AIX 7.1 TL 3 : nettcp (IV82331) (SLOTH) (deprecated)
Medium Nessus Plugin ID 94177
SynopsisThis plugin has been deprecated.
Descriptionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials. IBM AIX does not require the newest version of TLS by default which could allow a remote attacker to obtain sensitive information using man in the middle techniques.
This plugin has been deprecated to better accommodate iFix supersedence with a forthcoming replacement plugin.