COMMAND

    gethostbyname()

SYSTEMS AFFECTED

    IBM AIX(r) 3.2.x, 4.1.x, 4.2.x

PROBLEM

    Under certain conditions,  the "gethostbyname()" library  function
    provided  with  IBM  AIX  versions  3.2.x,  4.1.x,  and  4.2.x can
    encounter a buffer overrun that allows information on the  program
    stack to be corrupted.

    Many  set-user-id  and  set-group-id  programs,  as  well  as many
    network programs running with  super-user privileges, make use  of
    the "gethostbyname()"  library function.   Corrupting the  program
    stack of these programs may allow arbitrary user-provided code  to
    be executed inadvertently.

    If successfully exploited, this buffer overrun condition could  be
    used to  gain super-user  access to  the system.   Such an  action
    could be initiated over the network from a remote system, or by  a
    user on  the local  system.   Penetration through  a firewall  may
    also be  possible, depending  on which  services and  applications
    are permitted by the firewall system.

SOLUTION

    Get patch.