There is a buffer overflow in nslookup that will allow local attackers to gain root privileges on vulnerable AIX systems.
The nslookup command contains a buffer overflow in the hostname to lookup, allowing local attackers to gain root privileges. The vendor (IBM) has reported publicly that this buffer overflow has been exploited by intruders to gain privileges.
Intruders with access to a local account may be able to gain root privileges on the vulnerable system.
Apply a Patch
This document was written by Cory F. Cohen.
|Date First Published:||2001-09-26|
|Date Last Updated:||2001-09-26 18:04 UTC|