PT-2007-4926 · Ibm · Ibm Aix+1
Publicado
2007-07-11
·
Atualizado
2017-07-29
·
CVE-2007-3680
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM AIX versions 5.2.0 through 5.3.0
Description
The issue is related to a stack-based buffer overflow in the
odm searchpath function within the libodm library. This allows local users to execute arbitrary code by manipulating the ODMPATH environment variable, specifically by making it excessively long.Recommendations
For IBM AIX versions 5.2.0 through 5.3.0, consider restricting access to the
odm searchpath function until a patch is available. As a temporary workaround, limit the length of the ODMPATH environment variable to prevent exploitation.Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Aix
Libodm