Efix 641416 for Pegasus 2.5.1 for AIX - Installation Instructions

This efix provides a fix for the Denial of service attack (DOS) and PAM stack buffer overflow security vulnerabilities within Pegasus 2.5.1 for AIX which is a component used by IBM Director Server and IBM Director Agent on AIX.

This efix can also be installed on Virtual I/O Servers.

Software Requirements

AIX 5.2 or 5.3, or VIOS 1.5.1.1-FP-10.1
sysmgt.pegasus.cimserver.rte 2.5.1.20, 2.5.1.21 or 2.5.1.30 (*)

(*) IBM Director 5.20.1 is only supported with 2.5.1.21

Installation Instructions

AIX

Download the file Efix_641416.080123_AIX.tar.gz.
Extract the file:
gzip -cd <path_to_downloaded_files>Efix_641416.080123_AIX.tar.gz | tar -xvf -
This will extract the following files:
- Efix_641416_readme.html - this README file
- 641416.080123.epkg.Z
Stop cimlistener and cimserver:
On an AIX system with IBM Director Agent or Server installed:
/opt/ibm/icc/cimom/bin/stopcimlist
/opt/ibm/icc/cimom/bin/stopcim
On an AIX system without IBM Director Agent or Server installed:
cimlistener -s
cimserver -s
If you had a previous version of efix 641416.071222 installed (included only the DoS fix), uninstall the previous version of the efix:
emgr -r -L 641416
Install the efix:
emgr -e /tmp/641416.080123.epkg.Z
Start cimserver and cimlistener:
On an AIX system with IBM Director Agent or Server installed:
/opt/ibm/icc/cimom/bin/startcim
/opt/ibm/icc/cimom/bin/startcimlist
On an AIX system without IBM Director Agent or Server installed:
cimserver
cimlistener

To remove the efix when installing a later version of the sysmgt.pegasus.cimserver.rte fileset that includes this fix:

	emgr -r -L 641416

VIOS

Download the file Efix_641416.080123_AIX.tar.gz to a system of your choice.
Extract the file:
gzip -cd <path_to_downloaded_files>Efix_641416.080123_AIX.tar.gz | tar -xvf -
This will extract the following files:
- Efix_641416_readme.html - this README file
- 641416.080123.epkg.Z
Copy the file 641416.080123.epkg.Z to the VIOS system into /home/padmin.
Stop cimserver:
stopnetsvc cimserver
Install the efix:
updateios -dev /home/padmin -install
Start cimserver:
startnetsvc cimserver

If the VIOS is upgraded to a newer level, the updateios command will prompt for the efix to be uninstalled.