oval:org.mitre.oval:def:26347

Definition Id: oval:org.mitre.oval:def:26347

Oval ID:	oval:org.mitre.oval:def:26347
Title:	AIX OpenSSL Man-in-the-Middle attack related to protocol downgrade issue
Description:	The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS versions, related to a "protocol downgrade" issue.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-3511	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND File Version Exists openssl.base greater than or equal 1.0.1.500 AND openssl.base less than or equal 1.0.1.511

Definition Id: oval:org.mitre.oval:def:18828

Oval ID:	oval:org.mitre.oval:def:18828
Title:	IBM AIX 7.1 is installed
Description:	The operating system installed on the system is IBM AIX 7.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:7.1	Version:	3
Platform(s):	IBM AIX 7.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 7100-00 AND IBM AIX version is less than 8100-00
Referenced By:
oval:org.mitre.oval:def:26347

Definition Id: oval:org.mitre.oval:def:5267

Oval ID:	oval:org.mitre.oval:def:5267
Title:	IBM AIX 6.1 is installed
Description:	The operating system installed on the system is IBM AIX 6.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:6.1	Version:	3
Platform(s):	IBM AIX 6.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 6100-00 AND IBM AIX version is less than 7100-00
Referenced By:
oval:org.mitre.oval:def:26347