The AIX ftpd is a part of the GNU C Library (glibc), which is used by various Unix-like systems. The vulnerability in question occurs due to an unhandled buffer overflow in the libc library, specifically in the ftpd daemon.
The AIX ftpd is a part of the GNU C Library (glibc), which is used by various Unix-like systems. The vulnerability in question occurs due to an unhandled buffer overflow in the libc library, specifically in the ftpd daemon.
You're affected if you use AIX version 4.3.7 or earlier, as this CVE only affects versions prior to 4.3.8. To check for the presence of glibc on your system:
find / -name "libg.so.*" | grep -q "libc"
Note: This is a Unix-specific vulnerability and may not affect other operating systems.
Upgrade to AIX version 4.3.8 or later.
- Apply the patch from IBM's website (requires login).