Oval Definition:oval:org.mitre.oval:def:29329
Revision Date:2016-04-15Version:17
Title:Vulnerabilities in OpenSSL affect AIX
Description:A previously published vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as 'Logjam'. AIX OpenSSL had the Logjam mitigation for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit has now been increased to 1024 bits.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2015-4000
Platform(s):IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis
  • platforms
  • IBM AIX 6.1 is installed
  • OR IBM AIX 7.1 is installed
  • AND filesets
  • File Version Exists
  • openssl.base greater than or equal 1.0.1.500
  • AND openssl.base less than or equal 1.0.1.515
  • AND NOT Interim fix IV81287m9a (vuid: 00F850C34C00021103023416) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 0.9.8.401
  • AND openssl.base less than or equal 0.9.8.2506
  • AND NOT Interim fix IV81287m9b (vuid: 00F850C34C00021103021916) is installed
  • OR File Version Exists
  • openssl.base greater than or equal 12.9.8.1100
  • AND openssl.base less than or equal 12.9.8.2506
  • AND NOT Interim fix IV81287m9c (vuid: 00F850C34C00021103024116) is installed
    • BACK