This is from IBM. I don't know why they do not post to BUGTRAQ directly. ---------- Forwarded message ---------- Date: Fri, 22 Jun 2001 21:36:28 -0500 From: AIX Service Mail Server <aixservat_private> Subject: Re: Security_APARs This is a list of security related APARs for current releases of AIX. To facilitate ease of ordering all security related APARs for each release can be ordered using the following packaging APARs. AIX 4.3: IY19897 (updated 6/2001) APARs can be ordered using FixDist. For additional information on FixDist send e-mail with a subject of "FixDist" to aixservat_private, or refer to the following URL: http://techsupport.services.ibm.com/rs6k/fixes.html =========================================================================== AIX 4.3 APARs IX72045 CDE LOGIN GIVES INVALID USER NAME MESSAGE BEFORE PW ENTERED IX72553 SECURITY: VULNERABILITY IN I/O SIGNAL HANDLING IX73077 SECURITY: FTP BOUNCE VULNERABILITY IX73214 SECURITY: TELNET DENIAL OF SERVICE ATTACK IX73438 SECURITY: VULNERABILITY IN DTAPPGATHER IX73586 SECURITY HOLE IN FTP, TFTP, UTFTP IX73836 /ETC/HOSTS.EQUIV IS ALLOWING WRONG USERS TO LOG IN IX73951 SECURITY: ROUTED SHOULD IGNORE TRACE PACKETS IX73961 PCNFSD DAEMON UPDATES WTMP FILE INCORRECTLY IX74296 PROGRAMS USING LEX GENERATED SOURCE COREDUMP IX74599 SECURITY: VULNERABILITY IN DIGEST IX74793 SECURITY HOLE IN TN3270 IX74802 CSH CORE DUMPS WHEN ENV VARIABLE IS LONGER THAN 2K IX75275 SECURITY: LOGSYMPTOM FOLLOWS SYMLINKS IX75554 SECURITY: TIMEX CREATES INSECURE TEMPORARY FILES IX75564 ETHERNET DRIVER PASSES PACKETS TOO SMALL CAUSING CRASH IX75566 SECURITY: NON-ROOT USERS CAN CREATE AND BIND TO AF_NDD SOCKETS IX75761 BAD FILE HANDLE CAN CRASH LOCK DAEMON IX75840 SECURITY: DEAD.LETTER CREATED WITH GROUP PRINTQ IX75864 SECURITY: /BIN/MAN CREATES INSECURE TEMPORARY FILES IX76015 NFS V2 DOES HANDLE 65535 AS A UID IX76039 SECURITY: DPID2 CORE DUMPS IN WORLD WRITABLE DIRECTORY IX76040 SECURITY: SNMPD LOG FILE FOLLOWS SYMLINKS IX76049 SECURITY: CDE TRASHINFO FILE CREATED WORLD-WRITABLE IX76960 BIND: CERT ADVISORY CA-98.05 IX76962 BIND: CERT ADVISORY CA-98.05 IX77338 SECURITY: SORT CREATES INSECURE TEMPORARY FILES IX77508 CDE MAILER (DTMAIL) ALLOWS A USER TO READ A MAILBOX WHICH THE IX77592 SECURITY: PORTMAP CREATES INSECURE TEMPORARY FILES IX78071 IFCONFIG.AT HAVE A WRONG FILE PERMISSIONS IX78202 SECURITY: BUFFER OVERFLOWS IN XTERM AND AIXTERM. IX78248 SECURITY: VULNERABILITY IN GROUP SHUTDOWN IX78349 SECURITY: BAD PERMISSIONS ON /ETC/SECURITY/LOGIN.CFG IX78564 SECURITY:LONG FONTNAMES CAN OVERFLOW BUFFERS IN FONTSERVER IX78612 SECURITY: BUFFER OVERFLOWS IN XAW AND XMU. IX78646 