[VIM] slew of AIX APARs of interest (batch 7)

security curmudgeon jericho at attrition.org
Tue Mar 25 19:15:20 UTC 2008



While frolicking through the IBM APAR slag, I ran across a lot of entries 
that may be vulnerabilities and worthy of inclusion in VDBs. Due to the 
details being a bit vague, i'm not entirely sure which are 
vulnerabilities, which can be abused from user land privileges, etc. So, 
here they are for consideration and discussion. I'm including the URL, 
date reported and OSVDB-ish titles.

IBM AIX bos.acct Accounting Schema Reversion
2007-09-09
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04507

IBM AIX bos.net.tcp.client ICMP ECHO Cross-session Disclosure ?
2007-09-10
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04519

IBM AIX bos.net.ipsec.keymgt isakmpd Phase 2 SA Fail Message DoS
2007-09-14
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04955

IBM AIX WLM Class Addition
2007-09-15
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04960

IBM AIX rmmap Segment Handling
2007-09-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05214
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01575
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04749

IBM AIX audit_write Function
2007-09-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05218
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05850
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04149

IBM AIX abend_trap
2007-09-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05223
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ04989

IBM AIX _passwdentry_auto Memory Corruption
2007-09-21
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05231
http://www-1.ibm.com/support/docview.wss?uid=isg1IZ05260



More information about the VIM mailing list