[VIM] slew of AIX APARs of interest
security curmudgeon
jericho at attrition.org
Tue Mar 25 07:04:00 UTC 2008
While frolicking through the IBM APAR slag, I ran across a lot of entries
that may be vulnerabilities and worthy of inclusion in VDBs. Due to the
details being a bit vague, i'm not entirely sure which are
vulnerabilities, which can be abused from user land privileges, etc. So,
here they are for consideration and discussion. I'm including the URL,
date reported and OSVDB-ish titles.
IBM AIX NIS User Password Expiration Telnet Bypass
2007-03-07
http://www-1.ibm.com/support/docview.wss?uid=isg1IY95721
IBM AIX tcp_tcpsecure
2007-03-10
http://www-1.ibm.com/support/docview.wss?uid=isg1IY95881
IBM AIX sisraidmgr / sissasraidmgr Local Overflow
2007-03-16
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96184
IBM AIX lsvirprt Local Overflow
2007-03-20
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96274
IBM AIX isakmpd INITIAL_CONTACT Message Remote DoS
2007-03-29
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96709
IBM AIX bos.net.tcp.server
2007-04-09
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97150
IBM AIX bos.net.nfs.client
2007-04-01
http://www-1.ibm.com/support/docview.wss?uid=isg1IY96834
IBM AIX WLM Class kprocs Association Persistence
2007-04-13
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97359
IBM AIX WLM Class rset Update kprocs Race Condition
2007-04-13
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97360
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97251
IBM AIX devices.common.IBM.ib.rte
2007-04-20
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97679
IBM AIX J2 Log Sync List Corruption
2007-04-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97708
IBM AIX Lock Instrumentation DoS
2007-04-24
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97812
More information about the VIM
mailing list