Re: (forw) rsh bufferoverflow on AIX 4.2

[Troy Bollinger <troy () austin ibm com>]

Quoting ymc () iss com tw:
> From: "ox" <ymc () iss com tw>
> To: <bugtraq () securityfocus com>
> Subject: rsh bufferoverflow on AIX 4.2 
> Date: Tue, 12 Jun 2001 11:40:20 +0800
> Message-ID: <NFBBLJDKGKGPELLLMCNEOELICAAA.ymc () iss com tw>
> X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
>
> Hello bugtraq, 
>
> I am sorry if the problem had been found before, that is
> bufferoverflow what I found  both /usr/bin/rsh and
> /usr/lpp/ssp/rcmd/bin/rsh. 

Hi,
Based on the gdb session you've gave, it appears that this is the same
vulnerability as reported to bugtraq back in 1996.  It can be fixed by
applying one of the following APARs:

   Abstract:  buffer overflow in gethostbyname()
   3.2 APAR:  IX60927
   4.1 APAR:  IX61019
   4.2 APAR:  IX62144

If you have further questions regarding this vulnerability or other AIX
security issues, you can reach the AIX security team at:

   mailto:security-alert () austin ibm com

-- 
Troy Bollinger <troy () austin ibm com>
Network Security Analyst
PGP keyid: 1024/0xB7783129
Troy's opinions are not IBM policy