From proff  Wed Jul 24 12:56:06 1996
Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id MAA10766 for best-of-security; Wed, 24 Jul 1996 12:56:06 +1000
Received: from brimstone.netspace.org ([128.148.157.143]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id IAA00426 for <proff@SUBURBIA.NET>; Wed, 24 Jul 1996 08:05:41 +1000
Received: from netspace.org ([128.148.157.6]) by brimstone.netspace.org with ESMTP id <24050-3188>; Tue, 23 Jul 1996 18:04:13 -0500
Received: from netspace.org (netspace [128.148.157.6]) by netspace.org (8.7/8.6.12) with SMTP id SAA00409; Tue, 23 Jul 1996 18:00:57 -0400
Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8b) with
          spool id 196370 for BUGTRAQ@NETSPACE.ORG; Tue, 23 Jul 1996 17:51:12
          -0400
Received: from netspace.org (netspace [128.148.157.6]) by netspace.org
          (8.7/8.6.12) with SMTP id RAA31096 for <BUGTRAQ@NETSPACE.ORG>; Tue,
          23 Jul 1996 17:38:19 -0400
Approved-By: ALEPH1@UNDERGROUND.ORG
Received: from intrepid.somers.hqregion.ibm.com (ers-fw.ers.ibm.com
          [204.146.173.34]) by netspace.org (8.7/8.6.12) with ESMTP id OAA07743
          for <BUGTRAQ@netspace.org>; Tue, 23 Jul 1996 14:25:59 -0400
Received: from localhost (davy@localhost [127.0.0.1]) by
          intrepid.somers.hqregion.ibm.com (8.7.5/4.4davy) with ESMTP id
          OAA17421; Tue, 23 Jul 1996 14:28:40 -0400 (EDT)
Approved-By:  "David A. Curry" <davy@VNET.IBM.COM>
Message-ID: <199607231828.OAA17421@intrepid.somers.hqregion.ibm.com>
Date: 	Tue, 23 Jul 1996 14:28:30 EDT
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
Sender: proff
From: "David A. Curry" <davy@vnet.ibm.com>
Subject:      Re: vulnerability in vi under AIX 3.2
X-To:         Marina Buitrago Bravo <buitrago@cica.es>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To:  Message from Marina Buitrago Bravo of "Tue, 23 Jul 1996 09:53:49
              -0000"

     From:  Marina Buitrago Bravo <buitrago@cica.es>
     Date:      Tue, 23 Jul 1996 09:53:49 +0000
     Subject:       vulnerability in vi under AIX 3.2

     Hello all. I have found out that under AIX 3.2 the vi editor interprets
     the file ./.exrc, even if you are root and this file is not owned by you.
     This vulnerability seems rather obvious to me, do you know if a patch
     exists for this?

According to the AIX Security Development team, this was fixed in APAR IX44685,
released in June 1994.

Contact your IBM representative to obtain a copy of this fix.

--Dave

--
David A. Curry                          IBM Internet Emergency Response Service
Senior Internet Security Analyst        Long Meadow Road, M/S 223
Information Warfare Center              Sterling Forest, NY 10979 U.S.A.
davy@vnet.ibm.com                       +1 914 759-4452