[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[IBM] UPDATE: Schwachstelle in Perl - IBM 2007.07.11
-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5
Liebe Kolleginnen und Kollegen,
soeben erreichte uns nachfolgende Warnung des IBM Managed Security
Services. Wir geben diese Informationen unveraendert an Sie weiter.
Bitte beachten Sie, dass dies ein Update des Advisories ist, das die
folgenden Aenderungen betrifft:
Mit diesem Update gibt IBM bekannt, das auch AIX 5200-10 und AIX
5300-06 von der Schwachstelle betroffen ist.
Schwachstelle im AIX Perl Interpreter
Im mit AIX ausgelieferten Perl Interpreter befindet sich eine, nicht
naeher beschriebene, Schwachstelle durch die lokale Angreifer
beliebigen Code mit den Rechten des Benutzers ausfuehren koennen,
indem sie ihn dazu bringen, ein entsprechend aufgebautes Perl-Skript
auszufuehren.
Betroffen sind die folgenden Software Pakete und Plattformen:
AIX 5.2: perl.rte Fileset Version 5.8.0.10 - 5.8.0.110
AIX 5.3: perl.rte Fileset Version 5.8.2.10 - 5.8.2.60
Ein Patch (APAR IY98394) fuer AIX 5.2.0 ist angekuendigt fuer den 25.7.2007
Ein Patch (APAR IY98395) fuer AIX 5.3.0 ist angekuendigt fuer den 4.7.2007
AIX 5.2
AIX 5.3
Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
Hersteller Advisory:
https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs
(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.
Mit freundlichen Gruessen,
Andreas Bunten, DFN-CERT
- --
DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
IBM SECURITY ADVISORY
First Issued: Tue May 22 14:00:24 CDT 2007
| Updated: Tue Jun 12 08:09:47 CDT 2007
===========================================================================
VULNERABILITY SUMMARY
VULNERABILITY: A vulnerability in the Perl interpreter may allow a
local user to execute arbitrary code as another
user.
PLATFORMS: AIX 5.2 and AIX 5.3.
SOLUTION: Install the interim fixes or APARs as described below.
THREAT: A local user may execute arbitrary code as another
user.
CERT VU Number: n/a
CVE Number: n/a
===========================================================================
DETAILED INFORMATION
I. Description
===============
A vulnerability exists in the AIX Perl interpreter and other related Perl
binaries that allows a local user to execute arbitrary code as another
user. To successfully exploit this vulnerability, an attacker must wait for
a legitimate user to execute a binary that ships with Perl. The arbitrary
code will run with the privileges of the legitimate user.
The following table shows which filesets are affected by this issue:
AIX Release Fileset Lower Upper
Level Level
=============================================================
| AIX 5.2 perl.rte 5.8.0.10 5.8.0.105
| AIX 5.3 perl.rte 5.8.2.10 5.8.2.60
| Update: AIX 5200-10 and AIX 5300-06 are also affected.
Perl binaries ship as part of the perl.rte fileset. To determine which
version of a given fileset is installed, execute the following command:
| # lslpp -L | grep perl.rte
The fileset will be listed along with its version information, state, type
and a description.
II. Impact
==========
A local user may execute arbitrary code as another user.
III. Solutions
===============
A. Official Fix
IBM provides the following fixes:
APAR number for AIX 5.2.0: IY98394 (available approx. 07/25/07)
APAR number for AIX 5.3.0: IY98395 (available approx. 07/04/07)
NOTE: Affected customers are urged to upgrade to the latest applicable
Technology Level.
B. Interim Fix
Interim fixes are available. The interim fixes can be downloaded via ftp
from:
ftp://aix.software.ibm.com/aix/efixes/security/perl_ifix.tar.Z
This is a compressed tarball containing this advisory, interim fix packages
and cleartext PGP signatures for each package.
