AIX 5.3 TL 12 : bos.net.tcp.client (U846347)
High Nessus Plugin ID 72842
SynopsisThe remote AIX host is missing a vendor-supplied security patch.
DescriptionThe remote host is missing AIX PTF U846347, which is related to the security of the package bos.net.tcp.client.
Vulnerability which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
Note: The ifix provided also contains the fix for CVE-2012-0194 and CVE-2011-1385 since they affect the same fileset.
See the following for CVE-2012-0194:
http://aix.software.ibm.com/aix/efixes/security/large_send_a dvisory.asc CVE-2011-1385:
SolutionInstall the appropriate missing security-related fix.