SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  OS (UNIX)  >  errpt Vendors:  IBM
(IBM Releases Fix for Re: IBM AIX Operating System 'errpt' Command Buffer Overflow Can Give Root Privileges to Local Users
SecurityTracker Alert ID:  1005535
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 5 2002
Impact:  Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): AIX 4.3.x and 5.1.0
Description:  A buffer overflow vulnerability was reported in the IBM AIX operating system 'errpt' command. A local user could obtain root privileges.

IBM reported that the 'errpt' error reporting command contains a buffer overflow that could allow a local user to execute arbitrary code and spawn a shell with root privileges. No further details were provided.
Impact:  A local user can obtain root privileges on the system.
Solution:  IBM has released the AIX APARs IY31997 (4.3.3) and IY31320 (5.1.0) to replace the previously released temporary efixes, which may be ordered using Electronic Fix Distribution (via the FixDist program):

http://techsupport.services.ibm.com/rs6k/fixes.html
Vendor URL:  techsupport.services.ibm.com/server/aix.uhuic_getrec?args=DVsteamboat.boulder.ibm.com+DBAIX2+DA10136+STIY31997+USbin (Links to External Site)
Cause:  Boundary error
Underlying OS:  UNIX (AIX)
Underlying OS:  UNIX (AIX)

Message History:   This archive entry is a follow-up to the message listed below.
Oct 1 2002 IBM AIX Operating System 'errpt' Command Buffer Overflow Can Give Root Privileges to Local Users


 Source Message Contents
Date:  Sun, 03 Nov 2002 23:19:03 -0500
Subject:  IBM AIX errpt APARs

 

- -----BEGIN PGP SIGNED MESSAGE-----

IBM SECURITY ADVISORY

First Issued: Wed Oct 30 13:40:17 CST 2002

===========================================================================
                          INFORMATIONAL ADVISORY

SUMMARY:          APAR IY31997 is now available.

PLATFORMS:        IBM AIX 4.3.3

SOLUTION:         Apply the APAR listed below.

THREAT:           Malicious user could obtain root privileges.

CERT Advisory:    None

===========================================================================
                          DETAILED INFORMATION

I. APAR Information

The following APAR is now publicly available.

APAR:           IY31997
Vulnerability
Description:    SECURITY: Buffer overflow in errpt


II. Obtaining Fixes

IBM AIX APARs may be ordered using Electronic Fix Distribution (via the
FixDist program), or from the IBM Support Center.  For more information
on FixDist, and to obtain fixes via the Internet, please reference

       http://techsupport.services.ibm.com/rs6k/fixes.html

or send email to "aixserv@austin.ibm.com" with the word "FixDist" in the
"Subject:" line.

AIX APARs may also be downloaded from the web from the following URLs.

For 4.3.3 APARs:
       http://techsupport.services.ibm.com/rs6k/fixdb.html

For 5.1.0 APARs:
       http://techsupport.services.ibm.com/servers/fix.fdc51

To facilitate ease of ordering all security related APARs for each AIX
release, security fixes are periodically bundled into a cumulative APAR.
For more information on these cumulative APARs including last update and
list of individual fixes, send email to "aixserv@austin.ibm.com" with
the word "subscribe Security_APARs" in the "Subject:" line.


III.  Contact Information

Comments regarding the content of this announcement can be directed to:

  security-alert@austin.ibm.com

To request the PGP public key that can be used to encrypt new AIX
security vulnerabilities, send email to security-alert@austin.ibm.com
with a subject of "get key".

If you would like to subscribe to the AIX security newsletter, send a
note to aixserv@austin.ibm.com with a subject of "subscribe Security".
To cancel your subscription, use a subject of "unsubscribe Security".
To see a list of other available subscriptions, use a subject of
"help".

IBM and AIX are a registered trademark of International Business
Machines Corporation.  All other trademarks are property of their
respective holders.





- -----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQCVAwUBPcBPIwsPbaL1YgqvAQH8RwQAv1KGJieyo3divsEB33lJDbY7AqHgcPaT
ZHNZjHPk3OXVsNwr5UcHwfNIvJdFWIwibDmwjQoJyInSbha/myq3dLa7019uTA8f
JgEqOgYv1xHE+XB/1VPdMt+HV2RkZ7zE9cnaBWEXDQXa4e6TNsTP4jJttOROkqw6
6id8ssKTMuE=
=rb5v
- -----END PGP SIGNATURE-----


- -----BEGIN PGP SIGNED MESSAGE-----

IBM SECURITY ADVISORY

First Issued: Wed Oct 30 13:40:17 CST 2002

===========================================================================
                          INFORMATIONAL ADVISORY

SUMMARY:          APAR IY31320 is now available.

PLATFORMS:        IBM AIX 5.1.0

SOLUTION:         Apply the APAR listed below.

THREAT:           Malicious user could obtain root privileges.

CERT Advisory:    None

===========================================================================
                          DETAILED INFORMATION

I. APAR Information

The following APAR is now publicly available.

APAR:           IY31320
Vulnerability
Description:    SECUIRTY: Buffer overflow in errpt


II. Obtaining Fixes

IBM AIX APARs may be ordered using Electronic Fix Distribution (via the
FixDist program), or from the IBM Support Center.  For more information
on FixDist, and to obtain fixes via the Internet, please reference

       http://techsupport.services.ibm.com/rs6k/fixes.html

or send email to "aixserv@austin.ibm.com" with the word "FixDist" in the
"Subject:" line.

AIX APARs may also be downloaded from the web from the following URLs.

For 4.3.3 APARs:
       http://techsupport.services.ibm.com/rs6k/fixdb.html

For 5.1.0 APARs:
       http://techsupport.services.ibm.com/servers/fix.fdc51

To facilitate ease of ordering all security related APARs for each AIX
release, security fixes are periodically bundled into a cumulative APAR.
For more information on these cumulative APARs including last update and
list of individual fixes, send email to "aixserv@austin.ibm.com" with
the word "subscribe Security_APARs" in the "Subject:" line.


III.  Contact Information

Comments regarding the content of this announcement can be directed to:

  security-alert@austin.ibm.com

To request the PGP public key that can be used to encrypt new AIX
security vulnerabilities, send email to security-alert@austin.ibm.com
with a subject of "get key".

If you would like to subscribe to the AIX security newsletter, send a
note to aixserv@austin.ibm.com with a subject of "subscribe Security".
To cancel your subscription, use a subject of "unsubscribe Security".
To see a list of other available subscriptions, use a subject of
"help".

IBM and AIX are a registered trademark of International Business
Machines Corporation.  All other trademarks are property of their
respective holders.





- -----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQCVAwUBPcBOHgsPbaL1YgqvAQFLrQP+JpN9jB0eMlzR5ot64IPqAANwc3X7Q55g
g4KlZgl2gOjO7yfXQyJGb1LZCKwook45bF5OXZCOkRbBJF2/BAvAwyP7sWM5JOAe
1uys1FKs1/LSJwFlq/LPBnAo8w1/aVL/EC5aUiaZDmdJw+pvIzeG5oWmkL77DcGl
AgCYBtSMrU4=
=tzkX
- -----END PGP SIGNATURE-----


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2002, SecurityGlobal.net LLC