Vulnerabilities > CVE-2009-3517 - Unspecified vulnerability in IBM AIX
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ibm
nessus
Summary
nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 7 |
Nessus
NASL family AIX Local Security Checks NASL id AIX_U825202.NASL description The remote host is missing AIX PTF U825202, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39706 published 2009-07-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39706 title AIX 5.3 TL 9 : bos.net.nfs.client (U825202) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U825202. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(39706); script_version ("1.4"); script_cvs_date("Date: 2019/09/16 14:12:54"); script_cve_id("CVE-2009-3516", "CVE-2009-3517"); script_name(english:"AIX 5.3 TL 9 : bos.net.nfs.client (U825202)"); script_summary(english:"Check for PTF U825202"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U825202, which is related to the security of the package bos.net.nfs.client." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50399" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(255); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:5.3"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/30"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"530009", patch:"U825202", package:"bos.net.nfs.client.5.3.9.3") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family AIX Local Security Checks NASL id AIX_U823931.NASL description The remote host is missing AIX PTF U823931, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39079 published 2009-06-04 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39079 title AIX 6.1 TL 1 : bos.net.nfs.client (U823931) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were extracted # from AIX Security PTF U823931. The text itself is copyright (C) # International Business Machines Corp. # include("compat.inc"); if (description) { script_id(39079); script_version ("1.4"); script_cvs_date("Date: 2019/09/16 14:12:53"); script_cve_id("CVE-2009-3516", "CVE-2009-3517"); script_name(english:"AIX 6.1 TL 1 : bos.net.nfs.client (U823931)"); script_summary(english:"Check for PTF U823931"); script_set_attribute( attribute:"synopsis", value:"The remote AIX host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "The remote host is missing AIX PTF U823931, which is related to the security of the package bos.net.nfs.client." ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49052" ); script_set_attribute( attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49096" ); script_set_attribute( attribute:"solution", value:"Install the appropriate missing security-related fix." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(255); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix:6.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/04/13"); script_set_attribute(attribute:"patch_publication_date", value:"2009/04/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/04"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"AIX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AIX/oslevel", "Host/AIX/version", "Host/AIX/lslpp"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("aix.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if ( ! get_kb_item("Host/AIX/version") ) audit(AUDIT_OS_NOT, "AIX"); if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if ( aix_check_patch(ml:"610001", patch:"U823931", package:"bos.net.nfs.client.6.1.1.5") < 0 ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family AIX Local Security Checks NASL id AIX_U825042.NASL description The remote host is missing AIX PTF U825042, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39637 published 2009-07-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39637 title AIX 5.3 TL 7 : bos.net.nfs.client (U825042) NASL family AIX Local Security Checks NASL id AIX_U823848.NASL description The remote host is missing AIX PTF U823848, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39026 published 2009-06-04 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39026 title AIX 6.1 : bos.net.nfs.client (U823848) NASL family AIX Local Security Checks NASL id AIX_U825103.NASL description The remote host is missing AIX PTF U825103, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39666 published 2009-07-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39666 title AIX 5.3 TL 8 : bos.net.nfs.client (U825103) NASL family AIX Local Security Checks NASL id AIX_U824054.NASL description The remote host is missing AIX PTF U824054, which is related to the security of the package bos.net.nfs.client. last seen 2020-06-01 modified 2020-06-02 plugin id 39136 published 2009-06-04 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39136 title AIX 6.1 TL 2 : bos.net.nfs.client (U824054)
Oval
| accepted | 2009-11-30T04:00:35.147-05:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | nfs.ext in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly use the nfs_portmon setting, which allows remote attackers to bypass intended access restrictions for NFSv4 shares via unspecified vectors. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:6366 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2009-10-09T14:55:01.000-04:00 | ||||||||||||||||||||||||
| title | AIX NFSv4 nfs_portmon vulnerability | ||||||||||||||||||||||||
| version | 42 |
References
- http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc
- http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc
- http://www.securityfocus.com/bid/36544
- http://www.securityfocus.com/bid/36544
- http://www.vupen.com/english/advisories/2009/2788
- http://www.vupen.com/english/advisories/2009/2788
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49024
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49024
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49096
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49096
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49278
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49278
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50399
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50399
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50444
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50444
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50496
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50496
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6366
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6366