|
|
AIX ftpd Remote Buffer Overflow
Solution: A temporary fix is available via anonymous ftp from: ftp://aix.software.ibm.com/aix/efixes/security/ftpd.tar.Z Filename sum md5 ============================================ ftpd 02584 147 4577818c9c95b47ffc915ab750f36bd3 This temporary fix has not been fully regression tested. Use the following steps (as root) to install the temporary fix: 1. Uncompress and extract the fix. # uncompress < ftpd.tar.Z | tar xf - # cd ftpd 2. Replace the vulnerable ftpd. # mv /usr/sbin/ftpd /usr/sbin/ftpd.before_security_fix # chown root.system /usr/sbin/ftpd.before_security_fix # chmod 0 /usr/sbin/ftpd.before_security_fix # cp ./ftpd /usr/sbin/ftpd # chown root.system /usr/sbin/ftpd # chmod 4554 /usr/sbin/ftpd Official fix IBM is working on the following fixes which will be available soon. AIX 4.2.x and earlier: not vulnerable AIX 4.3.x: IY04477 |
|
Privacy Statement |