1. IBM AIX Multiple Device Management Utilities Local Format String Vulnerability
(a) IBM AIX chdev format string Vulnerability
(
CAN-2005-0240
)
2. Buffer Overflow Vulnerability in IBM AIX
(a) IBM AIX ipl_vayon Buffer Overflow Vulnerability
(
CAN-2005-0262
)
The vendor recommends setting the mode bits to "500" on the affected utility.Restrict membership to the audit group to trusted users.
IBM provudes following fixes:
http://www-1.ibm.com/support/docview.wss?uid=isg1IY67455
http://www-1.ibm.com/support/docview.wss?uid=isg1IY67519
The information provided herein is on "as is" basis, without warranty of any kind.