IBM AIX ftp gets() Multiple Buffer Overflow Vulnerabilities
Local exploitation of multiple buffer overflow vulnerabilities in the 'ftp' program, as included with IBM Corp.'s AIX operating system, allow an attacker to execute arbitrary code with root privileges.
These vulnerabilities exist due to several calls to the gets() function. The gets() function is a deprecated C library function used to read data from standard input into a buffer. This function provides no way to specify the maximum size of the buffer being read into, and therefore allows the buffer to be overflowed.
IBM AIX capture Terminal Control Sequence Buffer Overflow Vulnerability
Local exploitation of a stack-based buffer overflow vulnerability in the 'capture' program included with IBM Corp.'s AIX operating system allows an attacker to execute arbitrary code with root privileges.
The vulnerability exists within the code that parses terminal control sequences. A long series of control sequences will trigger an exploitable stack-based buffer overflow.
IBM AIX pioout Arbitrary Library Loading Vulnerability
Local exploitation of an arbitrary library loading vulnerability in the 'pioout' program, as included with IBM Corp.'s AIX operating system, allows an attacker to execute arbitrary code with root privileges.
The vulnerability exists due to the application loading an arbitrary shared library provided by the attacker, without dropping privileges. Using the -R command line argument, an attacker can specify a shared library used to parse data coming from the printer.
留言列表
