Vulnerabilities > CVE-2016-0266 - 7PK - Security Features vulnerability in IBM AIX and Vios
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family AIX Local Security Checks NASL id AIX_IV86132.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92565 published 2016-07-27 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92565 title AIX 7.2 TL 0 : nettcp (IV86132) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV86119.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92563 published 2016-07-27 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92563 title AIX 7.2 TL 0 : nettcp (IV86119) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV82327.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94174 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94174 title AIX 7.1 TL 3 : nettcp (IV82327) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV93624.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. last seen 2020-06-01 modified 2020-06-02 plugin id 99918 published 2017-05-02 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/99918 title AIX 7.1 TL 3 : pconsole (IV93624) NASL family AIX Local Security Checks NASL id AIX_IV88957.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. This plugin has been deprecated to better accommodate iFix supersedence with a forthcoming replacement plugin. last seen 2017-10-29 modified 2017-10-11 plugin id 94179 published 2016-10-21 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=94179 title AIX 5.3 TL 12 : nettcp (IV88957) (SLOTH) (deprecated) NASL family AIX Local Security Checks NASL id AIX_IV79071.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. This plugin has been deprecated to better accommodate iFix supersedence with a forthcoming replacement plugin. last seen 2017-10-29 modified 2017-10-11 plugin id 94172 published 2016-10-21 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=94172 title AIX 6.1 TL 9 : nettcp (IV79071) (SLOTH) (deprecated) NASL family AIX Local Security Checks NASL id AIX_IV82412.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94178 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94178 title AIX 7.1 TL 3 : nettcp (IV82412) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV78624.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94169 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94169 title AIX 6.1 TL 9 : nettcp (IV78624) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV86118.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92562 published 2016-07-27 reporter This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92562 title AIX 7.1 TL 4 : nettcp (IV86118) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV82331.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. This plugin has been deprecated to better accommodate iFix supersedence with a forthcoming replacement plugin. last seen 2017-10-29 modified 2017-10-11 plugin id 94177 published 2016-10-21 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=94177 title AIX 7.1 TL 3 : nettcp (IV82331) (SLOTH) (deprecated) NASL family AIX Local Security Checks NASL id AIX_IV79070.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94171 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94171 title AIX 6.1 TL 9 : nettcp (IV79070) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV82328.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94175 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94175 title AIX 7.1 TL 3 : nettcp (IV82328) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_BIND_NETTCP_ADVISORY2.NASL description The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - The TLS protocol allows weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker can exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. (CVE-2015-7575) - IBM AIX does not require the newest version of TLS by default which allows a remote attacker to obtain sensitive information using man in the middle techniques. (CVE-2016-0266) last seen 2020-06-01 modified 2020-06-02 plugin id 104123 published 2017-10-24 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/104123 title AIX bind Advisory : nettcp_advisory2.asc (IV86116) (IV86117) (IV86118) (IV86119) (IV86120) (IV86132) NASL family AIX Local Security Checks NASL id AIX_IV86116.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92560 published 2016-07-27 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/92560 title AIX 6.1 TL 9 : nettcp (IV86116) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV86117.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92561 published 2016-07-27 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/92561 title AIX 7.1 TL 3 : nettcp (IV86117) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV89739.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. last seen 2020-06-01 modified 2020-06-02 plugin id 95483 published 2016-12-05 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/95483 title AIX 6.1 TL 9 : pconsole (IV89739) NASL family AIX Local Security Checks NASL id AIX_IV89737.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0266 IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors. last seen 2020-06-01 modified 2020-06-02 plugin id 95482 published 2016-12-05 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/95482 title AIX 7.1 TL 4 : pconsole (IV89737) NASL family AIX Local Security Checks NASL id AIX_IV86120.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 92564 published 2016-07-27 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/92564 title AIX 5.3 TL 12 : nettcp (IV86120) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV88959.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94180 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94180 title AIX 5.3 TL 12 : nettcp (IV88959) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV82330.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94176 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94176 title AIX 7.1 TL 3 : nettcp (IV82330) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV78625.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94170 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94170 title AIX 6.1 TL 9 : nettcp (IV78625) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV88960.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94181 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94181 title AIX 5.3 TL 12 : nettcp (IV88960) (SLOTH) NASL family AIX Local Security Checks NASL id AIX_IV79072.NASL description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. last seen 2020-06-01 modified 2020-06-02 plugin id 94173 published 2016-10-21 reporter This script is Copyright (C) 2016-2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/94173 title AIX 6.1 TL 9 : nettcp (IV79072) (SLOTH)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86119
- https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory2.asc
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86116
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86117
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86132
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86118
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV86120
- http://www.securityfocus.com/bid/92150
- http://www.securitytracker.com/id/1036467