Oval Definition:oval:org.cisecurity:def:1395
Revision Date:2016-12-09Version:12
Title:Vulnerabilities in OpenSSH affect AIX
Description:An attacker can measure timing differences in password authentication that could be used to discern valid from invalid account names when long passwords were sent and particular password hashing algorithms are in use on the server.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-6210
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND File Version Exists
  • openssh.base.server greater than or equal 4.0.0.5200
  • AND openssh.base.server less than or equal 6.0.0.6202
  • AND NOT Interim fix 6202_ifix.160830 (vuid: 00F850C34C00083001083216) is installed
    • BACK