Rapid7 Vulnerability & Exploit Database

AIX 5.3.7 - nfs4_advisory : AIX_NFSv4_nfsportmon_and_Kerberos_vulnerabilities (IZ50496)

Back to Search

AIX 5.3.7 - nfs4_advisory : AIX_NFSv4_nfsportmon_and_Kerberos_vulnerabilities (IZ50496)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
09/29/2009
Created
07/25/2018
Added
10/02/2014
Modified
10/02/2014

Description

There are two security vulnerabilities in the AIX NFSv4 (Network File System version 4) implementation. The first vulnerability is an error in the handling of the NFSv4 Kerberos credential cache. The successful exploitation of this vulnerability allows a local user to access Kerberized network shares without authorization. The second vulnerability is that the nfs_portmon tunable is not utilized correctly in NFSv4. The successful exploitation of this vulnerability allows a remote user to access network shares protected by nfs_portmon without authorization. The following commands are vulnerable: /usr/sbin/gssd /usr/lib/drivers/nfs.ext

Solution(s)

  • aix-5.3.7-aix_nfsv4_nfsportmon_and_kerberos_vulnerabilities_nfs4_advisory

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;