AIX libi18n vulnerability

Help Net Security has an advisory for IBM’s AIX versions 4.3.x and 5.1: “AIX ships with the library “libi18n” located in the “/usr/ccs/lib” directory. This library
contains a function that is vulnerable to a buffer overflow through the LANG
environment variable.

An ordinary user has the ability to set the “LANG” environment variable to any value
they choose. When this variable is set to a suitably formatted string and a program is
run which uses the

vulnerable library, the program will terminate abnormally. If this program is also setuid
root, aixterm for example, a malicious user has an opportunity to spawn a root shell and
gain control of the machine.”

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR