IBM AIX lquerypv Local Privilege Escalation Vulnerability
BID:26259
Info
IBM AIX lquerypv Local Privilege Escalation Vulnerability
| Bugtraq ID: | 26259 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4513 |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 30 2007 12:00AM |
| Updated: | Oct 31 2007 02:36PM |
| Credit: | Sean Larsson of VeriSign iDefense Labs is credited with the discovery of this vulnerability. |
| Vulnerable: |
IBM AIX 5.3 IBM AIX 5.2 |
| Not Vulnerable: | |
Discussion
Exploit / POC
IBM AIX lquerypv Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
IBM AIX lquerypv Local Privilege Escalation Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
IBM AIX 5.2
IBM AIX 5.3
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
IBM AIX 5.2
-
IBM lquerypv_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/lquerypv_ifix.tar
IBM AIX 5.3
-
IBM lquerypv_ifix.tar
ftp://aix.software.ibm.com/aix/efixes/security/lquerypv_ifix.tar
References
IBM AIX lquerypv Local Privilege Escalation Vulnerability
References:
References:
- AIX Homepage (IBM)
- iDefense Security Advisory 10.30.07: IBM AIX lquerypv Stack Buffer Overflow Vuln (iDefense Labs
) - AIX lquerypv buffer overflow vulnerability (IBM)
- IBM AIX lquerypv Stack Buffer Overflow Vulnerability (iDefense Labs)