Computer Associates (CA) Resource Intialization Manager (CAIRIM) LMP SVC privilege escalation
|cairim-lmp-privilege-escalation (26234)||Medium Risk|
The CA Resource Initialization Manager (CAIRIM) LMP component for z/OS, which is included with CA Common Services for z/OS, could allow a local attacker to gain elevated privileges, caused by a vulnerability in the way the CAIRIM LMP SVC is executed. An attacker could exploit this vulnerability to obtain supervisor state (key 0), which could be used to gain unauthorized access to other system resources.
Apply the patch for this vulnerability (PTF QO78541), available from the CA SupportConnect Web site. See References.
- CA SupportConnect Web site: Important Security Notice for CAIRIM LMP for z/OS Affected products.
- CA SupportConnect Web site: Important Security Notice for CAIRIM LMP for z/OS.
- BID-17840: CA Resource Initialization Manager Local Privilege Escalation Vulnerability
- CVE-2006-2201: Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain problem state program that uses SVC to gain access to supervisor state, key 0.
- OSVDB ID: 25234: CA Resource Initialization Manager (CAIRIM) LMP SVC Invocation Privilege Escalation
- SA19953: CA Resource Initialization Manager Privilege Escalation
- SECTRACK ID: 1016028: CA Resource Initialization Manager LMP SVC Bug May Let Local Users Gain Supervisor State
- CA Resource Initialization Manager
May 02, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this