PORTMAPPER: IBM AIX Calendar Manager Service Daemon Buffer Overflow
This signature detects attempts to exploit a known vulnerability against IBM AIX Calendar Manager Service Daemon. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
Affected Products
Ibm vios
Short Name
PORTMAPPER:IBM-AIX-RPC-CMSD-BO
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
PORTMAPPER
Keywords
AIX Buffer CVE-2009-3699 Calendar Daemon IBM Manager Overflow Service bid:36615
Release Date
07/06/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Ibm