APAR status
Closed as program error.
Error description
cicsanimsrv can crash due to heap based buffer overflow
Local fix
Problem summary
cicsanimsrv utility in TXSeries is vulnerable to a heap-based buffer overflow, caused by improper bounds. A local attacker could overflow a buffer and cause the cicsanimsrv to crash.
Problem conclusion
Code is fixed to address the vulnerability.
Temporary fix
Comments
APAR Information
APAR number
IV35961
Reported component name
TXSERIES V6 AIX
Reported component ID
5724AX600
Reported release
620
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-01-29
Closed date
2013-01-29
Last modified date
2013-01-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TXSERIES V6 AIX
Fixed component ID
5724AX600
Applicable component levels
R620 PSY
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
10 March 2021