IBM AIX Sendmail MD5 and TLS Vulnerability——漏洞银行丨0DAY BANK

漏洞信息
AIX is prone to the following vulnerabilities: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. (CVE-2015-7575)
IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques. (CVE-2016-0266) Affected Platforms:
AIX Note:The detection requires root privileges to run "emgr -c" to check for patches. In absence of such privileges, the detection may not output actual results.
漏洞危害
An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials.
解决方案
The vendor has released fixes to resolve this vulnerability. Refer to AIX Advisory to obtain more information Patch:
Following are links for downloading patches to fix the vulnerabilities: nettcp_advisory2: AIX 5.3, 6.1, 7.1, 7.20day