SECURITY: RC.NET.SERIAL CREATES INSECURE TEMPORARY FILES IX78719 NFS V2 DOES NOT HANDLE 65535 AS A UID IX78732 SECURITY: FILES IN /VAR/DT ARE CREATED INSECURELY BY CDE LOGIN IX79136 SECURITY: INSECURE TEMPORARY FILES IN DIAGSUP SCRIPTS IX79139 SECURITY: ACLPUT/ACLEDIT CREATE INSECURE TEMPORARY FILES IX79679 "RCP SECURITY PROBLEM" IX79681 SECURITY: INSECURE TEMPORARY FILES IN CMDMISC SCRIPTS IX79682 SECURITY: INSECURE TEMPORARY FILES IN CMDSCCS SCRIPTS IX79683 SECURITY: INSECURE TEMPORARY FILES IN CMDTZ SCRIPTS IX79700 SECURITY: INSECURE TEMPORARY FILES IN CMDNLS SCRIPTS IX79701 SECURITY: INSECURE TEMPORARY FILES IN CMDTEXT SCRIPTS IX79857 SECURITY HOLE IX79909 NSLOOKUP CORE DUMPS WITH LONG STRINGS IX79979 SECURITY: VULNERABILITY IN GROUP SHUTDOWN IX80036 SECURITY: CRON CREATES INSECURE LOCK FILE IX80387 SECURITY: INSECURE CREATION OF LPD LOCK FILE IX80391 SECURITY: INSECURE TEMPORARY FILES IN CMDSNAP SCRIPTS IX80447 SECURITY: BUFFER OVERFLOWS IN IMAPD IX80470 SECURITY: PTRACE() PROBLEM WITH SET-GID PROGRAMS IX80510 SECURITY: DON'T INHERIT CLOSED STDIN,STDOUT,STDERR DESCRIPTORS IX80543 SECURITY:LIBNSL BUFFER OVERRUNS IX80548 SECURITY: RAS SCRIPTS SHOULDN'T FOLLOW SYMLINKS IX80549 SECURITY: /BIN/MORE CREATES INSECURE TEMPORARY FILES IX80762 SECURITY: /BIN/VI CREATES INSECURE TEMPORARY FILES IX80792 SECURITY: BUFFER OVERFLOWS IN IMAPD IX81058 SECURITY: INSECURE TEMPORARY FILES IN CMDBSYS SCRIPTS IX81077 SECURITY: TTYLOCK() ALLOWS CREATION OF WORLD-READABLE FILES IX81078 SECURITY: INSECURE TEMPORARY FILES IN CMDFILES SCRIPTS IX81442 SECURITY: VULNERABILITY IN RPC.TTDBSERVERD IX81507 SECURITY: MORE VULNERABILITIES IN PCNFSD IX81999 POST COMMAND SHOULD NOT BE SUID IX82002 FORCE REXECD USER PRIVILEDGES IX83752 SECURITY: VULNERABILITY IN AUTOFS IX84493 SECURITY: VULNERABILITY IN SETGID EXECUTABLES IX84642 SECURITY: VULNERABILITY IN INFOEXPLORER DAEMON (INFOD) IX85233 SECURITY : MAILBOX GETS CORRUPTED IX85556 SECURITY: BUFFER OVERFLOW IN FTP CLIENT IX85600 BOOTP: CERT ADVISORY IX86845 SVCAUTH_UNIX CRASH ON NEGATIVE NUMBER IX87016 REMBAK FAILS WHEN INVOKED WITH VERY LONG USERNAME/HOSTNAME IX87669 NULL MBUF CAN CRASH SYSTEM IN NFS CODE IX87727 STOP UNCOMMENTING RPC DAEMONS IN /ETC/INETD.CONF AFTER NFS IX88021 ADD FINGER TIMEOUT IX88263 SECURITY: SNAP MAY LEAK SENSITIVE INFORMATION IX88633 SECURITY: INSECURE TEMPORARY FILES IN /SBIN/RC.BOOT IX89182 LICENSE SERVER HANGS IX89415 SECURITY: XAUTH IS BROKEN IN 4.3.X IX89419 SECURITY: BUFFER OVERFLOW IN DTSPCD IX89687 SECURITY: NFS SCRIPTS CREATE INSECURE TEMPORARY FILES IY00892 INSECURE TEMPORARY FILES IN BOS.PERF PACKAGING SCRIPT IY01439 SECURITY: INSECURE TEMPORARY