VULHUB ™

It has been reported that IBM's implementation of "cu" may be prone to a buffer overflow condition, which may allow an attacker to gain unauthorized access to a vulnerable system. The issue is caused due to insufficient boundary checking. An attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing an affected procedure to return to an address of their choice. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the vulnerable software. AIX 5.1 has been reported to be vulnerable to this issue, although unconfirmed other versions may be affected as well.

It has been reported that IBM's implementation of "cu" may be prone to a buffer overflow condition, which may allow an attacker to gain unauthorized access to a vulnerable system. The issue is caused due to insufficient boundary checking. An attacker may leverage the issue by exploiting an unbounded memory copy operation to overwrite the saved return address/base pointer, causing an affected procedure to return to an address of their choice. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the vulnerable software. AIX 5.1 has been reported to be vulnerable to this issue, although unconfirmed other versions may be affected as well.