Bugtraq mailing list archives
Re: Breaking Finger in AIX 4.2
From: troy () AUSTIN IBM COM (Troy A. Bollinger)
Date: Tue, 20 Oct 1998 18:38:06 -0500
Quoting aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (axon2017 () STUDENTS JOHNCO CC KS US):
I just found this out yesterday, and I don't think it's been in the postings before, but on AIX (I tested this on 4.2) if one's gecos field is set to more than 99 characters, Finger starts acting really strange.
This is fixed with the following APARs: Abstract: "HOT: CERT: possible buffer overflow in finger daemon" 4.1.x APAR: IX67317 4.2.x APAR: IX67318 4.3.x APAR: not vulnerable IBM AIX APARs may be ordered using Electronic Fix Distribution (via the FixDist program), or from the IBM Support Center. For more information on FixDist, and to obtain fixes via the Internet, please reference http://aix.software.ibm.com/support/rs6000 or send email to "aixserv () austin ibm com" with the word "FixDist" in the "Subject:" line. To facilitate ease of ordering all security related APARs for each AIX release, security fixes are periodically bundled into a cumulative APAR. For more information on these cumulative APARs including last update and list of individual fixes, send email to "aixserv () austin ibm com" with the word "subscribe Security_APARs" in the "Subject:" line.
.-= axon2017 () students jccc net =-.
-- Troy Bollinger troy () austin ibm com AIX Security Development security-alert () austin ibm com PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
Current thread:
- Last (hopefully) update on GroupWise, (continued)
- Last (hopefully) update on GroupWise Adrian Voinea (Feb 06)
- /tmp race in mc-4.5.0 Pavel Machek (Oct 12)
- Re: /tmp race in mc-4.5.0 Bennett Todd (Oct 14)
- Re: /tmp race in mc-4.5.0 Marc Heuse (Oct 14)
- [NTSEC] DoS attack in MS - Proxy 2.0 Jason Garms (Oct 15)
- IRIX xterm(1) exploitable buffer overflow SGI Security Coordinator (Oct 15)
- IRIX Xaw library exploitable buffer overflow SGI Security Coordinator (Oct 15)
- Microsoft Security Bulletin (MS98-015) Aleph One (Oct 16)
- HP-UX 10.20 SharedX Receiver Service DoS Security Research Team (Oct 16)
- Breaking Finger in AIX 4.2 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (Oct 20)
- Re: Breaking Finger in AIX 4.2 Troy A. Bollinger (Oct 20)
- Alert: IE 4.0 Security Zone compromise Aleph One (Oct 20)
- /tmp race in mc-4.5.0 Pavel Machek (Oct 12)
- Re: Annoying Solaris/CDE/NIS+ bug Frank Cusack (Oct 13)
- Last (hopefully) update on GroupWise Adrian Voinea (Feb 06)