Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects a buffer overflow in AIX's libc allowing root access.Additional Information
A remote buffer overflow vulnerability in AIX's ftpd allows remote users to obtain root access.Affected
- IBM AIX 4.3, 4.3.1, 4.3.2
Response
A temporary fix is available via anonymous ftp from:ftp://aix.software.ibm.com/aix/efixes/security/ftpd.tar.Z
Filename sum md5 ============================================
ftpd 02584 147 4577818c9c95b47ffc915ab750f36bd3
This temporary fix has not been fully regression tested. Use the following steps (as root) to install the temporary fix:
1. Uncompress and extract the fix.
# uncompress < ftpd.tar.Z | tar xf -
# cd ftpd
2. Replace the vulnerable ftpd.
# mv /usr/sbin/ftpd /usr/sbin/ftpd.before_security_fix
# chown root.system /usr/sbin/ftpd.before_security_fix
# chmod 0 /usr/sbin/ftpd.before_security_fix
# cp ./ftpd /usr/sbin/ftpd
# chown root.system /usr/sbin/ftpd
# chmod 4554 /usr/sbin/ftpd
Official fix
IBM is working on the following fixes which will be available soon.
AIX 4.2.x and earlier: not vulnerable
AIX 4.3.x: IY04477
IBM AIX 4.3:
IBM Hotfix libc_43Sgold_efixes
IBM Hotfix locale_format_efix
IBM Hotfix (contains fixes for AIX 4.3.x and 5.1) diagrpt_efix.tar.Z
IBM Hotfix AIX 4.3.x and 5.1 temporary fix telnetd_efix
IBM Hotfix tooltalk_efix.tar.Z
IBM Patch CDE_libDtSvc_efix.tar.Z
IBM Hotfix tsmlogin_efix.tar.Z
IBM Patch bos.rte.loc.4.3.3.75.
IBM Upgrade sendmail_2_efix.tar.Z
IBM AIX 4.3.2:
IBM Hotfix libc_43Sgold_efixes
IBM Hotfix locale_format_efix
IBM Hotfix (contains fixes for AIX 4.3.x and 5.1) diagrpt_efix.tar.Z
IBM Hotfix AIX 4.3.x and 5.1 temporary fix telnetd_efix
IBM Hotfix tooltalk_efix.tar.Z
IBM Patch CDE_libDtSvc_efix.tar.Z
IBM Hotfix tsmlogin_efix.tar.Z
IBM Upgrade sendmail_2_efix.tar.Z
IBM AIX 4.3.1:
IBM Hotfix libc_43Sgold_efixes
IBM Hotfix locale_format_efix
IBM Hotfix (contains fixes for AIX 4.3.x and 5.1) diagrpt_efix.tar.Z
IBM Hotfix AIX 4.3.x and 5.1 temporary fix telnetd_efix
IBM Hotfix tooltalk_efix.tar.Z
IBM Patch CDE_libDtSvc_efix.tar.Z
IBM Hotfix tsmlogin_efix.tar.Z
IBM Upgrade sendmail_2_efix.tar.Z