-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This directory contains interim fixes (ifixes) for AIX security vulnerabilities. Last update: Wed Sep 3 10:39:27 CDT 2008 To extract the files from a compressed tar (.tar.Z) archive, use the command: zcat filename | tar -xvf- where "filename" is the file downloaded from the following list. To extract the files from a tar (.tar) archive, use the command: tar -xvf filename where "filename" is the file downloaded from the following list. The README file, or the Advisory copy, extracted from the archive contains installation instructions. The ifix binaries are hashed with the MD5 and SHA1 cryptographic hash algorithms as a security precaution. The Advisory or README file that comes with the ifixes contains these hash sums. Customers may wish to use MD5 or SHA1 to verify the hash of the binaries against that given in the Advisory. To verify the sums, use the text of the Advisory as input to csum, md5sum, or sha1sum. For example: csum -h SHA1 -i Advisory.asc md5sum -c Advisory.asc sha1sum -c Advisory.asc The ifix binaries are PGP-signed by the AIX Security Response Team. Detached PGP signatures (.asc and .sig) can be verified using the AIX Security PGP key. This key is available by sending e-mail to: security-alert@austin.ibm.com, with a subject of "get key". PGP is available in commercial and noncommercial versions. It can be obtained from any of a variety of download sites, or purchased as a CD package. The Team can also be contacted to verify the MD5 or SHA1 hash signature, as a good doublecheck of the authenticity of the ifix. If you would like to receive AIX Security Advisories via email, please visit: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd Questions related to the content of these files may be directed to the AIX Security Team or to your local IBM support center. Filename Description =============================================================================== ftpd2_ifix.tar.Z Password disclosure and denial of service vulnerability in ftpd. AIX 5.2.0: IY91787 (available) AIX 5.3.0: IY89168 (available) pop3d_ifix.tar.Z Authentication vulnerability. AIX 5.3.0: IY93084 (available) rcmds_ifix.tar.Z Buffer overflow vulnerability in r-commands. AIX 5.2.0: IY94368 (available) AIX 5.3.0: IY94301 (available) websm_ifix.tar.Z Vulnerability in WebSM may allow a remote attacker to cause a denial of service. AIX 5.2.0: IY95637 (available) AIX 5.3.0: IY95526 (available) binddnssec_ifix.tar.Z Vulnerability in BIND 9 can allow a remote attacker to cause a denial of service. (superseded by bind_fix.tar) AIX 5.2.0: IY98546 (available) AIX 5.3.0: IY98417 (available) libodm_ifix.tar.Z A buffer overflow vulnerability exists in libodm AIX 5.2.0: IZ00531 (available) AIX 5.3.0: IZ01437 (available) atm_ifix.tar.Z AIX arp Buffer Overflow Vulnerability AIX 5.2.0: IZ00521 (available) AIX 5.3.0: IZ00510 (available) capture_ifix.tar.Z AIX capture Terminal Control Sequence Stack Buffer Overflow Vulnerability AIX 5.2.0: IZ01134 (available) AIX 5.3.0: IZ01135 (available) lpd_ifix.tar.Z AIX lpd Buffer Overflow Vulnerability AIX 5.2.0: IY98560 (available) AIX 5.3.0: