AIX 5.3 TL 10 : cmsd (IZ62123)
Critical Nessus Plugin ID 64347
SynopsisThe remote AIX host is missing a security patch.
DescriptionThere is a buffer overflow vulnerability in the calendar daemon library libcsa.a. A remote attacker can exploit this vulnerability when the rpc.cmsd calendar daemon is enabled in /etc/inetd.conf.
The successful exploitation of this vulnerability allows a remote attacker to execute arbitrary code as the root user.
The following libraries and executables are vulnerable :
SolutionInstall the appropriate interim fix.