Verify you have retrieved the fixes intact:
+------------------------------------------
The checksums below were generated using the "sum" and "md5sum" commands
and are as follows:
Filename sum md5
======================================================================
IY98394.051407.epkg.Z 63922 14844 6fe2f7bd7f4cc66c5acba17a71361baf
IY98395.051407.epkg.Z 20736 15234 d7977aea2a5c364634fe3f2dbd805899
| IY98394.060607.epkg.Z 60616 14831 5a26e2bd03b090976505c203759bb39b
| IY98395.060607.epkg.Z 10126 15223 542fd649aa7cac74d37ba2b4b06ecc2f
| UPDATE: New interim fixes are now available to support affected releases:
| AIX 5200-10: IY98394.060607.epkg.Z
| AIX 5300-06: IY98395.060607.epkg.Z
These sums should match exactly. The PGP signatures in the compressed
tarball and on this advisory can also be used to verify the integrity of
the various files they correspond to. If the sums or signatures cannot be
confirmed, double check the command results and the download site address.
If those are OK, contact IBM AIX Security at security-alert@xxxxxxxxxxxxxx
and describe the discrepancy.
The following table shows the prerequisite fileset level for the fixes
above. These levels are for perl.rte.
Interim Fileset Level Fileset Level AIX
Fix (lower level) (upper level) Release
====================================================================
IY98394.051407.epkg.Z 5.8.0.10 5.8.0.95 AIX 5.2
IY98395.051407.epkg.Z 5.8.2.10 5.8.2.50 AIX 5.3
| IY98394.060607.epkg.Z 5.8.0.96 5.8.0.105 AIX 5.2
| IY98395.060607.epkg.Z 5.8.2.51 5.8.2.60 AIX 5.3
IMPORTANT: If possible, it is recommended that a mksysb backup of the
system is created. Verify it is both bootable, and readable before
proceeding.
Interim Installation Instructions:
+---------------------------------
These packages use the new Interim Fix Management Solution to install and
manage ifixes. More information can be found at:
http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html
To preview an epkg ifix installation execute the following command:
# emgr -e ipkg_name -p # where ipkg_name is the name of the
# ifix package being previewed.
To install an epkg ifix package, execute the following command:
# emgr -e ipkg_name -X # where ipkg_name is the name of the
# ifix package being installed.
The "X" flag will expand any filesystems if required.
IV. Obtaining Fixes
===================
AIX Version 5 APARs can be downloaded from:
http://www.ibm.com/servers/eserver/support/unixservers/aixfixes.html
Security related Interim Fixes can be downloaded from:
ftp://aix.software.ibm.com/aix/efixes/security
V. Contact Information
=======================
If you would like to receive AIX Security Advisories via email, please
visit:
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd
Comments regarding the content of this announcement can be directed to:
security-alert@xxxxxxxxxxxxxx
To request the PGP public key that can be used to communicate securely
with the AIX Security Team send email to security-alert@xxxxxxxxxxxxxx
with a subject of "get key". The key can also be downloaded from a PGP
| Public Key Server. The key id is 0x4265D862.
Please contact your local IBM AIX support center for any assistance.
eServer is a trademark of International Business Machines Corporation.
IBM, AIX and pSystem are registered trademarks of International Business
Machines Corporation. All other trademarks are property of their respective
holders.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (AIX)
iD8DBQFGk8uu0eNzcEJl2GIRAsPCAJ418x7qPlWIHiAMGjSiaRicRwFlyQCeJRcQ
FzBUbn0VNcR6D49QTXPBUpQ=
=wHnz
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBRpXygBYd1iQZmhQQAQFdNggAlFfPXfcyvaeRSLRY6FSC8ddalLLHZcIG
i3CTMO6m48qymBlKtp8IjvUk1vhCUa5gkAERd4vNjU0zLaIdp/RfI7/lT6gjY8+J
EnNSLsR3p88q7/JlfbYTDbDjAs48S4fdoAa3vMX/pjUFCosQPmuOGeZ4WaCSw4hD
rceRus1LwJck7HzJBlx30aIoTYmzHQBqqTCzrk4iTSi6hfxNkxar8mMgxtu+8zEM
6aYXEshZwTys7Ehc2dMe0QTvlWS4COnX7hHJdxnMs4WI0g5Ot0r9GRx/A4VJ22pd
DHMolBbE3hFB7ZzBgCWGYw1LhTF8XhKhYDsNiH3DQElNvtIhhWN06g==
=3pjT
-----END PGP SIGNATURE-----