Skip to main content

IV35961: CICSANIMSRV CAN CRASH DUE TO HEAP BASED BUFFER OVERFLOW


Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • cicsanimsrv can crash due to heap based buffer overflow

Local fix

  •  
    • 
  
 
  
Problem summary
 
  
     
   
  • cicsanimsrv utility in TXSeries is vulnerable to a heap-based
buffer overflow, caused by improper bounds. A local attacker
could overflow a buffer and cause the cicsanimsrv to crash.

     
    • 
  
 
  
Problem conclusion
 
  
     
   
  • Code is fixed to address the vulnerability.

     
    • 
  
 
  
Temporary fix
 
  
     
   
  •  
    • 
  
 
  
Comments
 
  
     
   
  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    IV35961
    •  
    
  • Reported component name
    TXSERIES V6 AIX
    •  
    
  • Reported component ID
    5724AX600
    •  
    
  • Reported release
    620
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2013-01-29
    •  
    
  • Closed date
    2013-01-29
    •  
    
  • Last modified date
    2013-01-29
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
     IV35944
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    TXSERIES V6 AIX
    •  
   
  • Fixed component ID
    5724AX600
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R620 PSY 
       
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
TXSeries


	
CICS


	




	
Software version:

	6.2

	





	
Reference #:

IV35961






Modified date:

2013-01-29








Translate my page














































 



Content navigation