AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability
BID:9906
Info
AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability
| Bugtraq ID: | 9906 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 17 2004 12:00AM |
| Updated: | Mar 17 2004 12:00AM |
| Credit: | Discovery of this vulnerability has been credited to watercloud <[email protected]>. |
| Vulnerable: |
IBM AIX 4.3.3 IBM AIX 5.2 IBM AIX 5.1 |
| Not Vulnerable: | |
Discussion
AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability
putlvcb has been reported to be prone to a buffer overflow vulnerability.
When an argument is passed to the putlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflow its bounds and will trample any saved data that is adjacent to the affected buffer. Ultimately this may lead to the execution of arbitrary instructions in the context of the root user.
An attacker will require root group privileges prior to the execution of the putlvcb utility, the attacker may exploit the issue described in BID 9903 in order to gain the necessary privileges required to exploit this vulnerability.
putlvcb has been reported to be prone to a buffer overflow vulnerability.
When an argument is passed to the putlvcb utility, the string is copied into a reserved buffer in memory. Data that exceeds the size of the reserved buffer will overflow its bounds and will trample any saved data that is adjacent to the affected buffer. Ultimately this may lead to the execution of arbitrary instructions in the context of the root user.
An attacker will require root group privileges prior to the execution of the putlvcb utility, the attacker may exploit the issue described in BID 9903 in order to gain the necessary privileges required to exploit this vulnerability.
Exploit / POC
AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability
The following proof of concept exploit has been supplied:
The following proof of concept exploit has been supplied:
Solution / Fix
AIX Putlvcb Command Line Argument Buffer Overflow Vulnerability
Solution:
IBM has released an update to their original advisory (APR-22-2004-LVM) as well as official APAR fixes; these fixes supercede the previous efixes. Further information regarding obtaining and applying APARs can be found in the referenced advisory.
IBM AIX 5.1
IBM AIX 5.2
Solution:
IBM has released an update to their original advisory (APR-22-2004-LVM) as well as official APAR fixes; these fixes supercede the previous efixes. Further information regarding obtaining and applying APARs can be found in the referenced advisory.
IBM AIX 5.1
-
IBM IY55681
http://www-912.ibm.com/eserver/support/fixes/fcgui.jsp -
IBM IY55682
http://www-912.ibm.com/eserver/support/fixes/fcgui.jsp
IBM AIX 5.2