In association with heise online

31 October 2007, 12:26

Several vulnerabilities in IBM AIX

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security provider iDefense has reported several security holes allowing attackers to obtain root privileges in various versions of IBM's Unix derivative AIX (Advanced Interactive eXecutive). Most of the vulnerabilities are based on buffer overflows in the bellmail, FTP client, lquerypv, lqueryvg, dig and crontab system tools or applications. In each case, the SUID bit is set. Attackers who are logged into the system can use specially crafted arguments to trigger a buffer overflow, write arbitrary code into the stack and execute it at root level when the tool or application is called. In addition, the swcons SUID tool allows arbitrary files to be accessed or created on a system.

AIX 5.2 and 5.3 are affected, as well as several previous versions, although some of the vulnerabilities no longer exist in version 5.3. According to iDefense, IBM has released interim fixes. As a workaround, iDefense recommends admins to delete the SUID bit in the affected binaries - in this case, however, only root will be able to utilise the tools.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit