iDefense Security Advisory 01.23.08 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s AIX operating system 'pioout' program allows attackers to execute arbitrary code with root privileges. The vulnerability exists due to insufficient input validation when copying user-supplied data to a fixed-size buffer. By passing a long string as a command line option, an attacker can cause an exploitable buffer overflow. iDefense has confirmed the existence of this vulnerability in version 5.2 and 5.3 of AIX with all patches applied as of November 29th, 2007. Previous versions are suspected to be affected.
0c544c96e82318461295adc559d908532902371421d53ecc023219ebd696ae0b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed