Oval Definition:oval:org.cisecurity:def:434
Revision Date:2016-05-14Version:11
Title:Vulnerabilities in OpenSSL affect AIX
Description:A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been disabled, provided that the SSLv2 protocol was not disabled via SSL_OP_NO_SSLv2.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2015-3197
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND filesets
  • File Version Exists
  • openssl.base greater than or equal 1.0.1.500
  • AND openssl.base less than or equal 1.0.1.515
  • AND NOT Interim fix IV81287m9a (vuid: 00F850C34C00021103023416) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 0.9.8.401
  • AND openssl.base less than or equal 0.9.8.2506
  • AND NOT Interim fix IV81287m9b (vuid: 00F850C34C00021103021916) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 12.9.8.1100
  • AND openssl.base less than or equal 12.9.8.2506
  • AND NOT Interim fix IV81287m9c (vuid: 00F850C34C00021103024116) is installed
    • BACK