Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: aix allows clearing the interface stats
From: Troy Bollinger <troy () AUSTIN IBM COM>
Date: Mon, 4 Sep 2000 11:08:56 -0500

Quoting alex medvedev (alexm () PYCCKUE ORG):

aix versions 4.x.x will let a non-priveledged user clear the
network interface statistics, thus annoying system administrators and
interfering with the system scripts that depend on those numbers >:-]

$ netstat -in --> shows stats
$ netstat -Zi --> clears them without checking the uid

ibm was informed about a month ago and the problem was taken care of.


The fix for this problem is still in the testing phase.  When released,
customers can order the following APAR:

  Abstract:   non-root users can issue the netstat -Z flag
  4.3.x APAR: IY12147

--
Troy Bollinger <troy () austin ibm com>
Network Security Analyst
PGP keyid: 1024/0xB7783129
Troy's opinions are not IBM policy


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault