IBM AIX Multiple Vulnerabilities - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

IBM AIX Multiple Vulnerabilities

Secunia Advisory:	SA26715
Release Date:	2007-09-06
Last Update:	2008-01-24

Critical:	Less critical
Impact:	Manipulation of data Privilege escalation DoS
Where:	Local system
Solution Status:	Vendor Patch

OS:	AIX 5.x


CVE reference:	CVE-2007-4791 (Secunia mirror) CVE-2007-4792 (Secunia mirror) CVE-2007-4793 (Secunia mirror) CVE-2007-4794 (Secunia mirror) CVE-2007-4795 (Secunia mirror) CVE-2007-4796 (Secunia mirror) CVE-2007-4797 (Secunia mirror) CVE-2007-4798 (Secunia mirror) CVE-2007-4799 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Multiple vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users to delete certain system files, cause a DoS (Denial of Service), or gain escalated privileges. 1) Boundary errors within fcstat, ibstat, mkpath, svprint, swcons, uucp UNIX-to-UNIX Copy, and xlplm commands can be exploited to cause buffer overflows. Successful exploitation allows execution of arbitrary code with root privileges. 2) User privileges are not being checked by the perfstat system call in perfstat kernel extension for SET operations and can be exploited to e.g. cause the system to hang. 3) An input validation error in the invscout command can be exploited to e.g. delete certain system files. Solution: Apply interim fixes or APARs as soon as they become available: ftp://aix.software.ibm.com/aix/efixes/security/svprint_ifix.tar.Z ftp://aix.software.ibm.com/aix/efixes/security/swcons_ifix.tar.Z ftp://aix.software.ibm.com/aix/efixes/security/xlplm_ifix.tar.Z ftp://aix.software.ibm.com/aix/efixes/security/invscout_ifix.tar.Z AIX 5.2.0: APAR IY94739 APAR IY91132 APAR IZ02717 APAR IY98819 APAR IY97215 APAR IZ00997 APAR IY98506 AIX 5.3.0: APAR IY94761 APAR IY97233/IY97336 APAR IY91145 APAR IY97309 APAR IZ02718 APAR IY98804/IY98532 APAR IY95852/IY95935 APAR IZ00997 APAR IY98506 APAR IZ02810/IZ03045 Provided and/or discovered by: Reported by the vendor. Changelog: 2007-09-06: Updated advisory based on additional information from IBM. Added vulnerability #3 and additional link. 2007-09-11: Added CVE reference. 2007-12-12: Updated APAR list in "Solution" section. 2008-01-24: Updated "Solution" section (APAR IY98506/IZ00997 available). Original Advisory: IBM: ftp://aix.software.ibm.com/aix/efixes/security/README http://www-1.ibm.com/support/docview.wss?uid=isg1IY94739 http://www-1.ibm.com/support/docview.wss?uid=isg1IY94761 http://www-1.ibm.com/support/docview.wss?uid=isg1IY97233 http://www-1.ibm.com/support/docview.wss?uid=isg1IY91132 http://www-1.ibm.com/support/docview.wss?uid=isg1IY91145 http://www-1.ibm.com/support/docview.wss?uid=isg1IY97309 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ02717 http://www-1.ibm.com/support/docview.wss?uid=isg1IZ02718 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98819 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98804 http://www-1.ibm.com/support/docview.wss?uid=isg1IY97215 http://www-1.ibm.com/support/docview.wss?uid=isg1IY95852 http://www-1.ibm.com/support/docview.wss?uid=isg1IY98506



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

95 Related Secunia Security Advisories, displaying 10

1. IBM AIX update for OpenSSH

2. IBM AIX ftpd "quote cwd" Full Path Disclosure Weakness

3. IBM AIX Multiple Vulnerabilities

4. IBM AIX Multiple Vulnerabilities

5. IBM AIX "reboot" Buffer Overflow Vulnerability

6. AIX "man" Insecure Program Execution Vulnerability

7. IBM AIX libc "inet_network()" Off-By-One Vulnerability

8. IBM AIX X Server Multiple Vulnerabilities

9. IBM AIX Pegasus CIM Server for Director Vulnerabilities

10. IBM AIX Multiple Vulnerabilities

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Windows Explorer Saved Search Vulnerability

3.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

4.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

5.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

6.	ArticleBeach Script "page" File Inclusion Vulnerability

7.	Joomla Unauthorized Access Vulnerabilities

8.	Poppler "pageWidgets" Uninitialized Memory Access

9.	Joomla Brightcode Weblinks Component "catid" SQL Injection

10.	Facebook Photo Uploader ActiveX Control Property Handling Buffer Overflow