CVE-2013-0169
Vulnerability from cvelistv5
Published
2013-02-08 19:00
Modified
2024-08-06 14:18
Severity ?
Summary
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
References
secalert@redhat.comhttp://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/Third Party Advisory
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlThird Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136396549913849&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136396549913849&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136432043316835&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136432043316835&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136439120408139&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136439120408139&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136733161405818&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=136733161405818&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=137545771702053&w=2Third Party Advisory
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=137545771702053&w=2Third Party Advisory
secalert@redhat.comhttp://openwall.com/lists/oss-security/2013/02/05/24Mailing List
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0587.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0782.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0783.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-0833.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-1455.htmlThird Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-1456.htmlThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/53623Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/55108Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/55139Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/55322Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/55350Third Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/55351Third Party Advisory
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-201406-32.xmlThird Party Advisory
secalert@redhat.comhttp://support.apple.com/kb/HT5880Third Party Advisory
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21644047Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2621Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2622Third Party Advisory
secalert@redhat.comhttp://www.isg.rhul.ac.uk/tls/TLStiming.pdfThird Party Advisory
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/737740Third Party Advisory, US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:095Third Party Advisory
secalert@redhat.comhttp://www.matrixssl.org/news.htmlThird Party Advisory
secalert@redhat.comhttp://www.openssl.org/news/secadv_20130204.txtVendor Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.htmlThird Party Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/57778Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securitytracker.com/id/1029190Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.splunk.com/view/SP-CAAAHXGThird Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-1735-1Third Party Advisory
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA13-051A.htmlThird Party Advisory, US Government Resource
secalert@redhat.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdfThird Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2018/09/msg00029.htmlThird Party Advisory
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841Tool Signature
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016Tool Signature
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424Tool Signature
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540Tool Signature
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608Third Party Advisory
secalert@redhat.comhttps://polarssl.org/tech-updates/releases/polarssl-1.2.5-releasedVendor Advisory
secalert@redhat.comhttps://puppet.com/security/cve/cve-2013-0169Third Party Advisory
secalert@redhat.comhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001Third Party Advisory
secalert@redhat.comhttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136396549913849&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136396549913849&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136432043316835&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136432043316835&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136439120408139&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136439120408139&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136733161405818&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136733161405818&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=137545771702053&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=137545771702053&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/02/05/24Mailing List
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0587.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0782.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0783.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0833.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1455.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1456.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53623Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55108Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55139Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55322Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55350Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/55351Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201406-32.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5880Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21644047Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2621Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2622Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.isg.rhul.ac.uk/tls/TLStiming.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/737740Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2013:095Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.matrixssl.org/news.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openssl.org/news/secadv_20130204.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/57778Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029190Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.splunk.com/view/SP-CAAAHXGThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1735-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA13-051A.htmlThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2018/09/msg00029.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841Tool Signature
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016Tool Signature
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424Tool Signature
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540Tool Signature
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://polarssl.org/tech-updates/releases/polarssl-1.2.5-releasedVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://puppet.com/security/cve/cve-2013-0169Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c03883001Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.503Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1518-1] polarssl security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.matrixssl.org/news.html"
