AIX lpd Local Privilege Escalation

2003-09-19T09:53:46
ID OSVDB:2167
Type osvdb
Reporter OSVDB
Modified 2003-09-19T09:53:46

Description

Vulnerability Description

A local overflow exists in IBM AIX. The lpd program when running with debug enabled fails to validate input resulting in a possible format string exploit. With a specially crafted request, an attacker can cause execution of code resulting in a loss of confidentiality and/or integrity.

Solution Description

Upgrade AIX using the APAR numbers AIX 4.3: IY45250, AIX 5.1: IY46256 and AIX 5.2: IY45344 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in IBM AIX. The lpd program when running with debug enabled fails to validate input resulting in a possible format string exploit. With a specially crafted request, an attacker can cause execution of code resulting in a loss of confidentiality and/or integrity.

References:

Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY46256 Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY45344 Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY45250 Vendor Specific Advisory URL Secunia Advisory ID:9788 Other Advisory URL: http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=26054 ISS X-Force ID: 13241 CVE-2003-0697 Bugtraq ID: 8646