oval:org.mitre.oval:def:29181

Definition Id: oval:org.mitre.oval:def:29181

Oval ID:	oval:org.mitre.oval:def:29181
Title:	AIX NAS allows remote users to obtain sensitive information from process heap memory
Description:	The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap memory by sniffing the network for data in a handle field.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-9423	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND filesets File Version Exists krb5.server.rte greater than or equal 1.4.0.8 AND krb5.server.rte less than or equal 1.6.0.2 OR File Version Exists krb5.client.rte greater than or equal 1.4.0.8 AND krb5.client.rte less than or equal 1.6.0.2

Definition Id: oval:org.mitre.oval:def:18828

Oval ID:	oval:org.mitre.oval:def:18828
Title:	IBM AIX 7.1 is installed
Description:	The operating system installed on the system is IBM AIX 7.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:7.1	Version:	3
Platform(s):	IBM AIX 7.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 7100-00 AND IBM AIX version is less than 8100-00
Referenced By:
oval:org.mitre.oval:def:29181

Definition Id: oval:org.mitre.oval:def:5267

Oval ID:	oval:org.mitre.oval:def:5267
Title:	IBM AIX 6.1 is installed
Description:	The operating system installed on the system is IBM AIX 6.1.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:ibm:aix:6.1	Version:	3
Platform(s):	IBM AIX 6.1	Product(s):
Definition Synopsis:
IBM AIX version is greater than or equal 6100-00 AND IBM AIX version is less than 7100-00
Referenced By:
oval:org.mitre.oval:def:29181