AIX 5.3 TL 7 : libc (IZ50517)
Medium Nessus Plugin ID 64331
SynopsisThe remote AIX host is missing a security patch.
DescriptionThere is a race condition in the MALLOCDEBUG debugging component of the malloc subsystem in the library libc.a. A local user can exploit this race condition when executing setuid root programs and thereby overwrite any file in the system.
The successful exploitation of this vulnerability allows a local user to overwrite arbitrary files and execute arbitrary code as the root user.
The following libraries are vulnerable :
SolutionInstall the appropriate interim fix.