Bugtraq mailing list archives
Re: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX
From: Shiva Persaud <shivapd () us ibm com>
Date: Mon, 17 Feb 2003 18:52:50 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 <1> The aixterm issue is addressed in an efix which can be downloaded from: ftp://ftp.software.ibm.com/aix/efixes/security/libIM_efix.tar.Z. <2> The enq issue was fixed in Feb 2000. The following filesets contain the most current version of enq: For AIX 4.3.3: bos.rte.printers.4.3.3.78 For AIX 5.1.0: bos.rte.printers.5.1.0.25 For AIX 5.2.0: bos.rte.printers.5.2.0.0 To request the PGP public key that can be used to encrypt new AIX security vulnerabilities, send email to security-alert () austin ibm com with a subject of "get key". Shiva Persaud AIX Security Developer shivapd () us ibm com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (AIX) iD8DBQE+UYPXcnMXzUg7txIRAkRNAJsFOHbxbkAc/pqqZFCCr3YK9vy5DACeMmN6 ALLNjBcnTx+VfZIiuPCDzdQ= =ufwJ -----END PGP SIGNATURE----- Shiva Persaud AIX Security Developer Phone: 512-838-1192 shivapd () us ibm com choi sungwoon <monocat2@hanmail To: bugtraq () securityfocus com .net> cc: Subject: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX 02/17/2003 01:00 AM Please respond to Shiva Persaud /* Title: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX Vulnerability found by Esa Etelavoun, iDEFFENSE Author: green(green () wowhacker org), dragory(dragory () wowhacker org) Tested on AIX 4.3.3/RS6000 Reference: lsd-pl.net's exploit Thanks to wowcode & overhead team at Wowhacker(http://www.wowhacker.org) */ I tested BOF in AIX lately. These are exploits of /usr/bin/enq and /usr/bin/X11/aixterm in AIX. (My system language is Korean...)
Current thread:
- /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX choi sungwoon (Feb 17)
- Re: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX Keith Stevenson (Feb 19)
- <Possible follow-ups>
- Re: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX Shiva Persaud (Feb 18)