Info

Disclosure

Oct 29, 1997

Discovery

Oct 29, 1997

Dates

Exploit

Unknown

Solution

Unknown

Description

IBM AIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user overflows a buffer in its portmir command, typically via assembly language instructions coded in an exploit written in the c programming language. This flaw may lead to a loss of Integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades to correct this issue. It is possible to correct the flaw by implementing the following workaround: disable the setuid bit on the portmir command. #chmod u-s /usr/sbin/portmir

Products

International Business Machines Corporation	AIX	4.2.1
		4.3.3

References

CERT VU: 18500
CVE ID: 1999-0092 (see also: NVD)
Bugtraq ID: 385
ISS X-Force ID: 592
Generic Exploit URL: http://downloads.securityfocus.com/vulnerabilities/exploits/aix_portmir.c
Packet Storm: http://packetstormsecurity.org/0108-exploits/portmir.c
Vendor URL: http://www-1.ibm.com/servers/eserver/support/
http://www-912.ibm.com/eserver/support/fixes/fcgui.jsp
Vendor Specific Solution URL: http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/ERS-SVA-E01-1997.006.1/$file/ERS-SVA-E01-1997_006_1.txt
Mail List Post: http://www.securityfocus.com/archive/1/210200
CIAC Advisory: i-011

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/5801

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

International Business Machines Corporation

AIX

References

Credit