getconf contains a buffer overflow vulnerability that may lead to arbitrary code execution.
IBM AIX contains the
getconf command that provides information about system configuration. An unspecified buffer overflow condition has been identified in
getconf and may lead to arbitrary code execution by local users.
Local, authenticated users may be able to execute arbitrary code.
Apply an update
Vendor| Status| Date Notified| Date Updated
IBM Corporation| | -| 29 Sep 2005
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
Thanks to IBM for reporting this vulnerability.
This document was written by Ken MacInnis.