Command Local Privilege Escalation Vulnerability

IBM AIX is prone to a local privilege-escalation vulnerability that stems from a buffer overflow in a setuid-superuser command.

Successfully exploiting this issue allows local attackers to execute arbitrary machine code with superuser privileges, facilitating the complete compromise of affected computers.

AIX 5.2 and 5.3 are affected.

IBM ARP Command Local Privilege Escalation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

IBM ARP Command Local Privilege Escalation Vulnerability

Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.


IBM AIX 5.2

• IBM atm_ifix.tar.Z
  ftp://aix.software.ibm.com/aix/efixes/security/atm_ifix.tar.Z

IBM AIX 5.3

• IBM atm_ifix.tar.Z
  ftp://aix.software.ibm.com/aix/efixes/security/atm_ifix.tar.Z

IBM ARP Command Local Privilege Escalation Vulnerability

References:

• AIX Fixes (IBM)
  
• AIX Homepage (IBM)