Vulnerabilities > CVE-2010-1124 - Unspecified vulnerability in IBM AIX 5.3/5.3.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 38964 CVE ID: CVE-2010-1124 IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX在执行getaddrinfo调用后bos.rte.libc不支持读取某些地址字段,用户受骗访问了恶意服务器IP地址就会导致拒绝服务。 IBM AIX 5.3 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710 |
| id | SSV:19360 |
| last seen | 2017-11-19 |
| modified | 2010-03-30 |
| published | 2010-03-30 |
| reporter | Root |
| title | IBM AIX 5.3 getaddrinfo()函数远程拒绝服务漏洞 |