gssd in IBM AIX 5.3.x through 5.3.9 and 6.1.0 through 6.1.2 does not properly handle the NFSv4 Kerberos credential cache, which allows local users to bypass intended access restrictions for Kerberized NFSv4 shares via unspecified vectors.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.vupen.com/english/advisories/2009/2788 | vdb-entry x_refsource_VUPEN |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50496 | vendor-advisory x_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50444 | vendor-advisory x_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ50399 | vendor-advisory x_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49278 | vendor-advisory x_refsource_AIXAPAR |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6318 | vdb-entry signature x_refsource_OVAL |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49096 | vendor-advisory x_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=isg1IZ49024 | vendor-advisory x_refsource_AIXAPAR |
| http://www.securityfocus.com/bid/36545 | vdb-entry x_refsource_BID |
| http://aix.software.ibm.com/aix/efixes/security/nfs4_advisory.asc | x_refsource_CONFIRM |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|