Oval Definition:oval:org.mitre.oval:def:28755
Revision Date:2015-07-13Version:19
Title:Network Time Protocol (NTP) vulnerability in AIX
Description:The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-9293
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND filesets
  • File Version Exists
  • bos.net.tcp.client greater than or equal 5.3.12.0
  • AND bos.net.tcp.client less than or equal 5.3.12.10
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 6.1.8.0
  • AND bos.net.tcp.client less than or equal 7.1.2.19
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 6.1.9.0
  • AND bos.net.tcp.client less than or equal 6.1.9.30
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 7.1.2.0
  • AND bos.net.tcp.client less than or equal 7.1.2.19
  • OR File Version Exists
  • bos.net.tcp.client greater than or equal 7.1.3.0
  • AND bos.net.tcp.client less than or equal 7.1.3.30
    • BACK