{"vuid":"VU#182777","idnumber":"182777","name":"IBM AIX nslookup buffer overflow in lex routines","keywords":["IBM","AIX","nslookup","lex","buffer overflow","DNS"],"overview":"There is a problem with the nslookup program related to the handling of long strings.","clean_desc":"This problem is reported to be the result of incorrect bounds checking on the part of the lex routines used in nslookup. This vulnerability is mentioned in an IBM advisory as being exploited by attackers.","impact":"The impact of this vulnerability is not clear. It may be possible for local attackers to gain root privileges on the vulnerable system.","resolution":"Apply a Patch IBM has released patches to correct this problem. For AIX version 4.3, system administrators should apply APAR#IX79909.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Cory F. Cohen.","public":["http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IX79909","http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=DVhuron.boulder.ibm.com+DBAIX+DA96551+STIX79909+USbin"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-09-26T17:38:15Z","publicdate":"1998-07-06T00:00:00Z","datefirstpublished":"2001-09-26T18:00:33Z","dateupdated":"2001-09-26T18:04:51Z","revision":3,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"18","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"15","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"5.90625","cam_scorecurrentwidelyknown":"6.46875","cam_scorecurrentwidelyknownexploited":"12.09375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":5.90625,"vulnote":null}