AIX mail/mailx Long Argument Overflow

2002-04-30T00:00:00
ID OSVDB:8005
Type osvdb
Reporter OSVDB
Modified 2002-04-30T00:00:00

Description

Vulnerability Description

A local overflow exists in IBM AIX. The mail/mailx command fails to validate input resulting in a possible buffer overflow. With a specially crafted request, an attacker can cause arbitrary command execution.

The mail/mailx utility is not SUID and thus does not result in privilege escalation nor loss of confidentiality and/or integrity.

Solution Description

Upgrade to version 4.3.3 (APAR IY29516), 5.1.0 (APAR IY28170) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A local overflow exists in IBM AIX. The mail/mailx command fails to validate input resulting in a possible buffer overflow. With a specially crafted request, an attacker can cause arbitrary command execution.

The mail/mailx utility is not SUID and thus does not result in privilege escalation nor loss of confidentiality and/or integrity.

References:

Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY29516 Vendor Specific Solution URL: http://www-1.ibm.com/support/docview.wss?uid=isg1IY28170 Mail List Post: http://archives.neohapsis.com/archives/aix/2002-q2/0005.html Keyword: IY30431 CVE-2002-0743