Vulnerabilites related to cisco - content_services_switch_11500
cve-2015-0667
Vulnerability from cvelistv5
Published
2015-03-18 23:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1031939 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=37889 | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:17:32.553Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1031939", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1031939", }, { name: "20150318 Cisco Content Services Switch (11500) Unauthenticated Port Forwarding Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=37889", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-18T00:00:00", descriptions: [ { lang: "en", value: "The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2015-03-23T16:57:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1031939", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1031939", }, { name: "20150318 Cisco Content Services Switch (11500) Unauthenticated Port Forwarding Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=37889", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2015-0667", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1031939", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1031939", }, { name: "20150318 Cisco Content Services Switch (11500) Unauthenticated Port Forwarding Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=37889", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2015-0667", datePublished: "2015-03-18T23:00:00", dateReserved: "2015-01-07T00:00:00", dateUpdated: "2024-08-06T04:17:32.553Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0079
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2025-01-16 17:33
Severity ?
EPSS score ?
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:01:23.689Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17381", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2004-0079", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-01-08T16:21:54.985893Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-16T17:33:22.869Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17381", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0079", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "FEDORA-2005-1042", refsource: "FEDORA", url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { name: "ESA-20040317-003", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "SSRT4717", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "oval:org.mitre.oval:def:2621", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "17381", refsource: "SECUNIA", url: "http://secunia.com/advisories/17381", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "oval:org.mitre.oval:def:9779", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { name: "oval:org.mitre.oval:def:975", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { name: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", refsource: "CONFIRM", url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { name: "http://www.openssl.org/news/secadv_20040317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "FreeBSD-SA-04:05", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { name: "NetBSD-SA2004-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "17401", refsource: "SECUNIA", url: "http://secunia.com/advisories/17401", }, { name: "RHSA-2005:829", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { name: "oval:org.mitre.oval:def:870", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { name: "RHSA-2005:830", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", refsource: "CONFIRM", url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { name: "APPLE-SA-2005-08-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "17398", refsource: "SECUNIA", url: "http://secunia.com/advisories/17398", }, { name: "SSA:2004-077", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "RHSA-2004:139", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "openssl-dochangecipherspec-dos(15505)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "http://docs.info.apple.com/article.html?artnum=61798", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "VU#288574", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/288574", }, { name: "DSA-465", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-465", }, { name: "APPLE-SA-2005-08-17", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "18247", refsource: "SECUNIA", url: "http://secunia.com/advisories/18247", }, { name: "oval:org.mitre.oval:def:5770", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0079", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-01-19T00:00:00", dateUpdated: "2025-01-16T17:33:22.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-0356
Vulnerability from cvelistv5
Published
2005-05-31 04:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/20635 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/15393 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/637934 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/15417/ | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/18662 | third-party-advisory, x_refsource_SECUNIA | |
| ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt | vendor-advisory, x_refsource_SCO | |
| ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://www.securityfocus.com/bid/13676 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/18222 | third-party-advisory, x_refsource_SECUNIA | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:13:53.238Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "tcp-ip-timestamp-dos(20635)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635", }, { name: "15393", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15393", }, { name: "VU#637934", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/637934", }, { name: "15417", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15417/", }, { name: "18662", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18662", }, { name: "SCOSA-2005.64", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt", }, { name: "FreeBSD-SA-05:15", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc", }, { name: "13676", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/13676", }, { name: "20050518 Vulnerability in a Variant of the TCP Timestamps Option", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml", }, { name: "18222", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18222", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-05-18T00:00:00", descriptions: [ { lang: "en", value: "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "tcp-ip-timestamp-dos(20635)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635", }, { name: "15393", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15393", }, { name: "VU#637934", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/637934", }, { name: "15417", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15417/", }, { name: "18662", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18662", }, { name: "SCOSA-2005.64", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt", }, { name: "FreeBSD-SA-05:15", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc", }, { name: "13676", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/13676", }, { name: "20050518 Vulnerability in a Variant of the TCP Timestamps Option", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml", }, { name: "18222", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18222", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2005-0356", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "tcp-ip-timestamp-dos(20635)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635", }, { name: "15393", refsource: "SECUNIA", url: "http://secunia.com/advisories/15393", }, { name: "VU#637934", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/637934", }, { name: "15417", refsource: "SECUNIA", url: "http://secunia.com/advisories/15417/", }, { name: "18662", refsource: "SECUNIA", url: "http://secunia.com/advisories/18662", }, { name: "SCOSA-2005.64", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt", }, { name: "FreeBSD-SA-05:15", refsource: "FREEBSD", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc", }, { name: "13676", refsource: "BID", url: "http://www.securityfocus.com/bid/13676", }, { name: "20050518 Vulnerability in a Variant of the TCP Timestamps Option", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml", }, { name: "18222", refsource: "SECUNIA", url: "http://secunia.com/advisories/18222", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2005-0356", datePublished: "2005-05-31T04:00:00", dateReserved: "2005-02-11T00:00:00", dateUpdated: "2024-08-07T21:13:53.238Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-3426
Vulnerability from cvelistv5
Published
2005-11-02 00:00
Modified
2024-08-07 23:10
Severity ?
