AIX rcp Local Privilege Escalation

2003-11-14T00:00:00
ID OSVDB:2852
Type osvdb
Reporter OSVDB
Modified 2003-11-14T00:00:00

Description

Vulnerability Description

An unspecified local boundary error exists in AIX rcp. With a specially crafted request, an attacker can cause an elevation of privileges resulting in a loss of confidentiality, integrity, and/or availability.

Technical Description

IBM Official Patches:

AIX 4.3.3: IY48272 AIX 5.1.0: IY48747 AIX 5.2.0: IY49238

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.

Short Description

An unspecified local boundary error exists in AIX rcp. With a specially crafted request, an attacker can cause an elevation of privileges resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor Specific Solution URL: https://techsupport.services.ibm.com/server/aix.fdc Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:10276 ISS X-Force ID: 13802 Generic Informational URL: http://www.securitytracker.com/alerts/2003/Nov/1008258.html CVE-2003-0954 Bugtraq ID: 9078