Lucene search

[email protected]NVD:CVE-2009-3516

HistoryOct 01, 2009 - 3:30 p.m.

CVE-2009-3516

2009-10-0115:30:00

CWE-255

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.

Affected configurations

NVD

Node

ibmaixMatch5.3.0

ibmaixMatch5.3.7

ibmaixMatch5.3.8

ibmaixMatch6.1

ibmaixMatch6.1.0

ibmaixMatch6.1.1

ibmaixMatch6.1.2

References

aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc

www-01.ibm.com/support/docview.wss?uid=isg1IZ49024

www-01.ibm.com/support/docview.wss?uid=isg1IZ49096

www-01.ibm.com/support/docview.wss?uid=isg1IZ49278

www-01.ibm.com/support/docview.wss?uid=isg1IZ50399

www-01.ibm.com/support/docview.wss?uid=isg1IZ50444

www-01.ibm.com/support/docview.wss?uid=isg1IZ50496

www.securityfocus.com/bid/36545

www.vupen.com/english/advisories/2009/2788

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6318

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2009-3516

prion1 cvelist1 cve1 nessus6