PT-2011-3218 · Ibm · Ibm Aix
Publicado
2011-04-05
·
Atualizado
2011-04-05
·
CVE-2011-1561
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM AIX version 6.1 with bos.rte.security version 6.1.6.4
Description
The issue concerns the LDAP login feature in IBM AIX. When ldap auth is enabled in ldap.cfg, it allows remote attackers to bypass authentication by attempting a login with an arbitrary password.
Recommendations
For IBM AIX version 6.1 with bos.rte.security version 6.1.6.4, consider disabling the LDAP login feature until a fix is available. Restrict access to the ldap auth configuration in ldap.cfg to minimize the risk of exploitation.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Aix