OSVDB ID: 8004 Title: IBM AIX namerslv Long Argument Local Overflow |
Info |
|
|
Dates |
||||
|
|
Description |
A local overflow exists in IBM AIX. The namerslv command fails to validate input parameters properly resulting in a buffer overflow. With a specially crafted request, an attacker can cause segmentation faults. The namerslv utility is not SUID and does not result in privilege escalation or loss of confidentiality, integrity, or availability. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Integrity, Impact Unknown Exploit: Exploit Unknown Disclosure: OSVDB Verified OSVDB: Myth / Fake |
Solution |
Upgrade to version 4.3.3 (APAR IY29517), 5.1.0 (APAR IY31937) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |