|
IBM AIX "utape" Privilege Escalation Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA22119
|
|
|
Release Date:
|
2006-09-26
|
|
Last Update:
|
2006-09-29
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Workaround
|
|
| OS: | AIX 5.x
|
|
| | CVE reference: | CVE-2006-5008 (Secunia mirror)
|
|
|
|
|
|
Description:
Two vulnerabilities has been reported in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerabilities are due to unspecified errors in the "utape" command. These can be exploited by users that have the "Diagnostics" role and are in the "system" group to overwrite arbitrary system files, or to execute arbitrary commands with root privileges.
Solution:
Apply Interim fixes until APARs are available.
Interim fix:
ftp://aix.software.ibm.com/aix/efixes/security/utape_ifix.tar.Z
APAR for AIX 5.2.0:
Apply IY88641 (available approx. 2006-10-18).
APAR for AIX 5.3.0:
Apply IY88642 (available approx. 2006-11-01).
Provided and/or discovered by:
Reported by the vendor.
Changelog:
2006-09-29: Added CVE reference.
Original Advisory:
IBM:
http://www-1.ibm.com/support/docview.wss?uid=isg1IY88641
http://www-1.ibm.com/support/docview.wss?uid=isg1IY88642
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
96 Related Secunia Security Advisories, displaying 10
|
|
|
1. IBM AIX DNS Cache Poisoning
|
|
2. IBM AIX update for OpenSSH
|
|
3. IBM AIX ftpd "quote cwd" Full Path Disclosure Weakness
|
|
4. IBM AIX Multiple Vulnerabilities
|
|
5. IBM AIX Multiple Vulnerabilities
|
|
6. IBM AIX "reboot" Buffer Overflow Vulnerability
|
|
7. AIX "man" Insecure Program Execution Vulnerability
|
|
8. IBM AIX libc "inet_network()" Off-By-One Vulnerability
|
|
9. IBM AIX X Server Multiple Vulnerabilities
|
|
10. IBM AIX Pegasus CIM Server for Director Vulnerabilities
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
