CVE-2001-1079

Name of the Vulnerable Software and Affected Versions PSSP versions 3.2

Description The issue concerns the creation of keyfile directories with world-writable permissions by the create keyfiles function in PSSP when used with DCE 3.1 authentication on AIX. This could allow a local user to delete key files, resulting in a denial of service.

Recommendations For PSSP version 3.2, consider changing the permissions of the keyfile directories to prevent world-writable access as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.