          },
          {
            "name": "RHSA-2013:0587",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "FEDORA-2013-4403",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
          },
          {
            "name": "TA13-051A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19016",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016"
          },
          {
            "name": "MDVSA-2013:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
          },
          {
            "name": "55139",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55139"
          },
          {
            "name": "55322",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55322"
          },
          {
            "name": "oval:org.mitre.oval:def:19608",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20130204.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
          },
          {
            "name": "openSUSE-SU-2013:0378",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
          },
          {
            "name": "DSA-2622",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2622"
          },
          {
            "name": "57778",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57778"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
          },
          {
            "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "55351",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55351"
          },
          {
            "name": "HPSBUX02856",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://puppet.com/security/cve/cve-2013-0169"
          },
          {
            "name": "SSRT101289",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2016:0640",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "name": "SSRT101108",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
          },
          {
            "name": "SUSE-SU-2013:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
          },
          {
            "name": "RHSA-2013:0833",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
          },
          {
            "name": "USN-1735-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1735-1"
          },
          {
            "name": "SUSE-SU-2014:0320",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
          },
          {
            "name": "HPSBUX02857",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
          },
          {
            "name": "53623",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/53623"
          },
          {
            "name": "SUSE-SU-2013:0701",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
          },
          {
            "name": "VU#737740",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/737740"
          },
          {
            "name": "oval:org.mitre.oval:def:19424",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424"
          },
          {
            "name": "HPSBUX02909",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
          },
          {
            "name": "DSA-2621",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2621"
          },
          {
            "name": "RHSA-2013:0783",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "APPLE-SA-2013-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
          },
          {
            "name": "55108",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55108"
          },
          {
            "name": "RHSA-2013:0782",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
          },
          {
            "name": "HPSBOV02852",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
          },
          {
            "name": "SSRT101103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "SSRT101104",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
          },
          {
            "name": "SUSE-SU-2015:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "name": "openSUSE-SU-2013:0375",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
          },
          {
            "name": "oval:org.mitre.oval:def:19540",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540"
          },
          {
            "name": "1029190",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029190"
          },
          {
            "name": "oval:org.mitre.oval:def:18841",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.splunk.com/view/SP-CAAAHXG"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5880"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "55350",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55350"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-09T12:06:03",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1518-1] polarssl security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.matrixssl.org/news.html"
        },
        {
          "name": "RHSA-2013:0587",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "FEDORA-2013-4403",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
        },
        {
          "name": "TA13-051A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19016",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016"
        },
        {
          "name": "MDVSA-2013:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
        },
        {
          "name": "55139",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55139"
        },
        {
          "name": "55322",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55322"
        },
        {
          "name": "oval:org.mitre.oval:def:19608",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20130204.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
        },
        {
          "name": "openSUSE-SU-2013:0378",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
        },
        {
          "name": "DSA-2622",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2622"
        },
        {
          "name": "57778",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57778"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
        },
        {
          "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "55351",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55351"
        },
        {
          "name": "HPSBUX02856",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://puppet.com/security/cve/cve-2013-0169"
        },
        {
          "name": "SSRT101289",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2016:0640",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
        },
        {
          "name": "SSRT101108",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
        },
        {
          "name": "SUSE-SU-2013:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
        },
        {
          "name": "RHSA-2013:0833",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
        },
        {
          "name": "USN-1735-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1735-1"
        },
        {
          "name": "SUSE-SU-2014:0320",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
        },
        {
