In association with heise online

05 February 2007, 15:36

Privilege escalation under IBM AIX 5.3

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

As a result of a vulnerability in IBM's current server operating system AIX 5.3, non-privileged local users may be able to gain complete control over the system. As reported by security services provider FrSIRT, a buffer overflow in the rdist command in the bos.rte.libc packet could be exploited by an attacker to obtain local root privileges.

An IBM advisory appears to state that the problem, which seems to be related to a setUID bit, has already been fixed. No further information on the vulnerability or on patches is given in either the FrSIRT or IBM documents. As a precaution, AIX administrators should update the bos.rte.libc packet to the latest version.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit