Vulnerability Note VU#18500

IBM AIX portmir buffer overflow

Original Release date: 26 Sep 2001 | Last revised: 27 Sep 2001

Overview

There is a buffer overflow vulnerability in the AIX portmir command that may allow local attackers to gain root privileges.

Description

There is a buffer overflow in the AIX portmir command. This problem was described in IBM ERS security bulletin: ERS-SVA-E01-1997:006.1.

Impact

Attackers with access to a local user account may gain root privileges.

Solution

Apply a Patch

IBM has released patches to correct this problem. For AIX version 4.2.1, system administrators should apply APAR#IX71795.

Disable the setuid bit on the portmir command

Disabling the setuid bit on the portmir command will prevent this vulnerability from being exploited. ?You can do this by running the following command as root:

    chmod u-s /usr/sbin/portmir

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
IBMAffected-21 Jun 1998
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This document was written by Cory F. Cohen.

Other Information

  • CVE IDs: CAN-1999-0092
  • Date Public: 29 Oct 97
  • Date First Published: 26 Sep 2001
  • Date Last Updated: 27 Sep 2001
  • Severity Metric: 4.31
  • Document Revision: 9

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.