{"vuid":"VU#872257","idnumber":"872257","name":"IBM AIX enq buffer overflow in -M argument","keywords":["IBM","AIX","enq","buffer overflow"],"overview":"There is a buffer overflow in the enq command that may allow a local attacker to gain root privileges.","clean_desc":"The enq command is used to add entries to a queue, usually for printing. There is a buffer overflow in the -M argument to the enq command.","impact":"An attacker with access to a local user account may be able to gain root privileges.","resolution":"Apply a Patch IBM has released patches to correct this problem. For AIX version 4.2, system adminstrators should apply APAR#IY08287. For AIX version 4.3, system administrators should apply APAR#IY08143. The patches for this problem also correct a vulnerability in the digest command.","workarounds":"","sysaffected":"","thanks":"","author":"This document was written by Cory F. Cohen.","public":["http://www.securityfocus.com/bid/2034","http://xforce.iss.net/static/5619.php","http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_US/a_doc_lib/cmds/aixcmds2/enq.htm#A200977f","http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=DVhuron.boulder.ibm.com+DBAIX+DA139925+STIY08143+USbin","http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IY08143","http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=DVhuron.boulder.ibm.com+DBAIX+DA137627+STIY08287+USbin","http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=IY08287"],"cveids":["CVE-2000-1121"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-09-28T15:49:34Z","publicdate":"2000-12-01T00:00:00Z","datefirstpublished":"2001-09-28T16:02:42Z","dateupdated":"2001-09-28T16:02:42Z","revision":5,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"18","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"18","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"7.0875","cam_scorecurrentwidelyknown":"7.7625","cam_scorecurrentwidelyknownexploited":"14.5125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":7.0875,"vulnote":null}