EPSS score ?
Summary
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1015081 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/17260 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securityreason.com/securityalert/99 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/15144 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:10:08.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1015081", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015081", }, { name: "17260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17260", }, { name: "20051019 Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml", }, { name: "99", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/99", }, { name: "15144", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/15144", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-10-19T00:00:00", descriptions: [ { lang: "en", value: "Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2006-01-17T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1015081", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015081", }, { name: "17260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17260", }, { name: "20051019 Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml", }, { name: "99", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/99", }, { name: "15144", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/15144", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3426", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1015081", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015081", }, { name: "17260", refsource: "SECUNIA", url: "http://secunia.com/advisories/17260", }, { name: "20051019 Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml", }, { name: "99", refsource: "SREASON", url: "http://securityreason.com/securityalert/99", }, { name: "15144", refsource: "BID", url: "http://www.securityfocus.com/bid/15144", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3426", datePublished: "2005-11-02T00:00:00", dateReserved: "2005-11-01T00:00:00", dateUpdated: "2024-08-07T23:10:08.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-2629
Vulnerability from cvelistv5
Published
2010-07-06 14:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/512144/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1024167 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/41315 | vdb-entry, x_refsource_BID | |
| http://www.vsecurity.com/resources/advisory/20100702-1/ | x_refsource_MISC | |
| http://securitytracker.com/id?1024168 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:39:37.669Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "1024168", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024168", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-07-02T00:00:00", descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "1024168", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024168", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2629", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", refsource: "SECTRACK", url: "http://securitytracker.com/id?1024167", }, { name: "41315", refsource: "BID", url: "http://www.securityfocus.com/bid/41315", }, { name: "http://www.vsecurity.com/resources/advisory/20100702-1/", refsource: "MISC", url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "1024168", refsource: "SECTRACK", url: "http://securitytracker.com/id?1024168", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2629", datePublished: "2010-07-06T14:00:00", dateReserved: "2010-07-06T00:00:00", dateUpdated: "2024-08-07T02:39:37.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2003-1132
Vulnerability from cvelistv5
Published
2005-04-21 04:00
Modified
2024-09-16 16:18
Severity ?
EPSS score ?
