IBM AIX vulnerable to DoS

Overview

A denial-of-service vulnerability in AIX may allow a remote attacker to consume 100% of the CPU.

Description

AIX is a UNIX operating system distributed by IBM. A vulnerability in AIX 4.3.3 may allow a remote attacker to cause a denial of service. For more information, please see IBM APAR IY31641.

---

Impact

A remote attacker may be able to consume 100% of the CPU, resulting in a denial of service.

---

Solution

Apply a patch.

---

Vendor Information

102345

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

IBM __ Affected

Updated: June 11, 2003

Status

Affected

Vendor Statement

See http://www-1.ibm.com/support/docview.wss?rs=0&q=IY31641&uid=isg1IY31641&loc=en_US&cs=utf-8&cc=us&lang=en.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23102345 Feedback>).

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://www-1.ibm.com/servers/aix/&gt;
• <http://www-1.ibm.com/servers/aix/overview/index.html&gt;
• http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IY31641
• http://www-1.ibm.com/support/docview.wss?rs=0&q=IY31641&uid=isg1IY31641&loc=en_US&cs=utf-8&cc=us&lang=en

Acknowledgements

This vulnerability was discovered by Mauro Flores and Guillermo Freire .

This document was written by Ian A Finlay.

Other Information

CVE IDs:	CVE-2002-1201
Severity Metric:	9.00 Date Public: