Showing 1 - 1 of 1

Files

iDEFENSE Security Advisory 2009-10-07.1: Posted Oct 8, 2009; Authored by iDefense Labs, Rodrigo Rubira Branco | Site idefense.com; iDefense Security Advisory 10.07.09 - Remote exploitation of a stack based buffer overflow vulnerability in IBM Corp.'s AIX could allow an attacker to execute arbitrary code with the privileges of the affected service. rpc.cmsd, more commonly known as the Calendar Manager Service Daemon, is an RPC application used to manage schedules and calendars. It operates over SUN RPC. The vulnerability is triggered when handling a request for remote procedure 21. This function takes two arguments, both of which are XDR strings. When copying the first argument into a stack based buffer, the code does not properly verify its length. This results in a stack based buffer overflow vulnerability. iDefense has confirmed the existence of this vulnerability in AIX versions 5.3 and 5.2.; tags | advisory, remote, overflow, arbitrary; systems | aix; SHA-256 | e622abe9b0845daaab5cfe3b95d2641f11a23e3387e454d48596ac147be98ab7; Download | Favorite | View

Related Files

AIX RPC.cmsd Remote Buffer Overflow: Posted Feb 3, 2010; Authored by Rodrigo Rubira Branco; AIX RPC.cmsd remote stack buffer overflow proof of concept exploit.; tags | exploit, remote, overflow, proof of concept; systems | aix; SHA-256 | 7c8e41a206c1c2240e87d6853f2c71873a26177a618a781f20802d31ab305649; Download | Favorite | View

Page 1 of 1 Back 1 Next