Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-4817

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

Published

2012-09-14T23:55:15.260

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	vios	1.4.1.2	Yes
Application	ibm	vios	1.5.1.1	Yes
Application	ibm	vios	1.5.2.1	Yes
Application	ibm	vios	1.5.2.6	Yes
Application	ibm	vios	2.1.0.0	Yes
Application	ibm	vios	2.1.2.10	Yes
Application	ibm	vios	2.1.2.12	Yes
Application	ibm	vios	2.1.2.13	Yes
Application	ibm	vios	2.1.3.10	Yes
Application	ibm	vios	2.2.0.10	Yes
Application	ibm	vios	2.2.0.11	Yes
Application	ibm	vios	2.2.0.12	Yes
Application	ibm	vios	2.2.0.13	Yes
Application	ibm	vios	2.2.1.0	Yes
Application	ibm	vios	2.2.1.1	Yes
Application	ibm	vios	2.2.1.3	Yes
Application	ibm	vios	2.2.1.4	Yes
Operating System	ibm	aix	5.3	Yes
Operating System	ibm	aix	6.1	Yes
Operating System	ibm	aix	7.1	Yes

References

http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc Vendor Advisory ([email protected])
http://osvdb.org/85427 ([email protected])
http://secunia.com/advisories/50619 ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IV10327 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IV11629 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IV12169 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IV17855 Vendor Advisory ([email protected])
http://www.ibm.com/support/docview.wss?uid=isg1IV26436 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/55546 ([email protected])
http://www.securitytracker.com/id?1027531 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/78431 ([email protected])
http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/85427 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50619 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV10327 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV11629 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV12169 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV17855 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IV26436 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/55546 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1027531 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78431 (af854a3a-2127-422b-91ae-364da2661108)