Intrusion Prevention

AIX.RPC.cmsd.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in AIX Calendar Manager Service Daemon.
The vulnerability is caused by an error when the vulnerable software handles a malicious rpc request. It allows a remote attacker to execute arbitrary code via sending a crafted request.

Affected Products

IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, please Refer to the vendor's web site for suggested workaround.
http://aix.software.ibm.com/aix/efixes/security/cmsd_fix.tar

CVE References

CVE-2009-3699