CVE-2009-3516 Information

Feb 14, 2021 cve

Description

gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.

Reference

http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc http://www.securityfocus.com/bid/36545 http://www.vupen.com/english/advisories/2009/2788 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49024 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49096 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49278 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50399 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50444 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50496 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6318

Share on: