Vulnerabilities > CVE-2012-4817 - Unspecified vulnerability in IBM AIX and Vios
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 17 | |
OS | 3 |
Nessus
NASL family | AIX Local Security Checks |
NASL id | AIX_IV26436.NASL |
description | GID in NFSv4 is loosely enforced. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 63735 |
published | 2013-01-24 |
reporter | This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/63735 |
title | AIX 7.1 TL 0 : nfsv4 (IV26436) |
Seebug
bulletinFamily | exploit |
description | Bugtraq ID:55546 CVE ID:CVE-2012-4817 IBM AIX是一款商业性质的操作系统。 IBM AIX NFS客户端实现不正确处理GID值,远程攻击者可以利用漏洞使NFS服务不稳定。 0 IBM Aix 7.1.1 IBM Aix 7.1 IBM Aix 6.1.7 IBM Aix 6.1.6 IBM AIX 6.1.5 IBM AIX 6.1.4 IBM AIX 6.1.3 IBM AIX 6.1.2 IBM AIX 6.1.1 IBM AIX 5.3.10 IBM AIX 5.3.9 IBM AIX 5.3.8 IBM AIX 5.3.7 IBM AIX 5.3 L IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3.12 IBM AIX 5.3.11 IBM AIX 5.3 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc |
id | SSV:60391 |
last seen | 2017-11-19 |
modified | 2012-09-18 |
published | 2012-09-18 |
reporter | Root |
title | IBM AIX NFSv4 GID远程拒绝服务漏洞 |
References
- http://www.ibm.com/support/docview.wss?uid=isg1IV17855
- http://www.ibm.com/support/docview.wss?uid=isg1IV10327
- http://www.ibm.com/support/docview.wss?uid=isg1IV11629
- http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc
- http://www.ibm.com/support/docview.wss?uid=isg1IV26436
- http://www.ibm.com/support/docview.wss?uid=isg1IV12169
- http://www.securitytracker.com/id?1027531
- http://www.securityfocus.com/bid/55546
- http://osvdb.org/85427
- http://secunia.com/advisories/50619
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78431