AIX 6.1 TL 1 : libc (IZ50129)
Medium Nessus Plugin ID 64326
SynopsisThe remote AIX host is missing a security patch.
DescriptionThere is a race condition in the MALLOCDEBUG debugging component of the malloc subsystem in the library libc.a. A local user can exploit this race condition when executing setuid root programs and thereby overwrite any file in the system.
The successful exploitation of this vulnerability allows a local user to overwrite arbitrary files and execute arbitrary code as the root user.
The following libraries are vulnerable :
SolutionInstall the appropriate interim fix.