Full Disclosure mailing list archives
Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability
From: Shiva Persaud <shivapd () us ibm com>
Date: Thu, 2 Oct 2003 15:47:40 -0500
From the IBM AIX advisory:
A. Official Fix IBM provides the following fixes: APAR number for AIX 5.1.0: IY46273 (available) AIX 5.2.0: IY46024 (available) Shiva Persaud AIX Security Developer shivapd () us ibm com |---------+--------------------------------------> | | Sherri Emerson | | | <semerson1978 () yahoo com> | | | Sent by: | | | full-disclosure-admin@lists| | | .netsys.com | | | | | | | | | 10/02/2003 02:56 PM | | | | |---------+-------------------------------------->
------------------------------------------------------------------------------------------------------------------------------|
| | | To: full-disclosure () lists netsys com | | cc: | | Subject: [Full-disclosure] FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability | | |
------------------------------------------------------------------------------------------------------------------------------|
Hey yall! Although I've followed it for years, this is my frist time posting to the list, so bear please with me if I start to ramble or don't follow protocol. My friend sent this to me and I don't know where she got it, but I run AIX 5.2 and would love to know more about this. Has anyone heard anything? It says IBM disclosed the info, but I can't find usable stuff anywhere. Thanks! -Sherri --- Crystal Mensy <crystal082k4 () yahoo com> wrote:
Date: 01 Oct 2003 07:47:12 -0700 (PDT) From: Crystal Mensy <crytal082k4 () yahoo com> Subject: IBM AIX GetIPNodeByName API Socket
Management Vulnerability
To: Sherri Emerson <semerson1978 () yahoo com> Hey Bebe!! :> I was wondering if this would be handy to ya or not? ----<snip>---- Security Alert Subject: IBM AIX GetIPNodeByName API Socket
Management Vulnerability
BUGTRAQ ID: 8738 CVE ID: CVE-MAP-NOMATCH Published: 2003-10-01 Updated: 2003-10-01 09:45:36
GMT
Vulnerable Systems: IBM AIX 5.2 IBM AIX 5.1 Short Summary: IBM AIX vulnerable to an issue in socket management that may allow an attacker to deny service ot to crash some applications. Impact: It is possible to deny service to legitimate
users of a program on a vulnerable system. Technical Description: AIX is the UNIX operating system distributed and maintained by IBM. A problem has been reported in the socket handling of IBM AIX. Because of this, an attacker may be able to crash an application on a vulnerable system. The problem is in the management of sockets that use the GetIPNodeByName function. Under some circumstances, this function does not properly close sockets during operation. This may allow an attacker
to open a large amount of sockets in services using the function, resulting in a denial of service. Solutions: Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vulndb () securityfocus com <mailto:vulndb () securityfocus com>. Credit: Vulnerability disclosed by IBM. References: web page: AIX Hopepage (IBM) http://www-1.ibm.com/servers/aix/ Change Log: Oct 01, 2003 Initial analysis. __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
__________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Sherri Emerson (Oct 02)
- Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Keith Stevenson (Oct 02)
- <Possible follow-ups>
- Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Shiva Persaud (Oct 02)