oval:org.mitre.oval:def:28927

Definition Id: oval:org.mitre.oval:def:28927
 
Oval ID: oval:org.mitre.oval:def:28927
Title: Vulnerability in IBM SDK Java JSSE affects AIX
Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
Family: unix Class: vulnerability
Reference(s): CVE-2015-2808
Version: 4
Platform(s): IBM AIX 6.1
IBM AIX 7.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18828
 
Oval ID: oval:org.mitre.oval:def:18828
Title: IBM AIX 7.1 is installed
Description: The operating system installed on the system is IBM AIX 7.1.
Family: unix Class: inventory
Reference(s): cpe:/o:ibm:aix:7.1
Version: 3
Platform(s): IBM AIX 7.1
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28927
Definition Id: oval:org.mitre.oval:def:5267
 
Oval ID: oval:org.mitre.oval:def:5267
Title: IBM AIX 6.1 is installed
Description: The operating system installed on the system is IBM AIX 6.1.
Family: unix Class: inventory
Reference(s): cpe:/o:ibm:aix:6.1
Version: 3
Platform(s): IBM AIX 6.1
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28927