oval:org.mitre.oval:def:28597

Definition Id: oval:org.mitre.oval:def:28597

Oval ID:	oval:org.mitre.oval:def:28597
Title:	AIX NAS allows remote users to obtain administrative access by leveraging access to a two-component principal
Description:	The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obtain administrative access by leveraging access to a two-component principal with an initial "kadmind" substring, as demonstrated by a "ka/x" principal.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9422	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:18828

Oval ID:	oval:org.mitre.oval:def:18828
Title:	IBM AIX 7.1 is installed
Description:	The operating system installed on the system is IBM AIX 7.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:7.1	Version:	3
Platform(s):	IBM AIX 7.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 7100-00 AND IBM AIX version is less than 8100-00
Referenced By:
oval:org.mitre.oval:def:28597

Definition Id: oval:org.mitre.oval:def:5267

Oval ID:	oval:org.mitre.oval:def:5267
Title:	IBM AIX 6.1 is installed
Description:	The operating system installed on the system is IBM AIX 6.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:6.1	Version:	3
Platform(s):	IBM AIX 6.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 6100-00 AND IBM AIX version is less than 7100-00
Referenced By:
oval:org.mitre.oval:def:28597