IBM AIX secldapclntd Unauthorized Data Access Vulnerability

info
discussion
exploit
solution
references

IBM AIX secldapclntd Unauthorized Data Access Vulnerability

A vulnerability has been reported for IBM AIX systems using LDAP. The vulnerability exists in the secldapclntd service.

An attacker can exploit this vulnerability by crafting a special LDAP message which would allow an attacker to gain unauthorized access to data. In some cases it may be possible for a remote attacker to modify user accounts on the LDAP server.