oval:org.mitre.oval:def:28572

Definition Id: oval:org.mitre.oval:def:28572

Oval ID:	oval:org.mitre.oval:def:28572
Title:	AIX NAS Denial of Service via malformed XDR data
Description:	The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via malformed XDR data, as demonstrated by data sent to kadmind.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9421	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:18828

Oval ID:	oval:org.mitre.oval:def:18828
Title:	IBM AIX 7.1 is installed
Description:	The operating system installed on the system is IBM AIX 7.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:7.1	Version:	3
Platform(s):	IBM AIX 7.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 7100-00 AND IBM AIX version is less than 8100-00
Referenced By:
oval:org.mitre.oval:def:28572

Definition Id: oval:org.mitre.oval:def:5267

Oval ID:	oval:org.mitre.oval:def:5267
Title:	IBM AIX 6.1 is installed
Description:	The operating system installed on the system is IBM AIX 6.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:6.1	Version:	3
Platform(s):	IBM AIX 6.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 6100-00 AND IBM AIX version is less than 7100-00
Referenced By:
oval:org.mitre.oval:def:28572