I'm guessing here... To Sabotage Mailinglists.
-JD. >--duuuhh-- Thanks Justin, I missed that point-- "The tsm family of commands >(tsm,getty,login)". Anyone have any idea of what tsm means (you know, the >obscure reason it was named tsm-- like AIX means Advanced Interactive >eXecutive?) > >lisa > > > > Justin Derrick > <jderrick@CANA To: [EMAIL PROTECTED] > DA.COM> cc: > Sent by: Subject: Re: For those >Security conscious people running AIX > "ADSM: Dist > Stor Manager" > <[EMAIL PROTECTED] > IST.EDU> > > > 04/04/2002 > 07:23 PM > Please respond > to "ADSM: Dist > Stor Manager" > > > > > > >Just to re-iterate... > >>I wonder.....do you need to replace the tsm executable in /usr/sbin after >>you update TSM server code?????? > >No. The 'tsm' in /usr/sbin has nothing to do with Tivoli Storage Manager. >I have absolutely *no* idea why IBM just didn't call it 'login', since that >what it's linked to. =) > >-JD. > > > > > > >> Gabriel Wiley >> <[EMAIL PROTECTED] To: [EMAIL PROTECTED] >> .COM> cc: >> Sent by: Subject: Re: For those >>Security conscious people running AIX >> "ADSM: Dist >> Stor Manager" >> <[EMAIL PROTECTED] >> IST.EDU> >> >> >> 04/04/2002 >> 08:19 AM >> Please respond >> to "ADSM: Dist >> Stor Manager" >> >> >> >> >> >> >>Lisa, >> >>I just upgraded another server to ML9 + yesterday.. >> >>I ordered the CD(s) in Feb. when they arrived it did not have the fileset. >>(CD was ML9 as of 02/06/02) >> >>It is an add on if you wish to call it that.. >> >>Gabriel C. Wiley >>ADSM/TSM Administrator >>AIX Support >>Phone 1-614-308-6709 >>Pager 1-877-489-2867 >>Fax 1-614-308-6637 >>Cell 1-740-972-6441 >> >>Siempre Hay Esperanza >> >> >> >> >> Lisa Cabanas >> <[EMAIL PROTECTED] To: >>[EMAIL PROTECTED] >> > cc: >> Sent by: "ADSM: Subject: Re: For those >>Security conscious people running AIX >> Dist Stor >> Manager" >> <[EMAIL PROTECTED] >> .EDU> >> >> >> 04/03/2002 09:07 >> AM >> Please respond to >> "ADSM: Dist Stor >> Manager" >> >> >> >> >> >>I think what Justin said about having to do extra steps is right (needing >>additional filesets, specifically)-- I am at ML9, but when I look at the >>levels of the filesets, they are still below what is indicated as being >>unaffected, and the instfix doesn't show that APAR. >> >>bummer. >> >>lisa >> >> >> >> Gabriel Wiley >> <[EMAIL PROTECTED] To: [EMAIL PROTECTED] >> .COM> cc: >> Sent by: Subject: Re: For those >>Security conscious people running AIX >> "ADSM: Dist >> Stor Manager" >> <[EMAIL PROTECTED] >> IST.EDU> >> >> >> 04/02/2002 >> 04:13 PM >> Please respond >> to "ADSM: Dist >> Stor Manager" >> >> >> >> >> >> >>I can't tell you if it was fixed in ML8 we went from ML3 to ML9 overnight >>(or a very long weekend) .. >> >>The security people, waived it in my face the other day and said get it >>fixed. >> >>Since we are at ML9 + there was no need , it was already there. >> >>If you go to the software website it says you need to install 388 or so >>filesets to be legit.. (Wrong not in this env.) >> >>There have been buffer overflow issues in every version of AIX so far.. >> >>Problem Summar y >> >> The tsm family of commands (tsm,getty,login) does not >> properly validate the port name entered on the command >>line. >> This can allow unpriviledged users to become root. >> >> >>Gabriel C. Wiley >>ADSM/TSM Administrator >>AIX Support >>Phone 1-614-308-6709 >>Pager 1-877-489-2867 >>Fax 1-614-308-6637 >>Cell 1-740-972-6441 >> >>Siempre Hay Esperanza >> >> >> >>|---------+----------------------------> >>| | Justin Derrick | >>| | <jderrick@CANADA.| >>| | COM> | >>| | Sent by: "ADSM: | >>| | Dist Stor | >>| | Manager" | >>| | <[EMAIL PROTECTED]| >>| | .EDU> | >>| | | >>| | | >>| | 04/02/2002 03:16 | >>| | PM | >>| | Please respond to| >>| | "ADSM: Dist Stor | >>| | Manager" | >>| | | >>|---------+----------------------------> >> > >> >------------------------------------------------------------------------------- > >>-----------------------------------------------| >> >> >> >> | >>| >> | To: [EMAIL PROTECTED] >>| >> | cc: >>| >> | Subject: Re: For those Security conscious people running AIX >>| >> | >>| >> | >>| >> > >> >------------------------------------------------------------------------------- > >>-----------------------------------------------| >> >> >> >> >> >> >>I think I had to install this separately at a client site because it >>required a few steps in order to take proper effect... But to be >>absolutely clear, this isn't Tivoli Storage Manager related. For some >>reason, the 'login' program on AIX is a link (an alias, if you will) to >the >>'tsm' program, which, again, has nothing to do with Tivoli Storage >Manager. >> >>-JD. >> >>>Isn't/Wasn't this taken care of in ML8? >>> >>> >>> >>> Gabriel Wiley >>> <[EMAIL PROTECTED] To: [EMAIL PROTECTED] >>> .COM> cc: >>> Sent by: Subject: For those Security >>>conscious people running AIX >>> "ADSM: Dist >>> Stor Manager" >>> <[EMAIL PROTECTED] >>> IST.EDU> >>> >>> >>> 04/02/2002 >>> 12:14 PM >>> Please respond >>> to "ADSM: Dist >>> Stor Manager" >>> >>> >>> >>> >>> >>> >>>If you are not aware .. FYI **** >>> >>>SECURITY: MULTIPLE BUFFER OVERFLOW VULNERABILITIES IN TSMLOGIN >>> >>>Created: 01/04/2002 at 03:22 PM >>> >>> >>> Published Date: 01/04/2002 >>> >>> >>> >>> >>> >>> >>> OS or Applications Affected: AIX >>> >>> Versions Affected: 4.3 >>> >>> >>> >>> >>> >>> Severity: Medium >>> >>> >>> >>> >>> >>> APAR/Patch ID: IY26443 >>> >>> Workaround Available?: No >>> >>> >>> >>> >>> >>> >>> >>> >>> >>>Run this command to see if you have it ; >>> >>>instfix -ik IY26443 >>> >>> or >>> >>>instfix -ick IY26443 >>> >>>Keyword:Fileset:ReqLevel:InstLevel:Status:Abstract >>>Y26443:bos.rte.security:4.3.3.79:4.3.3.79:=:SECURITY: Multiple buffer >>>overflow vulnerabilities in tsmlogin >>> >>> >>>Gabriel C. Wiley >>>ADSM/TSM Administrator >>>AIX Support >>>Phone 1-614-308-6709 >>>Pager 1-877-489-2867 >>>Fax 1-614-308-6637 >>>Cell 1-740-972-6441 >>> >>>Siempre Hay Esperanza
