Vulnerability Name:

CVE-2012-0745 (CCN-74679)

Assigned:2012-05-03
Published:2012-05-03
Updated:2017-12-07
Summary:The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
6.2 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.9 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
6.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: IBM SECURITY ADVISORY
Vulnerability in LDAP Authentication

Source: CONFIRM
Type: Vendor Advisory
http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory2.asc

Source: MITRE
Type: CNA
CVE-2012-0745

Source: OSVDB
Type: UNKNOWN
81683

Source: CCN
Type: SA49073
IBM AIX "getpwnam()" LDAP Filtering Privilege Escalation Vulnerability

Source: SECUNIA
Type: UNKNOWN
49073

Source: AIXAPAR
Type: Vendor Advisory
IV18464

Source: CCN
Type: IBM APAR IV18464
Potential Security Issue with getpwnam function using LDAP

Source: AIXAPAR
Type: Vendor Advisory
IV18637

Source: CCN
Type: IBM APAR IV18637
Potential Security Issue with getpwnam function using LDAP

Source: AIXAPAR
Type: Vendor Advisory
IV18638

Source: AIXAPAR
Type: Vendor Advisory
IV19077

Source: CCN
Type: IBM APAR IV19077
Potential Security Issue with getpwnam function using LDAP

Source: AIXAPAR
Type: Vendor Advisory
IV19097

Source: AIXAPAR
Type: Vendor Advisory
IV19098

Source: CCN
Type: OSVDB ID: 81683
IBM AIX LDAP Authentication getpwnam() Function Local Privilege Escalation

Source: BID
Type: UNKNOWN
53393

Source: CCN
Type: BID-53393
IBM AIX 'getpwnam()' Local Privilege Escalation Vulnerability

Source: SECTRACK
Type: UNKNOWN
1027021

Source: XF
Type: UNKNOWN
aix-getpwnam-privilege-escalation(74679)

Source: XF
Type: UNKNOWN
aix-getpwnam-privilege-escalation(74679)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:ibm:aix:5.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:ibm:vios:2.1.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.1.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.1.2.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.1.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:2.2.1.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:20147
    V
    		Vulnerability in LDAP Authentication
    2014-01-20
    BACK
    ibm aix 5.3
    ibm aix 6.1
    ibm aix 7.1
    ibm vios 2.1.0.10
    ibm vios 2.1.2.12
    ibm vios 2.1.2.13
    ibm vios 2.1.3.10
    ibm vios 2.2.0.10
    ibm vios 2.2.0.11
    ibm vios 2.2.0.12
    ibm vios 2.2.0.13
    ibm vios 2.2.1.0
    ibm vios 2.2.1.1
    ibm vios 2.2.1.3