IBM AIX libi18n Library Long LANG Variable Overflow
Local Access Required
Loss of Confidentiality,
Loss of Integrity
A local buffer overflow exists in IBM AIX library libi18n. The library function _GETLAYOUTINITFUNC fails to validate the length of the LANG environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can gain root privileges resulting in a loss of confidentiality and/or integrity.
Upgrade AIX using the APAR numbers AIX 5.1: IY21309 and AIX 4.3: IY20867 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.