[VIM] IBM changing significant details?
security curmudgeon
jericho at attrition.org
Sun Apr 30 05:13:12 EDT 2006
At long last..
: On Thu, 23 Mar 2006, security curmudgeon wrote:
:
: > I am 99% sure the APAR said 'mklvcopy'. I created the OSVDB entry within
: > hours of Secunia's entry and couldn't find any more info than they had.
:
: This is one more aspect of the provenance problem: who knew what when,
: and how confident are we that they were right in the first place, and if
: there was an original source, where is it and barring that, how
: confident are we that the original source was interpreted correctly by a
: third party? I don't know if this kind of problem is getting more
: pronounced, or if I'm just getting more sensitive to it now.
http://archives.neohapsis.com/archives/bugtraq/2006-04/0481.html
NSFOCUS SA2006-02 : IBM AIX mklvcopy Local Privilege Escalation Vulnerability
NSFOCUS Security Advisory (SA2006-02)
IBM AIX mklvcopy Local Privilege Escalation Vulnerability
Release Date: 2006-04-24
CVE ID: CVE-2006-1246
The vendor has released Patch APAR IY82739 to fix the vulnerability. The
related
link is:
http://www-1.ibm.com/support/docview.wss?uid=isg1IY82739
--
So the bos.rte.lvm vs mklvcopy issue comes to light. Same thing it appears
=)
More information about the VIM
mailing list