AIX 5.3 TL 0 : libc (IZ50500)
Medium Nessus Plugin ID 64330
SynopsisThe remote AIX host is missing a security patch.
DescriptionThere is a race condition in the MALLOCDEBUG debugging component of the malloc subsystem in the library libc.a. A local user can exploit this race condition when executing setuid root programs and thereby overwrite any file in the system.
The successful exploitation of this vulnerability allows a local user to overwrite arbitrary files and execute arbitrary code as the root user.
The following libraries are vulnerable :
SolutionInstall the appropriate interim fix.