Oval Definition:oval:org.mitre.oval:def:6318
Revision Date:2009-11-30Version:10
Title:AIX NFSv4 Kerberos vulnerability
Description:gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-3516
Platform(s):IBM AIX 5.3
IBM AIX 6.1
Product(s):
Definition Synopsis
  • AND
  • IBM AIX 5300-07 is installed
  • AND NOT All filesets for APAR IZ50496 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 5.3.7.0
  • AND Fileset bos.net.nfs.client is less than or equal 5.3.7.8
  • OR
  • IBM AIX 5300-08 is installed
  • AND NOT All filesets for APAR IZ50444 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 5.3.8.0
  • AND Fileset bos.net.nfs.client is less than or equal 5.3.8.6
  • OR
  • IBM AIX 5300-09 is installed
  • AND NOT All filesets for APAR IZ50399 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 5.3.9.0
  • AND Fileset bos.net.nfs.client is less than or equal 5.3.9.2
  • OR
  • IBM AIX 6100-00 is installed
  • AND NOT All filesets for APAR IZ49278 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 6.1.0.0
  • AND Fileset bos.net.nfs.client is less than or equal 6.1.0.8
  • OR
  • IBM AIX 6100-01 is installed
  • AND NOT All filesets for APAR IZ49096 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 6.1.1.0
  • AND Fileset bos.net.nfs.client is less than or equal 6.1.1.4
  • OR
  • IBM AIX 6100-02 is installed
  • AND NOT All filesets for APAR IZ49024 are installed
  • AND Fileset bos.net.nfs.client is greater than or equal 6.1.2.0
  • AND Fileset bos.net.nfs.client is less than or equal 6.1.2.3
    • BACK