Lucene search

MitreCVELIST:CVE-2009-3516

HistoryOct 01, 2009 - 3:00 p.m.

CVE-2009-3516

2009-10-0115:00:00

mitre

www.cve.org

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.

References

aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc

www-01.ibm.com/support/docview.wss?uid=isg1IZ49024

www-01.ibm.com/support/docview.wss?uid=isg1IZ49096

www-01.ibm.com/support/docview.wss?uid=isg1IZ49278

www-01.ibm.com/support/docview.wss?uid=isg1IZ50399

www-01.ibm.com/support/docview.wss?uid=isg1IZ50444

www-01.ibm.com/support/docview.wss?uid=isg1IZ50496

www.securityfocus.com/bid/36545

www.vupen.com/english/advisories/2009/2788

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6318