SB2017070612 - Multiple vulnerabilities in IBM AIX

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2017-6451)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to improper handling of the return value of the snprintf function by the mx4200_send function in the legacy MX4200 refclock in NTP. A local attacker can trigger out-of-bounds memory write and execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

2) Buffer overflow (CVE-ID: CVE-2017-6458)

The vulnerability allows a remote authenticated attacker to cause DoS condition.

The weakness exists due to multiple buffer overflows in the ctl_put() functions in NTP. A remote attacker can an overly long string argument, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Buffer overflow (CVE-ID: CVE-2017-6462)

The vulnerability allows a local attacker to cause DoS condition.

The weakness exists due to buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP. A remote attacker can send specially crafted packets, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Denial of service (CVE-ID: CVE-2017-6464)

The vulnerability allows a remote authenticated attacker to cause DoS condition.

The weakness exists due to improper input validation. A remote attacker can use malformed mode configuration directive to  trigger memory corruption and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References

• http://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc