The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 up to and including 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm aix 7.1 |
||
ibm aix 5.3 |
||
ibm aix 6.1 |
||
ibm vios 2.1.0.10 |
||
ibm vios 2.1.2.12 |
||
ibm vios 2.2.1.0 |
||
ibm vios 2.2.0.12 |
||
ibm vios 2.2.0.13 |
||
ibm vios 2.2.0.10 |
||
ibm vios 2.2.0.11 |
||
ibm vios 2.2.1.1 |
||
ibm vios 2.1.2.13 |
||
ibm vios 2.1.3.10 |
||
ibm vios 2.2.1.3 |
Vulmon