Multiple vulnerabilities in IBM AIX
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2017-6451 CVE-2017-6458 CVE-2017-6462 CVE-2017-6464 |
| CWE-ID | CWE-787 CWE-120 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM AIX Operating systems & Components / Operating system |
| Vendor |
IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU7385
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6451
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to improper handling of the return value of the snprintf function by the mx4200_send function in the legacy MX4200 refclock in NTP. A local attacker can trigger out-of-bounds memory write and execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
IBM AIX: 5.3 - 7.2
External linkshttp://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU7386
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6458
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition.
The weakness exists due to multiple buffer overflows in the ctl_put() functions in NTP. A remote attacker can an overly long string argument, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
IBM AIX: 5.3 - 7.2
External linkshttp://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU7389
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6462
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition.
The weakness exists due to buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP. A remote attacker can send specially crafted packets, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
IBM AIX: 5.3 - 7.2
External linkshttp://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Denial of service
EUVDB-ID: #VU7390
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6464
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition.
The weakness exists due to improper input validation. A remote attacker can use malformed mode configuration directive to trigger memory corruption and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
IBM AIX: 5.3 - 7.2
External linkshttp://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
