Vulnerability in BIND impacts AIX

IBM SECURITY ADVISORY First Issued: Mon Apr 25 10:06:21 CDT 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/bind_advisory11.asc https://aix.software.ibm.com/aix/efixes/security/bind_advisory11.asc ftp://aix.software.ibm.com/aix/efixes/security/bind_advisory11.asc Security Bulletin: Vulnerability in BIND affects AIX (CVE-2015-8704) =============================================================================== SUMMARY: There is a vulnerability in BIND that impacts AIX. =============================================================================== VULNERABILITY DETAILS: CVEID: CVE-2015-8704 DESCRIPTION: ISC BIND is vulnerable to a…

Read More

High Impact / Highly Pervasive APAR IV81482

IV81482 – multibos may fail to mount or remove a standby instance This only affects users of multibos. After creating a multibos instance and booting to it, multibos will be unable to perform some operations on the original (now the standby) instance. Mounting the standby instance with ‘multibos -m’ or removing the standby instance with…

Read More

High Impact / Highly Pervasive APAR IV82196

IV82196 – Core dump in many commands when using NIS This problem will only be seen if Network Information Services (NIS) is being used for authentication. When using NIS authentication, applications using getpwuid() or similar functions may core dump. We have seen this affect cron, java, and db2, to name a few. Affected AIX Levels…

Read More

Support Lifecycle Notice for AIX 7.1 Technology Level 3

IBM announces the following schedules to help you plan for future upgrades to your AIX operating system. These plans are subject to change without notice. AIX Technology Levels are supported for how to, usage, and problem identification for the entire life of the release. However, all Technology Levels have a limited support window for corrective…

Read More

PTF in Error [IV78456, IV77800, IV77371, IV77305, IV77257, IV77260, IV77295, IV76410, IV75031, IV74170, IV73600, IV73359, IV73019, IV72952, IV72536, IV71829, IV71491, IV75928]

Some fix was published by IBM about AIX.If you want to fix this error, you can download fixpack. PTF: U865837 Fileset: bos.mp64.7.1.3.45 APAR: IV78456 reported against fix pack: 7100-03-05-1524 Fix available in fixpack: 7100-03-06-1543 A multi-threaded process might hang when threads belonging to the same process are simultaneously executing plock and disclaim/mmap system calls. PTF: U862090 Fileset:…

Read More

Vulnerabilities in OpenSSL affect AIX

SUMMARY: OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by AIX. AIX has addressed the applicable CVEs. =============================================================================== VULNERABILITY DETAILS: CVEID: CVE-2015-3197 DESCRIPTION: A malicious client can negotiate SSLv2 ciphers that have been disabled on the server and complete SSLv2 handshakes even if all SSLv2 ciphers have been…

Read More

AIX 7.1 7100-03 Service Pack 6

Service Packs contain important fixes delivered between Technology Levels. 7100-03-06 is Service Pack 6 for the 7100-03 Technology Level. AIX 7100-03 Service Pack 6 may be obtained from the Fix packs section of the Fix Central web site, or by ordering APAR IV77187. You must have root authority to perform the installation. Creating a system…

Read More

Vulnerability in BIND affects AIX CVE-2015-8000

Security Bulletin: Vulnerability in BIND affects AIX (CVE-2015-8000) =============================================================================== SUMMARY: There is a vulnerability in BIND that impacts AIX. =============================================================================== VULNERABILITY DETAILS: CVEID: CVE-2015-8000 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error in db.c when parsing incoming responses. A remote attacker could exploit this vulnerability to trigger a REQUIRE…

Read More

Multiple vulnerabilities in IBM Java SDK affect AIX

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX CVE-2015-8472 CVE-2016-0475 CVE-2016-0466 CVE-2016-0402 CVE-2015-7575 CVE-2016-0448 CVE-2016-0494 CVE-2016-0483 CVE-2015-5041 CVE-2015-7981 CVE-2015-8126 CVE-2015-8540 =============================================================================== SUMMARY: There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK…

Read More

Vulnerabilities in OpenSSH affect AIX

IBM SECURITY ADVISORY First Issued: Fri Jan 29 16:13:16 CST 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssh_advisory7.asc https://aix.software.ibm.com/aix/efixes/security/openssh_advisory7.asc ftp://aix.software.ibm.com/aix/efixes/security/openssh_advisory7.asc Security Bulletin: Vulnerabilities in OpenSSH affect AIX (CVE-2016-0777 and CVE-2016-0778) =============================================================================== SUMMARY: An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects…

Read More