Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4817

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4817
Last Modified 04 Apr 2013 11:13:44
Published 14 Sep 2012 07:55:15
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4817

Summary

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

Vulnerable Systems

Operating System

  • Ibm Aix 5.3

  • Ibm Aix 6.1

  • Ibm Aix 7.1

  • Ibm Vios 1.4.1.2

  • Ibm Vios 1.5.1.1

  • Ibm Vios 1.5.2.1

  • Ibm Vios 1.5.2.6

  • Ibm Vios 2.1.0.0

  • Ibm Vios 2.1.2.10

  • Ibm Vios 2.1.2.12

  • Ibm Vios 2.1.2.13

  • Ibm Vios 2.1.3.10

  • Ibm Vios 2.2.0.10

  • Ibm Vios 2.2.0.11

  • Ibm Vios 2.2.0.12

  • Ibm Vios 2.2.0.13

  • Ibm Vios 2.2.1.0

  • Ibm Vios 2.2.1.1

  • Ibm Vios 2.2.1.3

  • Ibm Vios 2.2.1.4


References

XF - aix-nfsv4-gid-dos(78431)

AIXAPAR - IV26436

AIXAPAR - IV17855

AIXAPAR - IV12169

AIXAPAR - IV11629

AIXAPAR - IV10327

CONFIRM - http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc

SECTRACK - 1027531

BID - 55546

SECUNIA - 50619

OSVDB - 85427


Last Updated: 27 May 2016 11:00:42