CVE-2012-0745

The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmaix
5.3
ibmaix
6.1
ibmaix
7.1
ibmvios
2.1.0.10
ibmvios
2.1.2.12
ibmvios
2.1.2.13
ibmvios
2.1.3.10
ibmvios
2.2.0.10
ibmvios
2.2.0.11
ibmvios
2.2.0.12
ibmvios
2.2.0.13
ibmvios
2.2.1.0
ibmvios
2.2.1.1
ibmvios
2.2.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory2.asc
http://osvdb.org/81683
http://secunia.com/advisories/49073
http://www.ibm.com/support/docview.wss?uid=isg1IV18464
http://www.ibm.com/support/docview.wss?uid=isg1IV18637
http://www.ibm.com/support/docview.wss?uid=isg1IV18638
http://www.ibm.com/support/docview.wss?uid=isg1IV19077
http://www.ibm.com/support/docview.wss?uid=isg1IV19097
http://www.ibm.com/support/docview.wss?uid=isg1IV19098
http://www.securityfocus.com/bid/53393
http://www.securitytracker.com/id?1027021
https://exchange.xforce.ibmcloud.com/vulnerabilities/74679
http://aix.software.ibm.com/aix/efixes/security/ldapauth_advisory2.asc
http://osvdb.org/81683
http://secunia.com/advisories/49073
http://www.ibm.com/support/docview.wss?uid=isg1IV18464
http://www.ibm.com/support/docview.wss?uid=isg1IV18637
http://www.ibm.com/support/docview.wss?uid=isg1IV18638
http://www.ibm.com/support/docview.wss?uid=isg1IV19077
http://www.ibm.com/support/docview.wss?uid=isg1IV19097
http://www.ibm.com/support/docview.wss?uid=isg1IV19098
http://www.securityfocus.com/bid/53393
http://www.securitytracker.com/id?1027021
https://exchange.xforce.ibmcloud.com/vulnerabilities/74679