          "name": "HPSBUX02857",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
        },
        {
          "name": "53623",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/53623"
        },
        {
          "name": "SUSE-SU-2013:0701",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
        },
        {
          "name": "VU#737740",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/737740"
        },
        {
          "name": "oval:org.mitre.oval:def:19424",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424"
        },
        {
          "name": "HPSBUX02909",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
        },
        {
          "name": "DSA-2621",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2621"
        },
        {
          "name": "RHSA-2013:0783",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "APPLE-SA-2013-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
        },
        {
          "name": "55108",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55108"
        },
        {
          "name": "RHSA-2013:0782",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
        },
        {
          "name": "HPSBOV02852",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
        },
        {
          "name": "SSRT101103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "SSRT101104",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
        },
        {
          "name": "SUSE-SU-2015:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
        },
        {
          "name": "openSUSE-SU-2013:0375",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
        },
        {
          "name": "oval:org.mitre.oval:def:19540",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540"
        },
        {
          "name": "1029190",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029190"
        },
        {
          "name": "oval:org.mitre.oval:def:18841",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.splunk.com/view/SP-CAAAHXG"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5880"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "55350",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55350"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-0169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1518-1] polarssl security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html"
            },
            {
              "name": "http://www.matrixssl.org/news.html",
              "refsource": "CONFIRM",
              "url": "http://www.matrixssl.org/news.html"
            },
            {
              "name": "RHSA-2013:0587",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "FEDORA-2013-4403",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"
            },
            {
              "name": "TA13-051A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19016",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016"
            },
            {
              "name": "MDVSA-2013:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
            },
            {
              "name": "55139",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55139"
            },
            {
              "name": "55322",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55322"
            },
            {
              "name": "oval:org.mitre.oval:def:19608",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608"
            },
            {
              "name": "http://www.openssl.org/news/secadv_20130204.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openssl.org/news/secadv_20130204.txt"
            },
            {
              "name": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/",
              "refsource": "MISC",
              "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
            },
            {
              "name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
              "refsource": "MISC",
              "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
            },
            {
              "name": "openSUSE-SU-2013:0378",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
            },
            {
              "name": "DSA-2622",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2622"
            },
            {
              "name": "57778",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57778"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
            },
            {
              "name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/02/05/24"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "55351",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55351"
            },
            {
              "name": "HPSBUX02856",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
            },
            {
              "name": "https://puppet.com/security/cve/cve-2013-0169",
              "refsource": "CONFIRM",
              "url": "https://puppet.com/security/cve/cve-2013-0169"
            },
            {
              "name": "SSRT101289",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2016:0640",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
            },
            {
              "name": "SSRT101108",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
            },
            {
              "name": "SUSE-SU-2013:0328",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
            },
            {
              "name": "RHSA-2013:0833",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
            },
            {
              "name": "USN-1735-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1735-1"
            },
            {
              "name": "SUSE-SU-2014:0320",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html"
            },
            {
              "name": "HPSBUX02857",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001"
            },
            {
              "name": "53623",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/53623"
            },
            {
              "name": "SUSE-SU-2013:0701",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
            },
            {
              "name": "VU#737740",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/737740"
            },
            {
              "name": "oval:org.mitre.oval:def:19424",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424"
            },
            {
              "name": "HPSBUX02909",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2"
            },
            {
              "name": "DSA-2621",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2621"
            },
            {
              "name": "RHSA-2013:0783",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0783.html"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "APPLE-SA-2013-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
            },
            {
              "name": "55108",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55108"
            },
            {
              "name": "RHSA-2013:0782",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0782.html"
