Published: 30-08-2010
Updated: 23-09-2010
Product:
ibm: aix 1.2.1
ibm: aix 1.3
ibm: aix 2.2.1
ibm: aix 3.1
ibm: aix 3.2
ibm: aix 3.2.0
ibm: aix 3.2.4
ibm: aix 3.2.5
ibm: aix 4
ibm: aix 4.0
ibm: aix 4.1
ibm: aix 4.1.1
ibm: aix 4.1.2
ibm: aix 4.1.3
ibm: aix 4.1.4
ibm: aix 4.1.5
ibm: aix 4.2
ibm: aix 4.2.0
ibm: aix 4.2.1
ibm: aix 4.2.1.12
ibm: aix 4.3
ibm: aix 4.3.0
ibm: aix 4.3.1
ibm: aix 4.3.2
ibm: aix 4.3.3
ibm: aix 430
ibm: aix 5
ibm: aix 5.1
ibm: aix 5.1.0.10
ibm: aix 5.1l
ibm: aix 5.2
ibm: aix 5.2.0
ibm: aix 5.2.0.50
ibm: aix 5.2.0.54
ibm: aix 5.2.2
ibm: aix 5.2_l
ibm: aix 5.3
ibm: aix 5.3.0
Severity: High (10.0)
CVSS vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Potential loss type: Integrity, Confidentiality, Availability
Vulnerability description:
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
Patch available: Yes
References:
CONFIRM: http://aix.software.ibm.com/aix/efixes/security/ftpd_advisory.asc
OSVDB: http://www.osvdb.org/66576
AIXAPAR: http://www.ibm.com/support/docview.wss?uid=isg1IZ83276
AIXAPAR: http://www.ibm.com/support/docview.wss?uid=isg1IZ83275
AIXAPAR: http://www.ibm.com/support/docview.wss?uid=isg1IZ83274
AIXAPAR: http://www.ibm.com/support/docview.wss?uid=isg1IZ83252
EXPLOIT-DB: http://www.exploit-db.com/exploits/14456/
EXPLOIT-DB: http://www.exploit-db.com/exploits/14409/
SECTRACK: http://securitytracker.com/id?1024368
FULLDISC: http://seclists.org/fulldisclosure/2010/Jul/337
FULLDISC: http://seclists.org/fulldisclosure/2010/Jul/324
FULLDISC: http://seclists.org/fulldisclosure/2010/Jul/317
FULLDISC: http://seclists.org/fulldisclosure/2010/Jul/281