Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4217

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2007-4217
Last Modified 07 Mar 2011 09:57:59
Published 05 Nov 2007 11:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4217

Summary

Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.

Vulnerable Systems

Operating System

  • Ibm Aix 5.2

  • Ibm Aix 5.3


References

CONFIRM - http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX53&path=%2F200709%2FSECURITY%2F20070905%2Fdatafile101815

BID - 26260

CONFIRM - ftp://aix.software.ibm.com/aix/efixes/security/ftp_ifix.tar

XF - aix-ftp-domacro-bo(38162)

VUPEN - ADV-2007-3669

AIXAPAR - IZ05488

AIXAPAR - IZ05487

SECTRACK - 1018871

SECUNIA - 27437

IDEFENSE - 20071030 IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability


Last Updated: 27 May 2016 10:45:48