Overview
There is a buffer overflow in the IBM AIX setsenv command that may allow local attackers to gain root privileges.
Description
The setsenv command is used to set protected state environment variables. There is a buffer overflow in a variable value parameter to the setsenv command on IBM AIX systems. An exploit for this vulnerability is publicly available, and is reported to have been used to compromise systems. |
Impact
An attacker with access to a local user account can execute arbitrary code on the vulnerable system as root. |
Solution
Apply a Patch IBM has released patches to correct this problem. For AIX version 4.2, system adminstrators should apply APAR#IY10721. For AIX version 4.3, system administrators should apply APAR#IY08812. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://www.securityfocus.com/bid/2032
- http://xforce.iss.net/static/5621.php
- http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=DVhuron.boulder.ibm.com+DBAIX+DA114623+STIY10721+USbin
- http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IY10721
- http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=DVhuron.boulder.ibm.com+DBAIX+DA123587+STIY08812+USbin
- http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IY08812
- http://www.rs6000.ibm.com/doc_link/en_US/a_doc_lib/cmds/aixcmds5/setsenv.htm#WPg2f0frit
Acknowledgements
This document was written by Cory F. Cohen.
Other Information
| CVE IDs: | CVE-2000-1119 |
| Severity Metric: | 15.19 |
| Date Public: | 2000-12-01 |
| Date First Published: | 2001-09-28 |
| Date Last Updated: | 2001-09-28 15:37 UTC |
| Document Revision: | 5 |