            },
            {
              "name": "HPSBOV02852",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2"
            },
            {
              "name": "SSRT101103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "SSRT101104",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2"
            },
            {
              "name": "SUSE-SU-2015:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
            },
            {
              "name": "openSUSE-SU-2013:0375",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
            },
            {
              "name": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released",
              "refsource": "CONFIRM",
              "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
            },
            {
              "name": "oval:org.mitre.oval:def:19540",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540"
            },
            {
              "name": "1029190",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029190"
            },
            {
              "name": "oval:org.mitre.oval:def:18841",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841"
            },
            {
              "name": "http://www.splunk.com/view/SP-CAAAHXG",
              "refsource": "CONFIRM",
              "url": "http://www.splunk.com/view/SP-CAAAHXG"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5880",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5880"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "55350",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55350"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-0169",
    "datePublished": "2013-02-08T19:00:00",
    "dateReserved": "2012-12-06T00:00:00",
    "dateUpdated": "2024-08-06T14:18:09.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0169\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-02-08T19:55:01.030\",\"lastModified\":\"2024-11-21T01:46:59.137\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \\\"Lucky Thirteen\\\" issue.\"},{\"lang\":\"es\",\"value\":\"El protocolo TLS v1.1 y v1.2 y el protocolo DTLS v1.0 y v1.2, tal como se utiliza en OpenSSL, OpenJDK, PolarSSL, y otros productos, no considera adecuadamente ataques a un requisito de verificaci\u00f3n MAC durante el proceso de relleno CBC malformado, lo que permite a atacantes remotos para realizar ataques distintivos y los ataques de recuperaci\u00f3n de texto plano trav\u00e9s del an\u00e1lisis estad\u00edstico de los datos de tiempo de los paquetes hechos a mano, tambi\u00e9n conocido como el \\\"Lucky Thirteen\\\" de emisi\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.9.8\",\"versionEndIncluding\":\"0.9.8x\",\"matchCriteriaId\":\"7C2F01ED-AB65-4006-AE2A-E9F73791D436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndIncluding\":\"1.0.0j\",\"matchCriteriaId\":\"581DC050-33FB-408D-AB43-D3D796BCBBDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.1\",\"versionEndIncluding\":\"1.0.1d\",\"matchCriteriaId\":\"02E6874F-3469-4173-92DE-1E90F0B241FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C58642D-8504-4D3B-A411-96B83CFCD05D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"603BED29-3B3F-49AD-A518-E68B40AE8484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F03670F-559C-433D-8AE8-A3C16F05E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A294535-7190-4C33-910D-0520F575D800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"52A6300A-98F2-4E5A-909E-895A6C5B1D04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"2280FB93-81A0-4BF4-AD7E-C9EAD277B379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E42E405-91ED-4F41-A2EE-CECB27EB4951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"11BCE518-1A35-44DE-9B40-B89E7637F830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D0BB1F-FA76-4185-ACD4-587DFB24CFF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"D27FDDD5-083F-4A83-836F-BDCEB94894FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"30BF0C2F-BF35-41B8-BC6A-F2DACE6A9A32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update19:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE05CDF7-1C43-46BF-9A7E-56B31BC1C837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A520D505-7BDC-4E82-8A43-7C50AEE2B222\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ADF3C32-6663-4003-B7D6-CE3D02AFF45E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"F15C4440-6283-433E-998E-856DA7ED4DB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update22:*:*:*:*:*:*\",\"matchCriteriaId\":\"C729FF50-6E41-4CEB-888A-E0FBD69B7897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update23:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB0AB341-46CE-4851-899A-B09C81A9792E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update24:*:*:*:*:*:*\",\"matchCriteriaId\":\"68EF7AC1-0179-4E10-89DD-5DA33682B3F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"243726CF-F79A-4487-8807-FFA0AC86760B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update26:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DECF6EC-B787-4CBA-936C-527864B504DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update27:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C70C7D7-4E28-49D9-A007-EB186E85E5B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update29:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B2B1A1-C3E5-4A32-8F5A-4BA8664E7537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F57C81C-446F-462C-BB64-65F87D1AA28F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update30:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CFFA025-08DC-4AEF-AAE3-B20ECCB0946E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update31:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACBA03CE-2EF2-4C51-B796-54C65C3CFBCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update32:*:*:*:*:*:*\",\"matchCriteriaId\":\"085241E5-F958-43DD-AB0A-35EAF6954CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update33:*:*:*:*:*:*\",\"matchCriteriaId\":\"20CD7414-1D66-4311-90FB-5D53C0C22D82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update34:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DCB646B-3F17-427D-AE89-039FCA1F6D7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update35:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2AB84A-05D5-4091-B225-7762A73D45BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update37:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A5A15F9-5047-4BB9-9B3E-A00998B6E7C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update38:*:*:*:*:*:*\",\"matchCriteriaId\":\"11A0378E-0D41-4FE0-8DAF-A01B66D814DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"942C51A3-87AC-4DB5-BAB9-3771A19C472A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34819D3-615F-4CEE-BEAA-CE48BC2E53BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D97A141E-5FC0-4B79-ABAA-82F6DE857625\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.6.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D32EAE02-B313-47AC-A1A3-BBF58A692E02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"81EA5E3B-7EA9-45A4-9B69-2DD96471A731\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"27DED59D-C293-4D36-B194-B1645CD798C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC3ADCB9-C4B7-4D30-932B-415C317870F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"06FB52F8-8702-4795-BA47-28A1D007952F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FDD48A5-9956-4AE6-9899-40D0830719FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"875DAD00-C396-4F45-8C39-843686D5C3DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F45FA1E6-D848-482B-BB3F-5B02E837EE60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"94A59C56-6A9B-4630-ACBD-45359451120D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"795C1133-BF5E-4B07-A448-13EFAFEED9B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF20B7CE-1CD3-4D1E-9C5F-E9594A5135D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"3206CF31-0EF2-4351-A077-1F8935965492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:openjdk:1.7.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E1A163-7376-41C9-A0FF-C8C3B192B73A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21684D8F-C925-4BBE-A9E5-3799C84BDB13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CE3EE93-6274-4996-A843-D2DF3249E06C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DBD7490-815C-4E93-AD6C-5BBF1E3D6AD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C08BCF-F438-4862-B93A-76282A4129D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA654207-3F1A-4737-AA1C-523DBD420D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09D1B837-15DB-4A37-AF13-9FE6D894C084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA214D9-E535-4F68-9A23-504121748700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"131EF818-747C-47F0-A69B-7F55CCA93F9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86C938F-CE5E-4955-8702-ABE9B635E337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DC2818-EBB5-4A14-9468-57737B04F5A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.99:pre1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0D9D498-444E-4E92-B2A1-C8D72FA59F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.99:pre3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D9AE2FA-068E-4F9E-BA3B-69123D9B0A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.99:pre4:*:*:*:*:*:*\",\"matchCriteriaId\":\"22EA88C6-E217-4D1F-981B-096930A7728C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:0.99:pre5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BB29D8D-8287-4B5B-967F-55DCA0C0ED2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E25A1C90-15E9-4577-B25D-855D48C4F4E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18BC3056-6CF9-4C6A-9F03-C8812CA10AF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"02CE9326-279B-4CFE-8FBD-4450793D9C67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7513F8AC-A847-412D-B657-9426E4C6C020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE920F-DBD6-4D01-87E1-26FA10101692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F1E192-D0F2-476E-A7A9-AFB031687533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F9DDE3F-26AE-41E0-9433-E5C018C699E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40F9819E-798E-4DA6-A7E4-39A85B68A5F5\"}]}]}],\"references\":[{\"url\":\"http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2013/02/05/24\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0587.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0782.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0783.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1455.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1456.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/53623\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55108\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55139\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55322\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55350\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55351\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5880\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21644047\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2621\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2622\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/737740\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:095\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.matrixssl.org/news.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openssl.org/news/secadv_20130204.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57778\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029190\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAHXG\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1735-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA13-051A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://puppet.com/security/cve/cve-2013-0169\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136396549913849\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=137545771702053\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://openwall.com/lists/oss-security/2013/02/05/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0587.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0782.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0783.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1455.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1456.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/53623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55139\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55322\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55350\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/55351\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5880\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21644047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2013/dsa-2622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/737740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.matrixssl.org/news.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openssl.org/news/secadv_20130204.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.splunk.com/view/SP-CAAAHXG\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1735-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA13-051A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Tool Signature\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://puppet.com/security/cve/cve-2013-0169\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c03883001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}],\"evaluatorComment\":\"Per http://www.openssl.org/news/vulnerabilities.html:\\nFixed in OpenSSL 1.0.1d (Affected 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) \\nFixed in OpenSSL 1.0.0k (Affected 1.0.0j, 1.0.0i, 1.0.0g, 1.0.0f, 1.0.0e, 1.0.0d, 1.0.0c, 1.0.0b, 1.0.0a, 1.0.0) \\nFixed in OpenSSL 0.9.8y (Affected 0.9.8x, 0.9.8w, 0.9.8v, 0.9.8u, 0.9.8t, 0.9.8s, 0.9.8r, 0.9.8q, 0.9.8p, 0.9.8o, 0.9.8n, 0.9.8m, 0.9.8l, 0.9.8k, 0.9.8j, 0.9.8i, 0.9.8h, 0.9.8g, 0.9.8f, 0.9.8d, 0.9.8c, 0.9.8b, 0.9.8a, 0.9.8)\\n\\nAffected users should upgrade to OpenSSL 1.0.1e, 1.0.0k or 0.9.8y\\n(The fix in 1.0.1d wasn\u0027t complete, so please use 1.0.1e or later)\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.