{"vuid":"VU#249491","idnumber":"249491","name":"IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules","keywords":["IBM","AIX","login","invalid password","loadable authentication module","privilege escalation","IY26302"],"overview":"There is a remotely exploitable flaw in IBM's AIX 5.1L login when using loadable authentication modules. This does not affect AIX 4.3 and earlier.","clean_desc":"IBM AIX 5.1L login, with loadable authentication modules enabled and some non-default configurations, will permit users to login with an invalid password. This can be used to gain root access to the system. IBM AIX 4.3 and earlier are not affected by this vulnerability. IBM has issued an advisory addressing this issue.","impact":"An intruder can gain root access to the system.","resolution":"IBM has issued an advisory and assigned this issue APAR #IY26302.","workarounds":"Disable integrated login permissions.","sysaffected":"","thanks":"Our thanks to IBM for the information contained in their advisory.","author":"This document was written by Jason Rafail.","public":["h","t","t","p",":","/","/","w","w","w","-","1",".","i","b","m",".","c","o","m","/","s","e","r","v","i","c","e","s","/","c","o","n","t","i","n","u","i","t","y","/","r","e","c","o","v","e","r","1",".","n","s","f","/","M","S","S","/","M","S","S","-","O","A","R","-","E","0","1","-","2","0","0","1",".","6","0","3",".","1"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-12-21T17:35:14Z","publicdate":"2001-12-19T00:00:00Z","datefirstpublished":"2001-12-21T21:12:18Z","dateupdated":"2001-12-21T21:12:20Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"7","cam_impact":"20","cam_easeofexploitation":"18","cam_attackeraccessrequired":"20","cam_scorecurrent":"28.35","cam_scorecurrentwidelyknown":"33.075","cam_scorecurrentwidelyknownexploited":"51.975","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":28.35,"vulnote":null}