|
AIX LSCFG Insecure Temporary File Handling Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA17202
|
|
|
Release Date:
|
2005-10-14
|
|
Last Update:
|
2006-02-14
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | AIX 5.x
|
|
| | CVE reference: | CVE-2006-0667 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A vulnerability has been reported in AIX, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
The vulnerability is caused due to an unspecified temporary file handling error in LSCFG when opening its trace file. This may be exploited by malicious users to corrupt certain system files e.g. "/etc/passwd".
The vulnerability has been reported in AIX 5.2 and 5.3.
Solution:
Apply APARs.
http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html
AIX 5.2:
Apply APAR IY77624.
AIX 5.3:
Apply APAR IY77638.
Provided and/or discovered by:
Reported by vendor.
Changelog:
2005-10-17: Vendor released APAR for AIX 5.3. Updated "Description", "Solution" and "Original Advisory" sections.
2006-02-14: Added CVE reference.
Original Advisory:
IBM:
http://www-1.ibm.com/support/docview.wss?uid=isg1IY77624
http://www-1.ibm.com/support/docview.wss?uid=isg1IY77638
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
96 Related Secunia Security Advisories, displaying 10
|
|
|
1. IBM AIX DNS Cache Poisoning
|
|
2. IBM AIX update for OpenSSH
|
|
3. IBM AIX ftpd "quote cwd" Full Path Disclosure Weakness
|
|
4. IBM AIX Multiple Vulnerabilities
|
|
5. IBM AIX Multiple Vulnerabilities
|
|
6. IBM AIX "reboot" Buffer Overflow Vulnerability
|
|
7. AIX "man" Insecure Program Execution Vulnerability
|
|
8. IBM AIX libc "inet_network()" Off-By-One Vulnerability
|
|
9. IBM AIX X Server Multiple Vulnerabilities
|
|
10. IBM AIX Pegasus CIM Server for Director Vulnerabilities
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
