IV43827: ARP.IB:SECURITY VULNERABILITY, NON-ROOT USER CAN GET ROOT ACCESS APPLIES TO AIX 6100-07

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Potential security vulnerability .
    arp.ib command can allow a non-root user to get root
    access
    from where user can run malicious code..
    

Local fix

Problem summary

  • The "arp.ib" command allows a non-privileged user to run
    malicious code with privileged authority.
    

Problem conclusion

  • Fixed the vulnerability
    

Temporary fix

Comments

  • 6100-06 - use AIX APAR IV43828
    6100-07 - use AIX APAR IV43827
    6100-08 - use AIX APAR IV43826
    6100-09 - use AIX APAR IV44040
    6100-09 - use AIX APAR IV44040
    7100-00 - use AIX APAR IV43830
    7100-01 - use AIX APAR IV43756
    7100-02 - use AIX APAR IV43829
    

APAR Information

  • APAR number

    IV43827

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2013-06-05

  • Closed date

    2013-06-05

  • Last modified date

    2013-11-21

  • APAR is sysrouted FROM one or more of the following:

    IV43756

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U859167

       UP13/08/02 I 1000

PTF to Fileset Mapping



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

AIX Enterprise Edition

Software version:

610

Operating system(s):

AIX

Reference #:

IV43827

Modified date:

2013-11-21

Translate my page

Machine Translation

Content navigation