Oval Definition:	oval:org.cisecurity:def:267
Revision Date: 2016-02-08 Version: 10 Title: AIX sshd Vulnerability Description: The monitor component in sshd accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2015-6563 Platform(s): IBM AIX 6.1 IBM AIX 7.1 Product(s): Definition Synopsis platforms IBM AIX 6.1 is installed OR IBM AIX 7.1 is installed AND File Version Exists openssh.base.server greater than or equal 4.0.0.5200 AND openssh.base.server less than or equal 6.0.0.6201 AND NOT Interim fix 6201_ifix.151009 (vuid: 00F850C34C00100901103415) is installed
BACK