Vulnerability Note VU#182777
IBM AIX nslookup buffer overflow in lex routines
There is a problem with the nslookup program related to the handling of long strings.
This problem is reported to be the result of incorrect bounds checking on the part of the lex routines used in nslookup. This vulnerability is mentioned in an IBM advisory as being exploited by attackers.
The impact of this vulnerability is not clear. It may be possible for local attackers to gain root privileges on the vulnerable system.
Apply a Patch
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|IBM||Affected||-||26 Sep 2001|
CVSS Metrics (Learn More)
This document was written by Cory F. Cohen.
- CVE IDs: Unknown
- Date Public: 06 Jul 98
- Date First Published: 26 Sep 2001
- Date Last Updated: 26 Sep 2001
- Severity Metric: 5.91
- Document Revision: 2
If you have feedback, comments, or additional information about this vulnerability, please send us email.