Summary
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.kb.cert.org/vuls/id/714121 | third-party-advisory, x_refsource_CERT-VN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T02:19:45.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml", }, { name: "VU#714121", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/714121", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-21T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml", }, { name: "VU#714121", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/714121", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2003-1132", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml", }, { name: "VU#714121", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/714121", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2003-1132", datePublished: "2005-04-21T04:00:00Z", dateReserved: "2005-04-21T00:00:00Z", dateUpdated: "2024-09-16T16:18:43.199Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0112
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:10:03.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", tags: [ "vendor-advisory", "x_refsource_MANDRAKE", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", tags: [ "vendor-advisory", "x_refsource_NETBSD", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", tags: [ "third-party-advisory", "government-resource", "x_refsource_CIAC", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0112", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "SSRT4717", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "MDKSA-2004:023", refsource: "MANDRAKE", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "SuSE-SA:2004:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { name: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", refsource: "CONFIRM", url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { name: "http://www.openssl.org/news/secadv_20040317.txt", refsource: "CONFIRM", url: "http://www.openssl.org/news/secadv_20040317.txt", }, { name: "NetBSD-SA2004-005", refsource: "NETBSD", url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { name: "O-101", refsource: "CIAC", url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "oval:org.mitre.oval:def:1049", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { name: "openssl-kerberos-ciphersuites-dos(15508)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { name: "VU#484726", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/484726", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "oval:org.mitre.oval:def:9580", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { name: "APPLE-SA-2005-08-15", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { name: "SSA:2004-077", refsource: "SLACKWARE", url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "http://docs.info.apple.com/article.html?artnum=61798", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=61798", }, { name: "APPLE-SA-2005-08-17", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { name: "oval:org.mitre.oval:def:928", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0112", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-02-02T00:00:00", dateUpdated: "2024-08-08T00:10:03.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-1575
Vulnerability from cvelistv5
Published
2010-07-06 14:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/512144/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1024167 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/41315 | vdb-entry, x_refsource_BID | |
| http://www.vsecurity.com/resources/advisory/20100702-1/ | x_refsource_MISC | |
| http://osvdb.org/66091 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T01:28:42.114Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66091", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/66091", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-07-02T00:00:00", descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66091", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/66091", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2010-1575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", refsource: "SECTRACK", url: "http://securitytracker.com/id?1024167", }, { name: "41315", refsource: "BID", url: "http://www.securityfocus.com/bid/41315", }, { name: "http://www.vsecurity.com/resources/advisory/20100702-1/", refsource: "MISC", url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66091", refsource: "OSVDB", url: "http://osvdb.org/66091", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2010-1575", datePublished: "2010-07-06T14:00:00", dateReserved: "2010-04-27T00:00:00", dateUpdated: "2024-08-07T01:28:42.114Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-1576
Vulnerability from cvelistv5
Published
2010-07-06 14:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/512144/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1024167 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/41315 | vdb-entry, x_refsource_BID | |
| http://www.vsecurity.com/resources/advisory/20100702-1/ | x_refsource_MISC | |
| http://osvdb.org/66092 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1024168 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T01:28:41.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66092", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/66092", }, { name: "1024168", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1024168", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-07-02T00:00:00", descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024167", }, { name: "41315", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/41315", }, { tags: [ "x_refsource_MISC", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66092", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/66092", }, { name: "1024168", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1024168", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2010-1576", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20100702 VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { name: "1024167", refsource: "SECTRACK", url: "http://securitytracker.com/id?1024167", }, { name: "41315", refsource: "BID", url: "http://www.securityfocus.com/bid/41315", }, { name: "http://www.vsecurity.com/resources/advisory/20100702-1/", refsource: "MISC", url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { name: "66092", refsource: "OSVDB", url: "http://osvdb.org/66092", }, { name: "1024168", refsource: "SECTRACK", url: "http://securitytracker.com/id?1024168", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2010-1576", datePublished: "2010-07-06T14:00:00", dateReserved: "2010-04-27T00:00:00", dateUpdated: "2024-08-07T01:28:41.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0081
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:01
Severity ?
