CVE-2010-1124

Name of the Vulnerable Software and Affected Versions bos.rte.libc version 5.3.9.4 on IBM AIX 5.3

Description The issue is related to the improper support of reading a certain address field after a successful getaddrinfo function call. This can be exploited by context-dependent attackers to cause a denial of service, resulting in an application crash. The problem has been demonstrated by crashes in IBM DB2 on systems with databases cataloged with alternate servers using IP addresses.

Recommendations For bos.rte.libc version 5.3.9.4 on IBM AIX 5.3, consider applying configuration changes to handle address fields properly after getaddrinfo function calls to prevent application crashes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.