CVE-2012-4817
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
Low
0.051 Low
EPSS
Percentile
93.0%
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.
Affected configurations
References
aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc
osvdb.org/85427
secunia.com/advisories/50619
www.ibm.com/support/docview.wss?uid=isg1IV10327
www.ibm.com/support/docview.wss?uid=isg1IV11629
www.ibm.com/support/docview.wss?uid=isg1IV12169
www.ibm.com/support/docview.wss?uid=isg1IV17855
www.ibm.com/support/docview.wss?uid=isg1IV26436
www.securityfocus.com/bid/55546
www.securitytracker.com/id?1027531
exchange.xforce.ibmcloud.com/vulnerabilities/78431
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.6 Medium
AI Score
Confidence
Low
0.051 Low
EPSS
Percentile
93.0%