OVAL Reference oval:org.cisecurity:def:1397

Oval Definition:

oval:org.cisecurity:def:1397

Revision Date:	2016-12-09	Version:	12
Title:	Vulnerabilities in OpenSSH affect AIX
Description:	When the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2015-8325
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis
platforms IBM AIX 6.1 is installed OR IBM AIX 7.1 is installed AND File Version Exists openssh.base.server greater than or equal 4.0.0.5200 AND openssh.base.server less than or equal 6.0.0.6202 AND NOT Interim fix 6202_ifix.160830 (vuid: 00F850C34C00083001083216) is installed