AIX 6.1 TL 4 : qoslist (IZ68194)
High Nessus Plugin ID 64353
SynopsisThe remote AIX host is missing a security patch.
DescriptionThere is a buffer overflow vulnerability in the qoslist command. A locally authenticated attacker can exploit this vulnerability if they have they have been assigned the aix.network.status or aix.network.config.no role-based access control authorizations.
The successful exploitation of this vulnerability allows a local attacker to execute arbitrary code with the innate privileges of the qoslist command.
The following executable is vulnerable :
SolutionInstall the appropriate interim fix.