Quoting aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (axon2017at_private): > I just found this out yesterday, and I don't think it's been in the > postings before, but on AIX (I tested this on 4.2) if one's gecos field > is set to more than 99 characters, Finger starts acting really strange. This is fixed with the following APARs: Abstract: "HOT: CERT: possible buffer overflow in finger daemon" 4.1.x APAR: IX67317 4.2.x APAR: IX67318 4.3.x APAR: not vulnerable IBM AIX APARs may be ordered using Electronic Fix Distribution (via the FixDist program), or from the IBM Support Center. For more information on FixDist, and to obtain fixes via the Internet, please reference http://aix.software.ibm.com/support/rs6000 or send email to "aixservat_private" with the word "FixDist" in the "Subject:" line. To facilitate ease of ordering all security related APARs for each AIX release, security fixes are periodically bundled into a cumulative APAR. For more information on these cumulative APARs including last update and list of individual fixes, send email to "aixservat_private" with the word "subscribe Security_APARs" in the "Subject:" line. > > .-= axon2017at_private =-. -- Troy Bollinger troyat_private AIX Security Development security-alertat_private PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:20:04 PDT