CVE-2001-0671Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM AIX

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
5.6%
top 9.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM AIX
Timeline
PublishedDec 6
Latest updateApr 30

Description

Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/aix4.3, 5.1+1

Patches

Patch: www.cert.orgPatch: www.kb.cert.orgPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-vmr4-xpmw-84pf: Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 42022-04-30
CVEList
CVE-2001-0671: Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 42001-11-22
CVE-2001-0671 — IBM AIX vulnerability | cvebase