IY98339 (available) pioinit_ifix.tar.Z AIX pioinit File Replacement Vulnerability AIX 5.2.0: IY79785 (available) AIX 5.3.0: IY79786 (available) cmdcfg_ifix.tar.Z AIX multiple buffer overflow vulnerabilities in configuration commands. AIX 5.2.0: IZ00531 (available) AIX 5.3.0: IZ01433 (available) at_ifix.tar.Z AIX at Command Buffer Overflow Vulnerability. AIX 5.3.0: IZ00139 (available) fileplace_ifix.tar.Z AIX fileplace Command Buffer Overflow Vulnerability. AIX 5.2.0: IZ00154 (available) AIX 5.3.0: IZ00149 (available) bindcrypt_ifix.tar.Z BIND remote DNS cache poisoning (superseded by bind_fix.tar) AIX 5.2.0: IZ02218 (available) AIX 5.3.0: IZ02219 (available) fc_ifix.tar.Z AIX fcstat buffer overflow vulnerability AIX 5.2.0: IY94739 (available) AIX 5.3.0: IY94761 (available) ib_ifix.tar.Z IBM AIX ibstat buffer overflow vulnerability. AIX 5.3.0: IY97233 (available) invscout_ifix.tar.Z AIX inventory scout file deletion vulnerability AIX 5.2.0: IY98506 (available) AIX 5.3.0: IY98506 (available) mkpath_ifix.tar.Z AIX mkpath buffer overflow vulnerability AIX 5.2.0: IY91132 (available) AIX 5.3.0: IY91145 (available) perfstat_ifix.tar.Z AIX Perfstat Kernel Extension Denial of Service Vulnerability AIX 5.3.0: IY97309 (available) svprint_ifix.tar.Z IBM AIX svprint commands buffer overflow vulnerability AIX 5.2.0: IZ02717 (available) AIX 5.3.0: IZ02718 (available) swcons_ifix.tar.Z AIX swcons buffer overflow vulnerability (superseded by swcons_fix.tar) AIX 5.2.0: IY98819 (available) AIX 5.3.0: IY98804 (available) uucp200708_ifix.tar.Z AIX uucp UNIX-to-UNIX Copy Buffer Overflow Vulnerability AIX 5.2.0: IY97215 (available) AIX 5.3.0: IY95852 (available) xlplm_ifix.tar.Z AIX xlplm Buffer Overflow Vulnerability AIX 5.2.0: IZ00997 (available) AIX 5.3.0: IZ00997 (available) bellmail_ifix.tar AIX bellmail buffer overflow vulnerability AIX 5.2: IZ05066 available AIX 5.3: IZ05065 available bind8_ifix.tar AIX BIND 8 remote DNS cache poisoning (superseded by bind_fix.tar) AIX 5.2: IZ05609 available AIX 5.3: IZ05686 available cfgcon_ifix.tar AIX swcons file ownership/permission vulnerability (superseded by swcons_fix.tar) AIX 5.2: IZ03055 available now AIX 5.3: IZ03061 available now crontab_ifix.tar AIX crontab buffer overflow vulnerability AIX 5.2: IZ04832 available dig_ifix.tar AIX dig integer underflow vulnerability AIX 5.2: IZ05017 available ftp_ifix.tar AIX ftp buffer overflow vulnerability AIX 5.2: IZ05487 available AIX 5.3: IZ05488 available lquerypv_ifix.tar AIX lquerypv buffer overflow vulnerability AIX 5.2: IZ05877 available AIX 5.3: IZ05971 available lqueryvg_ifix.tar AIX lqueryvg buffer overflow vulnerability AIX 5.2: IZ05349 available AIX 5.3: IZ05129 available tftp_ifix.tar AIX tftp buffer overflow vulnerability AIX 5.2: IZ03054 available now AIX 5.3: IZ03060 available now xfs_ifix.tar AIX xfs heap vulnerabilities AIX 5.2: IZ06001 available AIX 5.3: IZ06648 available perl_ifix.tar AIX Perl buffer overflow vulnerability 5.2 IZ10220 Now 5.3 through TL06 IZ10244 Now 5.3 TL07 IZ10245 Now 6.1 IZ10245 Now swap_fix.tar AIX swap commands buffer overflow 5.2 IY96095 Available now 5.3 IY96101 Available now websm_linux_fix.tar AIX incorrect file permissions Linux WebSM remote client 5.2.0 None Fixed in 5.2 TL10 5.3.0 IY97257 Available now lvm_ifix.tar AIX Logical Volume Manager buffer overflow 5.2.0 IZ00559 (available now) 5.2.0 IZ10828 (available now) 5.3.0 IY98331 (available now) 5.3.0 IY98340 (available now) 5.3.0 IY99537 (available now) utape_fix.tar AIX utape buffer overflow 5.2.0 IZ06260 Available now 5.3.0 IZ06620 Available now 5.3.7 IZ06488 Available now uspchrp_fix.tar AIX uspchrp buffer overflow 5.2.0 IZ06261 Available now 5.3.0 IZ06621 Available now 5.3.7 IZ06489 Available now ps_ifix.tar AIX ps information leak 5.2.0 IZ11242 Now 5.3.0 IZ12745 Now 5.3.7 IZ11243 Now 6.1.0 IZ11244 Now pioout_ifix.tar AIX pioout buffer overflow 5.2.0 IZ10840 Now 5.3.0 IZ10841 Now 5.3.7 IZ10842 Now 6.1.0 IZ10844 Now pegasus_ifix.tar IBM Pegasus CIM Server for Director on AIX vulnerabilities 5.2, 5.3, 6.1 Now X_ifix.tar AIX X server multiple vulnerabilities 5.2.0 IZ13652 Now 5.3.0 IZ13653 Now 5.3.7 IZ13654 Now 6.1.0 IZ13655 Now libc_ifix.tar AIX libc inet_network buffer overflow 5.2.0 IZ15564 Now 5.3.0 IZ15567 Now 5.3.7 IZ15566 Now 6.1.0 IZ15565 Now kernel_fix.tar AIX kernel multiple security vulnerabilities 5.2.0 IZ16992 Now 5.3.0 IZ17111 Now 5.3.7 IZ11820 Now 6.1.0 IZ12794 Now lsmcode_fix.tar AIX lsmcode environment variable error 5.2.0 IZ15276 Now 5.3.0 IZ15100 Now 5.3.7 IZ15057 Now 6.1.0 IZ15277 Now nddstat_fix.tar AIX nddstat family environment variable error 5.2.0 IZ16991 Now 5.3.0 IZ17058 Now 5.3.7 IZ17059 Now 6.1.0 IZ16975 Now reboot_fix.tar AIX reboot buffer overflow 5.2.0 IZ15479 Now 5.3.0 IZ15480 Now unix_fix.tar AIX unix kernel buffer overflow 5.2.0 IZ19911 Now 5.3.0 IZ22368 6/20/2008 5.3.7 IZ22369 6/20/2008 5.3.8 IZ21481 6/20/2008 6.1.0 IZ22370 6/20/2008 errpt_fix.tar AIX errpt buffer overflow 5.2.0 IZ19905 Now 5.3.0 IZ22346 6/20/2008 5.3.7 IZ22347 6/20/2008 5.3.8 IZ21494 6/20/2008 6.1.0 IZ22348 6/20/2008 ftpd_fix.tar AIX anonymous ftpd information leak 5.2.0 IZ18670 6/20/2008 5.3.0 IZ22357 6/20/2008 5.3.7 IZ22358 6/20/2008 5.3.8 IZ21529 6/20/2008 6.1.0 IZ22356 6/20/2008 iostat_fix.tar AIX iostat environment variable error 5.2.0 IZ20635 Now 5.3.0 IZ22350 6/20/2008 5.3.7 IZ22351 6/20/2008 5.3.8 IZ21506 6/20/2008 6.1.0 IZ22349 6/20/2008 ssh_advisory.asc AIX OpenSSH multiple vulnerabilities SSH AIX 5.2: http://downloads.sourceforge.net/openssh-aix/openssh-4.7_5201.tar.Z SSH AIX 5.3: http://downloads.sourceforge.net/openssh-aix/openssh-4.7_5301.tar.Z SSH AIX 6.1: http://downloads.sourceforge.net/openssh-aix/openssh-4.7_5301aix61.tar.Z bind_fix.tar AIX named DNS Cache Poisoning Vulnerability 5.2.0 IZ26667 8/27/2008 5.3.0 IZ26668 8/20/2008 5.3.7 IZ26669 8/20/2008 5.3.8 IZ26670 8/20/2008 6.1.0 IZ26671 8/20/2008 6.1.1 IZ26672 8/20/2008 swcons_fix.tar AIX swcons file ownership/permission vulnerability 5.2.0 IZ18335 Now 5.3.0 IZ18339 10/29/2008 5.3.7 IZ18338 10/29/2008 5.3.8 IZ18334 10/29/2008 6.1.0 IZ18341 11/19/2008 6.1.1 IZ28943 11/19/2008 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (AIX) iD8DBQFIvrGvP9Qud62m600RAtENAKCEqMkSncvVBJk7jD9uiBO33N5ttQCgpQDs X/9pLd34Gv44+gaiTOOIVkc= =9+w5 -----END PGP SIGNATURE-----