This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote AIX host has a version of NAS installed that is affected by
The version of the Network Authentication Service (NAS) installed on
the remote AIX host is affected by the following vulnerabilities
related to Kerberos 5 :
- An attacker can cause a denial of service (buffer
over-read and application crash) by injecting invalid
tokens into a GSSAPI application session.
- An attacker with the ability to spoof packets appearing
to be from a GSSAPI acceptor can cause a denial of
service or execute arbitrary code by using a double-free
condition in GSSAPI initiators (clients) which are using
the SPNEGO mechanism, by returning a different
underlying mechanism than was proposed by the initiator.
- An attacker can cause a denial of service through a NULL
pointer dereference and application crash during a
SPNEGO negotiation, by sending an empty token as the
second or later context token from initiator to
See also :
A fix is available and can be downloaded from the AIX website.
If the NAS fileset level is at 188.8.131.52, then apply the ifix
If the NAS fileset level is at 184.108.40.206, then apply the ifix
If the NAS fileset level is at 220.127.116.11/18.104.22.168, then upgrade to
fileset level 22.214.171.124 and apply the ifix '1601_fix.140813.epkg.Z'.
For other fileset levels, upgrade to fileset level 126.96.36.199 and apply
the ifix '1506_fix.140813.epkg.Z'.
These fixes will also be part of the next filesets of NAS versions
188.8.131.52 and 184.108.40.206.
These filesets will be made available by 14th November 2014 and can be
downloaded from the AIX website.
To extract the fixes from the tar file, use the commands :
tar xvf nas1_fix.tar
IMPORTANT : If possible, it is recommended that a mksysb backup of the
system be created. Verify that it is both bootable and readable before
To preview the fix installation, use the command :
installp -a - fix_name -p all
To install the fix package, use the command :
installp -a - fix_name -X all
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 5.8
Public Exploit Available : false