Re: Multiple OS kernel insecure handling of stdio file descriptor

To: XFOCUS Security Team <security@xxxxxxxxxx>
Subject: Re: Multiple OS kernel insecure handling of stdio file descriptor
From: Shiva Persaud <shivapd@xxxxxxxxxxxxxx>
Date: Fri, 19 Jan 2007 17:19:32 -0600
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <45AF8280.4090600@xxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <45AF8280.4090600@xxxxxxxxxx>
User-agent: Mutt/1.5.11

On Thu, Jan 18, 2007 at 10:21:52PM +0800, XFOCUS Security Team wrote:
> 
> XFOCUS team (http://www.xfocus.org/)  had discovered Multiple OS kernel
> insecure handling of stdio file descriptor.
> 
> ===================
> Affected OS Version
> 
> AIX 5.3

The AIX Security Team can be reached at security-alert@xxxxxxxxxxxxxxx

We have investigated this issue and AIX is not affected. A privileged
process will not inherit closed file descriptors for stdio, stdout and
stderr.

Thanks,
Shiva Persaud


-- 

Shiva Persaud / AIX Security Development

Attachment: pgpUkAuSjaSfm.pgp
Description: PGP signature

Follow-Ups:
- Re: Multiple OS kernel insecure handling of stdio file descriptor
  - From: eugeny gladkih

References:
- Multiple OS kernel insecure handling of stdio file descriptor
  - From: XFOCUS Security Team

Prev by Date: Digital Armaments Security Advisory 20.01.2007: Grsecurity Kernel PaX Vulnerability
Next by Date: Login Manager Multiple HTML Injections
Previous by thread: Re: Multiple OS kernel insecure handling of stdio file descriptor
Next by thread: Re: Multiple OS kernel insecure handling of stdio file descriptor
Index(es):
- Date
- Thread