• info
• discussion
• exploit
• solution
• references

IBM AIX FTP Ephemeral Port Exhaustion Denial Of Service Vulnerability

Solution:
IBM has released interim fixes to address vulnerability. APARs are pending release. Please refer to the IBM advisory for further details.

IBM has updated their advisory stating APARs are now available. Please see the referenced advisory for more information.


IBM AIX 5.1

• IBM IY73498
  http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html


• IBM ftpd_ifix.tar.Z
  ftp://aix.software.ibm.com/aix/efixes/security/ftpd_ifix.tar.Z

IBM AIX 5.2

• IBM IY72942
  http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html


• IBM ftpd_ifix.tar.Z
  ftp://aix.software.ibm.com/aix/efixes/security/ftpd_ifix.tar.Z

IBM AIX 5.3

• IBM IY73497
  http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html


• IBM ftpd_ifix.tar.Z
  ftp://aix.software.ibm.com/aix/efixes/security/ftpd_ifix.tar.Z