Описание
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-3699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53681
- https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz
- http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825
- http://secunia.com/advisories/36978
- http://securitytracker.com/id?1022996
- http://www.ibm.com/support/docview.wss?uid=isg1IZ61628
- http://www.ibm.com/support/docview.wss?uid=isg1IZ61717
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62123
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62237
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62569
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62570
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62571
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62572
- http://www.ibm.com/support/docview.wss?uid=isg1IZ62672
- http://www.osvdb.org/58726
- http://www.securityfocus.com/bid/36615
- http://www.vupen.com/english/advisories/2009/2846
Связанные уязвимости
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.