IBM Information for VU#179804

Common Desktop Environment (CDE) dtlogin XDMCP parser improperly deallocates memory



Vendor Statement

The AIX Security Team is aware of the issues discussed in CERT Vulnerability Note VU#179804.

The following APARs are available to address this issue:

    APAR number for AIX 4.3.3: IY55362 (available)
    APAR number for AIX 5.1.0: IY55361 (available)
    APAR number for AIX 5.2.0: IY55360 (available)
AIX Version 4.3.3 and Version 5 APARs can be downloaded from the eServer pSeries Fix Central web site:
If you would like to receive AIX Security Advisories via email, please visit:

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References



    The CERT/CC has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.