Vulnerability Name:

CVE-2009-3516 (CCN-53523)

Assigned:2009-09-29
Published:2009-09-29
Updated:2017-09-19
Summary:gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
1.9 Low (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N)
1.4 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-255
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: IBM SECURITY ADVISORY
AIX NFSv4 nfs_portmon and Kerberos vulnerabilities

Source: CONFIRM
Type: Patch, Vendor Advisory
http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc

Source: MITRE
Type: CNA
CVE-2009-3516

Source: CCN
Type: SA36894
IBM AIX NFSv4 Two Vulnerabilities

Source: AIXAPAR
Type: Vendor Advisory
IZ49024

Source: AIXAPAR
Type: Vendor Advisory
IZ49096

Source: AIXAPAR
Type: Vendor Advisory
IZ49278

Source: AIXAPAR
Type: Vendor Advisory
IZ50399

Source: AIXAPAR
Type: UNKNOWN
IZ50444

Source: AIXAPAR
Type: Vendor Advisory
IZ50496

Source: CCN
Type: OSVDB ID: 58409
IBM AIX gssd NFSv4 Kerberos Credential Cache Network Share Local Access Restriction Bypass

Source: BID
Type: Patch
36545

Source: CCN
Type: BID-36545
IBM AIX 'gssd' Kerberos Credential Cache Local Unauthorized Access Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2009-2788

Source: XF
Type: UNKNOWN
aix-nsfv4-unauth-access(53523)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6318

Vulnerable Configuration:Configuration 1:
  • cpe:/o:ibm:aix:5.3.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:ibm:aix:5.3.7:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.8:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:5.3.9:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:6.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:6318
    V
    		AIX NFSv4 Kerberos vulnerability
    2009-11-30
    BACK
    ibm aix 5.3.0
    ibm aix 5.3.7
    ibm aix 5.3.8
    ibm aix 6.1
    ibm aix 6.1.0
    ibm aix 6.1.1
    ibm aix 6.1.2
    ibm aix 5.3.7
    ibm aix 5.3.8
    ibm aix 6.1.1
    ibm aix 6.1.2
    ibm aix 5.3.9
    ibm aix 6.1.0