- bsh


COMMAND

bsh

SYSTEMS AFFECTED

AIX 3.2 and earlier.


PROBLEM

Vulneravility in bshbatch queue allows unathorized access.  Remote
users my again access to privileged accounts. If network  printing
is enabled
the bsh queue  will permit users on remote  systems to
execute commands at an elevated privilege.



SOLUTION

Disable bsh; obtain and install  fix from IBM. To disable  the bsh
queue from the command line enter:

chqueue -qbsh -a"up = FALSE"

or from SMIT enter:

Spooler
Manage Local Printer Subsystem
Local Printer Queues
Change/Show Characteristics of a Queue
select bsh
Activate the Queue
select no

IBM has  made available  an emergency  fix for  this vulnerability
via anonymous  ftp from  software.watson.ibm.com in  the directory
/pub/aix.  The  fix  is  contained  in  the  compressed  tar  file
bshfixN.tar.Z
where  N is  the current  version of  the fix.  The
official  fix  for  this  problem  can  be  ordered  from IBM
the
APAR # is IX44381.