CVE-2012-4817

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via unspecified vectors.

Published: Sep 15, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-4817
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / vios	2.2.0.13	2.2.0.13.x
ibm / vios	2.1.2.12	2.1.2.12.x
ibm / aix	5.3	5.3.x
ibm / vios	2.1.0.0	2.1.0.0.x
ibm / vios	2.2.1.0	2.2.1.0.x
ibm / vios	2.2.0.11	2.2.0.11.x
ibm / aix	7.1	7.1.x
ibm / vios	2.2.0.12	2.2.0.12.x
ibm / aix	6.1	6.1.x
ibm / vios	2.2.1.1	2.2.1.1.x
ibm / vios	2.1.2.10	2.1.2.10.x
ibm / vios	2.1.3.10	2.1.3.10.x
ibm / vios	2.2.1.3	2.2.1.3.x
ibm / vios	2.2.0.10	2.2.0.10.x
ibm / vios	2.1.2.13	2.1.2.13.x
ibm / vios	2.2.1.4	2.2.1.4.x
ibm / vios	1.5.1.1	1.5.1.1.x
ibm / vios	1.4.1.2	1.4.1.2.x
ibm / vios	1.5.2.6	1.5.2.6.x
ibm / vios	1.5.2.1	1.5.2.1.x

http://aix.software.ibm.com/aix/efixes/security/nfsv4_advisory1.asc
http://osvdb.org/85427
http://secunia.com/advisories/50619
http://www.ibm.com/support/docview.wss?uid=isg1IV10327
http://www.ibm.com/support/docview.wss?uid=isg1IV11629
http://www.ibm.com/support/docview.wss?uid=isg1IV12169
http://www.ibm.com/support/docview.wss?uid=isg1IV17855
http://www.ibm.com/support/docview.wss?uid=isg1IV26436
http://www.securityfocus.com/bid/55546
http://www.securitytracker.com/id?1027531
https://exchange.xforce.ibmcloud.com/vulnerabilities/78431

Vulnerability Database

289,697

CVE-2012-4817