Re: AIX 4.2 lquerylv

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: David Hedley: "one last one for this evening..."
• Previous message: Alan Cox: "Announcement: Important"
• Maybe in reply to: Georgi Guninski: "AIX 4.2 lquerylv"
• Next in thread: Piotr Piatkowski: "Re: AIX 4.2 lquerylv"

Georgi Guninski wrote:
>
> There is a buffer overflow in /usr/sbin/lquerylv which spawns a root shell
> under AIX 4.2, probably 4.x,3.x.
> SOLUTION: #chmod -s /usr/sbin/lquerylv
> Tested on AIX 4.2 RS/6000 box.
>

This (and several other LVM related buffer overflows) are fixed in
the following APARs:

AIX 3.2
=======

APAR IX66230 (PTF U447739)

AIX 4.1
=======

APAR IX66231

Fileset bos.rte.lvm should be 4.1.5.7 or later.

AIX 4.2
=======

APAR IX66232

Fileset bos.rte.lvm should be 4.2.0.12 or later.

A cumulative security APAR is also available from FixDist...

AIX 3.2
=======

APAR IX67999

AIX 4.1
=======

APAR IX67997

AIX 4.2
=======

APAR IX67998

- --
+-------------- I do not speak for IBM! -----------------+
|Troy Bollinger | 92CBR600F2|
|AIX Security Development | troy@austin.ibm.com|
+----------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBM4oABwsPbaL1YgqvAQFw6wP/dwjyLm/7B9VHQ2NNFx0sEqgL/qKuQ0JB
97Hm+75KjjNg315SP5ZkB1dDKaWxH9rPKF4luSe8euLZS6EmXhwC+jmG0SI88FGQ
4Dn6hASOWy/Qtj0dmQIsl72tdQzWNKE4XE6ebtRAeFI12ddqhrwbR+XqtM1YsLo/
v6NXLQts/MY=
=vTTe
-----END PGP SIGNATURE-----

• Next message: David Hedley: "one last one for this evening..."
• Previous message: Alan Cox: "Announcement: Important"
• Maybe in reply to: Georgi Guninski: "AIX 4.2 lquerylv"
• Next in thread: Piotr Piatkowski: "Re: AIX 4.2 lquerylv"