|
|
IBM AIX Runtime Linker Search Path Vulnerability
Solution: Configuration directives were reportedly included in Portable OpenSSH 3.6.1p2 (when compiled with GCC) to account for problems in the runtime linker. Portable OpenSSH users should upgrade if they are prone to this issue. This issue does not occur if Portable OpenSSH is compiled with the native IBM AIX compiler. IBM-supplied OpenSSH packages will not cause this issue to occur. Users may alternatively install these packages. Darren Tucker has released OpenSSH binaries for IBM AIX. Versions priors to 3.6.1p1-1 may cause this issue. Users are advised can obtain upgrades to versions 3.6.1p1-1 and later at the following location: http://www.zip.com.au/~dtucker/openssh/ However, the issue may still occur with other programs since it is the runtime linker itself that is vulnerable. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>. |
|
Privacy Statement |