View Source

Original issue date: May 26, 1992<BR>
Last revised: September 19, 1997<BR>
Attached copyright statement  

<P>A complete revision history is at the end of this file.

<P>The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a vulnerability in <I>crontab(1)</I> in version 3.2
of IBM's AIX operating system.

<P>IBM is aware of this problem and a fix is available as apar number &quot;ix26997&quot;
for AIX version 3.2.  The version information for the patched /usr/bin/crontab
is shown in the following <I>what(1)</I> output:
<PRE>
% what /usr/bin/crontab
04 1.23 com/cmd/cntl/cron/crontab.c, cmdcntl, bos320, 9218320f 4/8/92 11:50:42
07 1.8  com/cmd/cntl/cron/permit.c, bos, bos320 4/25/91 17:16:59
11 1.15  com/cmd/cntl/cron/cronsub.c, bos, bos320 8/18/91 20:42:32
06 1.9  com/cmd/cntl/cron/funcs.c, bos, bos320 6/8/91 21:22:40
</PRE>
If your crontab contains older modules than the above output indicates, we
suggest that you install the fix.


<P><HR>
<H2>I. Description</H2>


The distributed version of /usr/bin/crontab contains a security
vulnerability.



<H2>II. Impact</H2>


Local users can gain unauthorized root access to the system.



<H2>III. Solution</H2>


The CERT/CC suggests that sites install the fix that IBM has made
available.  As an interim step, we suggests that sites prevent all
non-root users from running /usr/bin/crontab by removing (or renaming)
the /var/adm/cron/cron.allow and /var/adm/cron/cron.deny files.

<UL><LI> Obtain the fix from IBM Support.

<P>
<OL><LI>
 To order from IBM call 1-800-237-5511 and ask

that the fix be shipped.  Patches may be obtained
              outside the U.S. by contacting your local IBM<BR>
representative.

<LI><P>If you are on the Internet, use anonymous ftp to obtain

the fix from software.watson.ibm.com (129.34.139.5).
<PRE>
Patch           Filename                Checksum
AIX 3.2         pub/aix3/cronta.tar.Z   02324   154
</PRE>
The patch must be retrieved using binary mode.
</OL>

<P><LI>
Install the fix following the instructions in the README file.</UL>
<HR>

<P>The CERT/CC would like to thank Fuat Baran of Advanced Network &amp; Services,
Inc. for bringing this security vulnerability to our attention and IBM for
their quick response to this problem.

<P>
<!--#include virtual="/include/footer_nocopyright.html" -->
<P>Copyright 1992 Carnegie Mellon University.</P>

<HR>

Revision History
<PRE>
September 19,1997  Attached copyright statement
</PRE>