AIX frcactrl Insecure File Handling Vulnerability

Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

A suitable work around is to remove the setuid bit from the frcactrl program, and unload the FRCA kernel module:
# /usr/sbin/frcactrl unload ; /usr/sbin/slibclean
# chmod 555 /usr/sbin/frcactrl


IBM AIX 4.3

IBM AIX 4.3.1

IBM AIX 4.3.2


 

Privacy Statement
Copyright 2010, SecurityFocus