AIX OpenSSL Advisory : openssl_advisory23.asc
Medium Nessus Plugin ID 107230
SynopsisThe remote AIX host has a version of OpenSSL installed that is affected by a denial of service vulnerability.
DescriptionThe version of OpenSSL installed on the remote AIX host is affected by a denial of service vulnerability in OpenSSL caused by an out-of-bounds read when using a specific cipher. By sending specially crafted truncated packets, a remote attacker could exploit this vulnerability using CHACHA20/POLY1305 to cause an application crash.
SolutionA fix is available and can be downloaded from the IBM AIX website.