Full Disclosure mailing list archives

Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability

From: Keith Stevenson <keith.stevenson () louisville edu>
Date: Thu, 2 Oct 2003 17:02:32 -0400

On Thu, Oct 02, 2003 at 12:56:18PM -0700, Sherri Emerson wrote:

 Hey yall! Although I've followed it for years, this
is my frist time posting to the list, so bear please
with me if I start to ramble or don't follow protocol.

 My friend sent this to me and I don't know where she
got it, but I run AIX 5.2 and would love to know more
about this. Has anyone heard anything? It says IBM
disclosed the info, but I can't find usable stuff
anywhere.


Not only is it official, there is an APAR available from IBM to address the
issue:

AIX 4.3.3 - Not vulnerable
AIX 5.1   - APAR IY46273
AIX 5.2   - APAR IY46024

APARs are available from: https://techsupport.services.ibm.com/server/aix.fdc

IBM's analysis states that the impact is limited to denial of service
attacks against applications that use the getipnodebyname() call.

Regards,
--Keith Stevenson--

-- 
Keith Stevenson
System Programmer - Data Center Services - University of Louisville
keith.stevenson () louisville edu
GPG key fingerprint =  332D 97F0 6321 F00F 8EE7  2D44 00D8 F384 75BB 89AE

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Sherri Emerson (Oct 02)
- Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Keith Stevenson (Oct 02)
- <Possible follow-ups>
- Re: FW: IBM AIX GetIPNodeByName API Socket Management Vulnerability Shiva Persaud (Oct 02)