IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
BID:22262
Info
IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
| Bugtraq ID: | 22262 |
| Class: | Design Error |
| CVE: |
CVE-2007-0618 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 26 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | The vendor disclosed this vulnerability. |
| Vulnerable: |
IBM AIX 5.3 |
| Not Vulnerable: | |
Discussion
IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
IBM AIX is prone to an authentication-bypass vulnerability because it fails to effectively verify user credentials during the authentication process.
Exploiting this issue could allow an attacker to gain unauthorized access to the pop3, pop3s, imapd, and imapds services.
IBM AIX is prone to an authentication-bypass vulnerability because it fails to effectively verify user credentials during the authentication process.
Exploiting this issue could allow an attacker to gain unauthorized access to the pop3, pop3s, imapd, and imapds services.
Exploit / POC
IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
An attacker can exploit this issue using standarad networking tools.
An attacker can exploit this issue using standarad networking tools.
Solution / Fix
IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
Solution:
The vendor has released updates to address this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
IBM AIX 5.3
Solution:
The vendor has released updates to address this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
IBM AIX 5.3
-
IBM pop3d_ifix.tar.Z
ftp://aix.software.ibm.com/aix/efixes/security/pop3d_ifix.tar.Z
References
IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
References:
References:
- AIX Homepage (IBM)