COMMAND

    adb (ptrace ())

SYSTEMS AFFECTED

    AIX 4.2.x, 4.3.x

PROBLEM

    GZ Apple  found following.   Local users  can halt  the  operating
    system  by  'adb'  command  under  AIX  box  what makes DoS.  This
    affects AIX 4.2.x and 4.3.x (including 4.3.2).  AIX 3.2.5 also has
    this problem  (tested on  an RS/6000  580 running  AIX 3.2.5), but
    there'll be  no fix  for that  too as  AIX 3.2.5  has been  out of
    service since 12/31/1997.

SOLUTION

    IBM is  working on  the following  fixes which  will be  available
    soon:

        AIX 3.2.x:  upgrade to version 4
        AIX 4.1.x:  not vulnerable
        AIX 4.2.x:  IY02381
        AIX 4.3.x:  IY02397

    A temporary fix is available via anonymous ftp from:

        ftp://aix.software.ibm.com/aix/efixes/security/adb_hang.tar.Z