FILES IN /ETC/RC.POWERFAIL IY02120 SECURITY: BUFFER OVERFLOW IN NSLOOKUP IY02397 SECURITY: NON-ROOT USERS CAN USE PTRACE TO CRASH THE SYSTEM IY02944 SECURITY: BUFFER OVERFLOW IN "DTACTION -U" IY03849 SECURITY: VULNERABILITY IN TTSESSION IY04477 SECURITY BUFFER OVERFLOWS IN FTPD IY04865 SECURITY: NON-ROOT USERS CHANGE SYS INFO VIA SNMPD IY05249 SECURITY: BUFFER OVERFLOWS IN SNMPD IY05772 SECURITY: POSSIBLE BUFFER OVERFLOW IN AIXTERM TITLE HANDLING IY05851 NAMED8: SECURITY VULNERABILITIES IN BIND IY06059 GENFILT CANNOT FILTER PORT NUMBERS > 32767 IY06367 SECURITY: VULNERABILITY IN DTPRINTINFO IY06589 BUG IN GET_SEQNUM IY06694 SECURITY: ANOTHER BUFFER OVERFLOW IN DTSPCD IY06697 SECURITY: RPC.MOUNTD ALLOWS FILENAME DISCOVERY AGAIN IY06814 CRASH IN FLTR_IN_CHK() M_COPYDATA() IY06817 XDM HAS TROUBLE WITH LONG PASSWORDS IY07265 CHSEC ALLOWS NON-ADMIN USR TO CHANGE ADMIN USER ATTRIBUTES IY07425 IN CERTAIN CASES, LIBQB ROUTINE CAN CAUSE CORE DUMP IY07831 SECURITY: BUFFER OVERFLOW IN SETCLOCK IY07832 SECURITY: ANOTHER BUFFER OVERFLOW IN PORTMIR IY08128 SECURITY: VULNERABILITY IN MKATMPVC IY08143 SECURITY: BUFFER OVERFLOWS IN ENQ COMMAND IY08606 SECURITY: BUFFER OVERFLOW IN _XAIXREADRDB IY08812 SECURITY: BUFFER OVERFLOW IN SETSENV IY09514 SECURITY: VULNERABILITY IN FRCACTRL IY09941 SECURITY: LOCAL USERS CAN GAIN WRITE ACCESS TO SOME FILES IY10250 DHCPSD: SECURITY: D-O-S ATTACK VULNERABILITY IY10805 MKATM IS A SHELL SCRIPT AND SHOULDN'T BE SETUID IY11067 X SERVER FREEZES DUE TO DOS IY11224 SECURITY: BUFFER OVERFLOW IN XTERM IY11233 SECURITY: NCS CMDS LINKED WITH INSECURE LINKER ARGUMENT IY11450 SECURITY: BUFFER OVERRUN IN MIT KERBEROS LIBRARIES IY12147 NON-ROOT USERS CAN ISSUE THE NETSTAT -Z FLAG IY12251 SECURITY: POSSIBLE VULNERABILITIES IN ERRPT IY12638 SECURITY: BUFFER OVERFLOW IN PRINT CMDS IY13753 SECURITY: FORMAT STRING VULNERABILITY IN LOCALE SUBSYSTEM IY13780 SECURITY: BUFFER OVERFLOW IN LIBNTP IY13781 SECURITY: FORMAT STRING VULNERABILITY IN FTP CLIENT IY13783 FORMAT STRING VULNERABILITIES IN GETTY'S ERROR LOGGING FUNCS IY14512 DNS CERT ADVISORY FOR SRV & ZXFR BUGS IY14537 BUFFER OVERFLOW IN BELLMAIL IY15146 SYSLOGD:BUFFER OVERFLOW AND IMPROPER CONTROL CHARACTER ESCAPES IY16182 SECURITY: BUFFER OVERFLOW IN BIND8 IY16214 BUFFER OVERFLOW AND FORMAT STRING VULNERABILITIES IN BIND 4.X IY16271 SECURITY: INFOLEAK IN NUMEROUS VERSIONS OF NAMED4 AND NAMED8 IY17048 SECURITY: POSSIBLE BUFFER OVERFLOW VULNERABILITY IN CRONTAB IY17932 SECURITY: IMAPD BUFFER OVERFLOW ===========================================================================
This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 16:26:06 PDT