This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote AIX host has a vulnerable version of OpenSSH.
The version of OpenSSH running on the remote host is affected by a
security bypass vulnerability due to a failure to check the refusal
deadline during the forwarding of untrusted X11 connections. A remote
attacker can exploit this to bypass timeout checks and XSECURITY
See also :
A fix is available and can be downloaded from the AIX website.
To extract the fixes from the tar file :
zcat OpenSSH_18.104.22.16810.tar.Z | tar xvf -
zcat OpenSSH_22.214.171.12401.tar.Z | tar xvf -
IMPORTANT : If possible, it is recommended that an mksysb backup of
the system be created. Verify it is both bootable and readable before
To preview the fix installation :
installp -apYd . OpenSSH_126.96.36.19910
installp -apYd . OpenSSH_188.8.131.5201
To install the fix package:
installp -aXYd . OpenSSH_184.108.40.20610
installp -aXYd . OpenSSH_220.127.116.1101
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : false