PUBLISH DATE: DECEMBER 17, 2018
This is a vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel RPC). This vulnerability can be easily exploited, allowing an unauthenticated attacker with network access via multiple protocols to compromise Solaris. While the vulnerability resides in Solaris, attacks may signiﬁcantly impact additional products.
Successful attacks of this vulnerability can result in takeover of Solaris.
An attacker can exploit this issue to execute arbitrary code within the context of the target server.
System access, Remote code execution
IBM Virtual I/O Server versions 2.2.x.
IBM AIX version 5.3
IBM AIX version 6.1
IBM AIX version 7.1
IBM AIX version 7.2
Apply ﬁxes according to vendor’s advisory.