漏洞类别:AIX
漏洞等级: 
漏洞信息
IBM AIX is prone to the following vulnerabilities:
OpenSSH is vulnerable to a denial of service, caused by an error in the kex_input_kexinit() function. By sending specially crafted data during the key exchange process, a remote attacker could exploit this vulnerability to consume all available memory resources. (CVE-2016-8858)
OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading of a specially crafted PKCS#11 module across a forwarded agent channel. An attacker could exploit this vulnerability to write files or execute arbitrary code on the system. (CVE-2016-10009)
OpenSSH could allow a local authenticated attacker to obtain sensitive information, caused by a privilege separation flaw. An attacker could exploit this vulnerability to obtain host private key material and other sensitive information. (CVE-2016-10011)
OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by improper bounds checking in the shared memory manager. An attacker could exploit this vulnerability to gain elevated privileges on the system. (CVE-2016-10012)
Affected Platforms:
AIX 5.3, 6.1, 7.1 and 7.2
Note:The detection requires root privileges to run "emgr -c" to check for patches. In absence of such privileges, the detection may not output actual results.
APAR versions: 6203_ifix.
漏洞危害
Successful exploitation could result in Denial of Service Vulnerability.
解决方案
The vendor has released fixes to resolve this vulnerability. Refer to AIX Advisory openssh_advisory10 to obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
AIX Advisory openssh_advisory10: AIX 5.3, 6.1, 7.1 and 7.2 (OpenSSH)
0day
文章评论