[VIM] AIX APAR conclusion - notes and oddities

security curmudgeon jericho at attrition.org
Tue Mar 25 19:22:17 UTC 2008


Wow, talk about brain melt. The APAR database, as seen by regular 
unauthenticated users is a complete mess and full of confusion. I posted a 
quick blog entry the other day about it:

http://osvdb.org/blog/?p=235

   First it was HP, then it was Sun. Not to be outdone, IBM steps up and
   gives VDBs a headache.

   APAR IZ00988 is sysrouted to APAR IZ01121 and APAR IZ01122.

   Really IBM, the amount of information common to all three pages is
   overwhelming. Do you really need a new APAR number issued for component
   name or level? Cant you just list them all in one APAR and save us time?
   More importantly, do we need three APAR entries that say a security
   issue has been fixed and make us dig up the information?


When all said and done, there are obviously a lot of issues that MAY have 
security implications, but it's hard to tell based on the information 
available. We definitely need an AIX guru or IBM rep to clear them up. I'm 
not holding my breath.

I ran across the following APARs that came back 'Document not found.' The 
changelog I originally saw them in suggests there are security 
implications.

IZ00829 RMUSER COMMAND REMOVED PASSWD STANZA FROM /ETC/SECURITY/PASSWD

IY97793 PASSWDEXPIRED MAY RETURN INCORRECT VALUE IF PASSWD IS CORRUPTED

IY96773 FTPD SECURITY ISSUES IN KRB5 ENVIRONMENT

IY95914 RPC.NISPASSWDD DOES NOT USE -C OPTION IN THE CORRECT MANNER

IY95913 YPPASSWD FAILS FOR NIS USER WITH LONG NAME(>8 CHARACTERS)

And finally, one changelog entry that doesn't jibe with the APAR entry.

http://www-1.ibm.com/support/docview.wss?uid=isg1IY97813

Changelog:
    IY97813 srcmstr crash

APAR:
    IY97813: NEW FUNCTION


More information about the VIM mailing list