Oval Definition:	oval:org.cisecurity:def:400
Revision Date: 2016-03-11 Version: 9 Title: Network Time Protocol (NTP) vulnerability in AIX Description: Network Time Protocol (NTP) is vulnerable to a buffer overflow, caused by improper bounds checking by the refclock of ntpd. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2015-7853 Platform(s): IBM AIX 6.1 IBM AIX 7.1 Product(s): Definition Synopsis IBM AIX 6100-09 meets CVE-2015-7853 IBM AIX 6100-09 is installed AND NOT All filesets for APAR IV79942 are installed OR IBM AIX 7100-03 meets CVE-2015-7853 IBM AIX 7100-03 is installed AND NOT All filesets for APAR IV79943 are installed OR IBM AIX 7100-04 meets CVE-2015-7853 IBM AIX 7100-04 is installed AND NOT All filesets for APAR IV79944 are installed
BACK