Oval Definition:oval:org.cisecurity:def:1510
Revision Date:2017-01-06Version:8
Title:Vulnerabilities in NTP affect AIX
Description:NTP is vulnerable to a denial of service, caused by the improper handling of packets. By sending specially crafted CRYPTO_NAK packets to an ephemeral peer target prior to a response being sent, a remote attacker could exploit this vulnerability to demobilize the ephemeral association.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-4953
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND filesets
  • File Version Exists
  • bos.net.tcp.client greater than or equal 5.3.12.0
  • AND bos.net.tcp.client less than or equal 5.3.12.10
  • AND NOT Interim fix IV87614m9a.160901 (vuid: 00F850C34C00090106092816) is installed
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 6.1.9.0
  • AND bos.net.tcp.client less than or equal 6.1.9.102
  • AND NOT Interim fix IV87419m7a.160901 (vuid: 00F850C34C00090106091416) is installed
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 7.1.3.0
  • AND bos.net.tcp.client less than or equal 7.1.3.47
  • AND NOT Interim fix IV87615m7a.160901 (vuid: 00F850C34C00090106090416) is installed
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 7.1.4.0
  • AND bos.net.tcp.client less than or equal 7.1.4.1
  • AND NOT Interim fix IV87420m2a.160901 (vuid: 00F850C34C00090106092116) is installed
  • OR File Version Exists
  • ntp.rte greater than or equal 6.1.6.0
  • AND ntp.rte less than or equal 6.1.6.7
  • AND NOT Interim fix IV87278s7a.160901 (vuid: 00F850C34C00090107093916) is installed
  • OR File Version Exists
  • ntp.rte greater than or equal 7.1.0.0
  • AND ntp.rte less than or equal 7.1.0.7
  • AND NOT Interim fix IV87279s7a.160901 (vuid: 00F850C34C00090106095116) is installed
    • BACK