AIX setsenv x= Argument Overflow

2000-12-01T00:00:00
ID OSVDB:1676
Type osvdb
Reporter OSVDB
Modified 2000-12-01T00:00:00

Description

Vulnerability Description

A local overflow exists in IBM AIX. The setsenv command fails to validate the x= parameter resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code as the root user resulting in a loss of confidentiality and/or integrity.

Solution Description

Upgrade AIX using the APAR numbers AIX 4.2: IY10721 and AIX 4.3: IY08812 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in IBM AIX. The setsenv command fails to validate the x= parameter resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code as the root user resulting in a loss of confidentiality and/or integrity.

References:

Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY10721 Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY08812 Vendor Specific Advisory URL Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-11/0434.html Keyword: MSS-OAR-E01-2001:339.2 ISS X-Force ID: 5621 CVE-2000-1119 CERT VU: 886953 Bugtraq ID: 2032