Oval Definition:oval:org.cisecurity:def:373
Revision Date:2016-02-08Version:10
Title:AIX Logjam Vulnerability
Description:The ASN1_TFLG_COMBINE implementation in OpenSSL mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2015-3195
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND filesets
  • File Version Exists
  • openssl.base greater than or equal 1.0.1.500
  • AND openssl.base less than or equal 1.0.1.515
  • AND NOT Interim fix 101_ifix.151218 (vuid: 00F850C34C00121802123315) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 0.9.8.401
  • AND openssl.base less than or equal 0.9.8.2506
  • AND NOT Interim fix 098_ifix.151218 (vuid: 00F850C34C00121803122115) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 12.9.8.1100
  • AND openssl.base less than or equal 12.9.8.2506
  • AND NOT Interim fix 1298_ifix.151218 (vuid: 00F850C34C00121803125215) is installed
    • BACK