PROBLEM:
A vulnerability was reported in IBM AIX. A remote user can cause denial of service conditions.
PLATFORM:
version(s): 5.3, 6.1, and 7.1
ABSTRACT:
A remote user can send a specially crafted ICMP packet to cause the target service to crash.
reference LINKS:
Vendor Advisory
Security Tracker ID 1026742
CVE-2011-1385
IMPACT ASSESSMENT:
Medium
Discussion:
There is an error in the handling of a particular ICMP packet in which a remote user can cause a denial of service.
Impact:
Denial of service on AIX via network.
Solution:
The vendor has issued a fix.
5.3.12: APAR IV03369
6.1.5: APAR IV13672
6.1.6: APAR IV13554
6.1.7: APAR IV07188
7.1.0: APAR IV04695
7.1.1: APAR IV08255
The fixes can be downloaded via ftp from: aix.software.ibm.com/aix/efixes/security/icmp_fix.tar