Georgi Guninski wrote:
>
> There is a buffer overflow in /usr/dt/bin/dtterm and/or in libXt which
> spawns a root shell.
>
This looks alot like CERT CA-97.11 "Vulnerability in libXt.a". Do
you have the APARs for this installed?
- -------------------- 8< --------------------
IBM Corporation
===============
See the appropriate release below to determine your action.
AIX 3.2
-------
Apply the following fix to your system:
APAR - IX61784,IX67047,IX66713 (PTF - U445908,U447740)
To determine if you have this PTF on your system, run the following
command:
lslpp -lB U445908 U447740
AIX 4.1
-------
Apply the following fix to your system:
APAR - IX61031 IX66736 IX66449
To determine if you have this APAR on your system, run the following
command:
instfix -ik IX61031 IX66736 IX66449
Or run the following command:
lslpp -h X11.base.lib
Your version of X11.base.lib should be 4.1.5.2 or later.
AIX 4.2
-------
Apply the following fix to your system:
APAR - IX66824 IX66352
To determine if you have this APAR on your system, run the following
command:
instfix -ik IX66824 IX66352
Or run the following command:
lslpp -h X11.base.lib
Your version of X11.base.lib should be 4.2.1.0 or later.
To Order
--------
APARs may be ordered using Electronic Fix Distribution (via FixDist)
or from the IBM Support Center. For more information on FixDist,
reference URL:
http://service.software.ibm.com/aixsupport/
or send e-mail to aixserv@austin.ibm.com with a subject of "FixDist".
IBM and AIX are registered trademarks of International Business Machines
Corporation.
- --
+-------------- I do not speak for IBM! -----------------+
|Troy Bollinger | 92CBR600F2|
|AIX Security Development | troy@austin.ibm.com|
+----------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: 2.7.1
iQCVAwUBM4IkcQsPbaL1YgqvAQGWggP8CPrLpK4ceUZ86deWtIVzeXwuqX2OixkM
s113q15+vDBbv5cHLRYks6BVujAFKS6S2QdZGqjrEyFGJfiQeAwZfHU26W/Wi6E+
8HUHGj1aMHMtxBSBFNGuj97lCRHKrXrPA3xMCCnXgRnLM8dahv31WE3sZ1BVeN4d
2iqFqYNoE1s=
=3d1z
-----END PGP SIGNATURE-----