Buffer overflow in the ftp client in IBM AIX 5.3 SP6 and 5.2.0 allows local users to execute arbitrary code via unspecified vectors that trigger the overflow in a gets function call. NOTE: the client is setuid root on AIX, so this issue crosses privilege boundaries.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:34
Type | Values Removed | Values Added |
---|---|---|
References | () ftp://aix.software.ibm.com/aix/efixes/security/README - | |
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=571 - | |
References | () http://secunia.com/advisories/26219 - Vendor Advisory | |
References | () http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01812 - | |
References | () http://www-1.ibm.com/support/docview.wss?uid=isg1IZ01813 - | |
References | () http://www.securityfocus.com/bid/25077 - | |
References | () http://www.securitytracker.com/id?1018465 - | |
References | () http://www.vupen.com/english/advisories/2007/2675 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/35627 - |
Information
Published : 2007-07-26 22:30
Updated : 2024-11-21 00:34
NVD link : CVE-2007-4004
Mitre link : CVE-2007-4004
CVE.ORG link : CVE-2007-4004
JSON object : View
Products Affected
ibm
- aix
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer