{"vuid":"VU#640827","idnumber":"640827","name":"IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files","keywords":["IBM","AIX","Parallel Systems Support Program","PSSP","File Collections subsystem","arbitrary user","configuration file","security database files"],"overview":"IBM AIX Parallel Systems Support Programs (PSSP) contains a vulnerability allowing unauthorized access to files in valid file collections.","clean_desc":"IBM PSSP software is used to provide a central point of management control for a cluster of RS/6000 SP nodes and IBM pSeries and IBM RS/6000 servers running AIX.","impact":"Intruders may be able to gain access to files that are included in a valid file collection on the SP system's control workstation, including AIX system configuration and security database files.","resolution":"Obtain and apply the fix on all SP system control workstations and nodes as soon as possible. See the instructions below for obtaining the appropriate PTF(s) containing the fix for each release of PSSP. Follow the instructions in the appropriate README file to enable secure file collections. PSSP 3.1.1 ssp.sysman.README.IY20699\n PSSP 3.2 ssp.sysman.README.IY28063\n PSSP 3.4 ssp.sysman.README.IY28065 IMPORTANT: Simply applying the PTF is not sufficient to correct the File Collections security vulnerability. The process to enable Secure File Collections, as documented in the README file, must be completed in order to correct the vulnerability. Solution: There are APARs created for all supported PSSP releases. The PTFs addressing those APARs are now available in the indicated PTF Set. PSSP Rls APAR PTF # PTF Set # PSSP 3.1.1: IY20699 U482380 24\n PSSP 3.2: IY28063 U482385 18\n PSSP 3.4: IY28065 U482395 6 The fix can be obtained by ordering the specific PTF for your release from 1-800-CALLAIX or your country support center. The fix can also be downloaded by selecting the appropriate APAR number from IBM@server Support web page\nat URL: http://techsupport.services.ibm.com/server/fixes","workarounds":"A workaround to the vulnerability is to disable the File Collections subsystem, until such time that the fix can be applied or the software upgraded to a supported release. To disable File Collections, run the following command under the root userid on the SP system's control workstation: spsitenv filecoll_config=false To verify that File Collections has been disabled, run the following command: splstdata -e | grep filecoll_config","sysaffected":"","thanks":"","author":"This document was written by Shawn V. Hernan.","public":["h","t","t","p",":","/","/","t","e","c","h","s","u","p","p","o","r","t",".","s","e","r","v","i","c","e","s",".","i","b","m",".","c","o","m","/","s","e","r","v","e","r","/","f","i","x","e","s"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-03-27T21:01:37Z","publicdate":"2002-04-01T00:00:00Z","datefirstpublished":"2002-04-02T01:47:21Z","dateupdated":"2004-02-23T22:40:51Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"20","cam_easeofexploitation":"15","cam_attackeraccessrequired":"10","cam_scorecurrent":"10.125","cam_scorecurrentwidelyknown":"12.9375","cam_scorecurrentwidelyknownexploited":"24.1875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.125,"vulnote":null}