AIX NAS Advisory : nas_advisory2.asc

Low Nessus Plugin ID 81022

Synopsis

The remote AIX host has a version of NAS installed that is affected by an information disclosure vulnerability.

Description

The version of the Network Authentication Service (NAS) installed on the remote AIX host is affected by a vulnerability related to Kerberos 5 which allows authenticated users to retrieve current keys, which can be used to forge tickets.

Solution

A fix is available and can be downloaded from the AIX website.

If the NAS fileset level is below 1.5.0.7, then install version 1.5.0.7.

If the NAS fileset level is at 1.6.0.0 through 1.6.0.1, then install version 1.6.0.2. The 1.6.0.X branch is a separate release branch for NAS SPNEGO feature.

To extract the fixes from the tar file, use the command :
zcat NAS_1.X.0.X_aix_image.tar.Z | tar xvf -

IMPORTANT : If possible, it is recommended that a mksysb backup of the system be created. Verify that it is both bootable and readable before proceeding.

To preview the fix installation, use the command :

installp -a - fix_name -p all

To install the fix package, use the command :

installp -a - fix_name -X all

See Also

http://aix.software.ibm.com/aix/efixes/security/nas_advisory2.asc

http://www.nessus.org/u?6b39d08f

Plugin Details

Severity: Low

ID: 81022

File Name: aix_nas_advisory2.nasl

Version: $Revision: 1.4 $

Type: local

Published: 2015/01/27

Modified: 2016/11/11

Dependencies: 12634

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 2.1

Temporal Score: 1.8

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:ibm:aix, cpe:/a:mit:kerberos

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/01/20

Vulnerability Publication Date: 2014/09/21

Reference Information

CVE: CVE-2014-5351

BID: 70380

OSVDB: 111907

CWE: 415