COMMAND

    pdnsd

SYSTEMS AFFECTED

    C Set ++ for AIX Version 3 (5765-421)
    C Set ++ for AIX Version 2 (5765-186)

PROBLEM

    Following  is  based  on  IBM  Security  Alert.  A buffer overflow
    vulnerability has  been discovered  in the  Source Code  Browser's
    Program Database Name  Server Daemon (pdnsd)  of versions 2  and 3
    of IBM's C Set  ++ for AIX.   This vulnerability allows local  and
    remote users to  gain root access.   To date, there  are no  known
    reports of this being exploited.

SOLUTION

    IBM C Set ++ for AIX versions 2 and 3 are no longer supported  and
    no APAR will be issued.  Customers are encouraged to upgrade to  a
    later compiler version.   The pdnsd daemon  should be disabled  by
    running the following commands as root:

        # rmitab browser
        # chown root.system /usr/lpp/xlC/browser/pdnsd
        # chmod 0 /usr/lpp/xlC/browser/pdnsd
        # /usr/lpp/xlC/browser/pdnsdkill