AIX 5.3 TL 10 : bos.net.nfs.client (U832864)
Critical Nessus Plugin ID 46580
SynopsisThe remote AIX host is missing a vendor-supplied security patch.
DescriptionThe remote host is missing AIX PTF U832864, which is related to the security of the package bos.net.nfs.client.
An integer overflow vulnerability was reported in the rpc.pcnfsd service within the several systems. The rpc.pcnfsd daemon handles requests from PC-NFS clients for authentication services on remote machines. These services include authentication for mounting and for print spooling. The vulnerability is triggered when parsing crafted RPC requests. A remote attacker can leverage this vulnerability by sending a crafted RPC message to the target host, to potentially inject and execute arbitrary code.
SolutionInstall the appropriate missing security-related fix.