Rapid7 Vulnerability & Exploit Database

AIX 6.1 multiple security vulnerabilities -AIX 6.1

Back to Search

AIX 6.1 multiple security vulnerabilities -AIX 6.1

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
11/26/2008
Created
07/25/2018
Added
09/05/2014
Modified
10/05/2015

Description

There are multiple vulnerabilities in AIX 6.1: a) If the netcd daemon is running, a buffer overflow is created in the setuid root program /usr/sbin/ndp, resulting in privilege escalation. Track with the following APAR numbers: IZ35181 IZ35170 IZ35209. b) There is a buffer overflow in the privileged command /usr/sbin/autoconf6, resulting privilege escaltion if RBAC (role based access control) is in use and a user has the aix.network.config.tcpip authorization.. Track with the following APAR numbers: IZ34753 IZ34393 IZ30231. c) The privileged command /usr/bin/enq can remove any file on the system if a print queue is defined in /etc/qconfig. . Track with the following APAR numbers: IZ34785 IZ34481 IZ33088. d) The privileged command /usr/bin/crontab grants elevated privileges to the editor if a user has the aix.system.config.cron authorization. Track with the following APAR numbers: IZ34783 IZ34478 IZ30248. The following files are vulnerable: /usr/sbin/ndp /usr/sbin/autoconf6 /usr/bin/enq /usr/bin/crontab

Solution(s)

  • aix-6.1-aix61_advisory

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;