AIX setclock Buffer Overflow Vulnerability

AIX is a variant of the UNIX Operating System, distributed by IBM. A problem exists which could allow local users to gain elevation of priviledges.

The problem occurs in the setclock binary. Due to a buffer overflow in the main() function of the program caused by input handling, it is possible to overwrite pointers to the stack and potentially other variables. This creates an opportunity for a malicious user to gain elevated priviledges, and potentially administrative access.


 

Privacy Statement
Copyright 2010, SecurityFocus