[VIM] slew of AIX APARs of interest (batch 4)
security curmudgeon
jericho at attrition.org
Tue Mar 25 09:21:36 UTC 2008
While frolicking through the IBM APAR slag, I ran across a lot of entries
that may be vulnerabilities and worthy of inclusion in VDBs. Due to the
details being a bit vague, i'm not entirely sure which are
vulnerabilities, which can be abused from user land privileges, etc. So,
here they are for consideration and discussion. I'm including the URL,
date reported and OSVDB-ish titles.
IBM AIX LDAP Username Echo
2007-06-09
http://www-1.ibm.com/support/docview.wss?uid=isg1IY99820
IBM AIX devices.chrp.IBM.lhea.rte Kernel Timer
2007-06-15
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00207
IBM AIX NAMEDSHLIB Export
2007-06-19
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00435
http://www-1.ibm.com/support/docview.wss?uid=isg1IY97325
IBM AIX bos.net.nfs.client Recursive Referral DoS
2007-06-20
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00508
IBM AIX ktimer_delete Double-free
2007-06-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00541
IBM AIX bos.rte.tty TTY Debug CDT Reallocation
2007-06-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00544
IBM AIX devices.pci.14108c00.rte
2007-06-25
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00682
IBM AIX chpasswd non-DES Hashing
2007-06-26
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ00748
More information about the VIM
mailing list