BID:25078

IBM LPD Command Local Privilege Escalation Vulnerability

Info

IBM LPD Command Local Privilege Escalation Vulnerability

Bugtraq ID:	25078
Class:	Boundary Condition Error
CVE:
Remote:	No
Local:	Yes
Published:	Jul 26 2007 12:00AM
Updated:	Jul 27 2007 05:15PM
Credit:	The vendor reported this issue.
Vulnerable:	IBM AIX 5.3 IBM AIX 5.2

Not Vulnerable:

Discussion

IBM LPD Command Local Privilege Escalation Vulnerability

IBM AIX is prone to a local privilege-escalation vulnerability that stems from a buffer overflow in a setuid-superuser command.

Successfully exploiting this issue allows local attackers to execute arbitrary machine code with superuser privileges, facilitating the complete compromise of affected computers.

AIX 5.2 and 5.3 are affected.

Exploit / POC

IBM LPD Command Local Privilege Escalation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Solution / Fix

IBM LPD Command Local Privilege Escalation Vulnerability

Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.

IBM AIX 5.2

IBM lpd_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/lpd_ifix.tar.Z

IBM IY98560
http://www.ibm.com/servers/eserver/support/unixservers/aixfixes.html

IBM AIX 5.3

IBM lpd_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/lpd_ifix.tar.Z

IBM IY98339
http://www.ibm.com/servers/eserver/support/unixservers/aixfixes.html

References

IBM LPD Command Local Privilege Escalation Vulnerability

References:

AIX Fixes (IBM)
AIX Homepage (IBM)