EPSS score ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:01:23.650Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", "x_transferred", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", "x_transferred", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2004/dsa-465", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-03-17T00:00:00", descriptions: [ { lang: "en", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "9899", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", tags: [ "vendor-advisory", "x_refsource_ENGARDE", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", tags: [ "vendor-advisory", "x_refsource_SCO", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", tags: [ "vendor-advisory", "x_refsource_SGI", ], url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { tags: [ "x_refsource_MISC", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", tags: [ "vendor-advisory", "x_refsource_TRUSTIX", ], url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2004/dsa-465", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0081", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "9899", refsource: "BID", url: "http://www.securityfocus.com/bid/9899", }, { name: "ESA-20040317-003", refsource: "ENGARDE", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { name: "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { name: "RHSA-2004:121", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { name: "CLA-2004:834", refsource: "CONECTIVA", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { name: "SCOSA-2004.10", refsource: "SCO", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { name: "20040304-01-U", refsource: "SGI", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { name: "openssl-tls-dos(15509)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { name: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", refsource: "MISC", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { name: "FEDORA-2004-095", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { name: "57524", refsource: "SUNALERT", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { name: "oval:org.mitre.oval:def:871", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { name: "oval:org.mitre.oval:def:11755", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { name: "VU#465542", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/465542", }, { name: "TA04-078A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { name: "GLSA-200403-03", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { name: "11139", refsource: "SECUNIA", url: "http://secunia.com/advisories/11139", }, { name: "RHSA-2004:120", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { name: "RHSA-2004:119", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { name: "oval:org.mitre.oval:def:902", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { name: "RHSA-2004:139", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { name: "2004-0012", refsource: "TRUSTIX", url: "http://www.trustix.org/errata/2004/0012", }, { name: "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { name: "20040317 Cisco OpenSSL Implementation Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { name: "DSA-465", refsource: "DEBIAN", url: "http://www.debian.org/security/2004/dsa-465", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0081", datePublished: "2004-03-18T05:00:00", dateReserved: "2004-01-19T00:00:00", dateUpdated: "2024-08-08T00:01:23.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-1631
Vulnerability from cvelistv5
Published
2006-04-05 18:00
Modified
2024-08-07 17:19
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/1257 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015870 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25642 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/19552 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/24433 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/17383 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T17:19:48.787Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2006-1257", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1257", }, { name: "1015870", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015870", }, { name: "20060405 Cisco 11500 Content Services Switch HTTP Request Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml", }, { name: "cisco-css-http-comp-dos(25642)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25642", }, { name: "19552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19552", }, { name: "24433", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/24433", }, { name: "17383", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/17383", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-04-05T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) \"valid, but obsolete\" or (2) \"specially crafted\" HTTP requests.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2006-1257", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1257", }, { name: "1015870", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015870", }, { name: "20060405 Cisco 11500 Content Services Switch HTTP Request Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml", }, { name: "cisco-css-http-comp-dos(25642)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25642", }, { name: "19552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19552", }, { name: "24433", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/24433", }, { name: "17383", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/17383", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-1631", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) \"valid, but obsolete\" or (2) \"specially crafted\" HTTP requests.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2006-1257", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1257", }, { name: "1015870", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015870", }, { name: "20060405 Cisco 11500 Content Services Switch HTTP Request Vulnerability", refsource: "CISCO", url: "http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml", }, { name: "cisco-css-http-comp-dos(25642)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25642", }, { name: "19552", refsource: "SECUNIA", url: "http://secunia.com/advisories/19552", }, { name: "24433", refsource: "OSVDB", url: "http://www.osvdb.org/24433", }, { name: "17383", refsource: "BID", url: "http://www.securityfocus.com/bid/17383", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-1631", datePublished: "2006-04-05T18:00:00", dateReserved: "2006-04-05T00:00:00", dateUpdated: "2024-08-07T17:19:48.787Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "E0146341-364C-4085-A2E1-BC8C260FBA3D", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "8BF2E08B-9046-41A1-BEDE-EB0B6436315C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "811E1BE8-3868-49F8-B6E8-D5705559B02E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "2C4AED89-F862-4071-8E94-481A59EDAE8E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "67010B0B-ECE7-4EE5-B103-05DC637E150F", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "6DDA8F10-B059-4403-A790-EFC8822588B2", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "A06BCD31-3FB6-468B-9BC9-EA573717B19F", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "360238CC-3BF5-4750-B16D-8A2E0257022E", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "0C55C754-E213-4E79-AA7B-2CAF8A464388", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "647BA524-5A79-408C-BBF2-5780BC522B64", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "7B4DC717-0785-4C19-8A33-ACA5F378DF3C", vulnerable: true, }, { criteria: "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "858843D3-84BB-48B6-80D1-1271AE60150D", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "0A7B80E0-40BB-4B4E-9711-AF293A038DD4", vulnerable: true, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D3653856-207E-46A7-92DD-D7F377F1829A", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "19053434-F9E7-4839-AB5A-B226CC4616A5", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*", matchCriteriaId: "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*", matchCriteriaId: "8D15C938-4DAB-4011-80EE-A2663E20BFC1", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C9C056ED-2492-4B1C-BCB9-4F36806C4A48", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*", matchCriteriaId: "BA347CD3-0619-4EA2-A736-B59EE9E3AC12", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*", matchCriteriaId: "4ACEF29C-3225-43A7-9E07-FBCCF555887E", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*", matchCriteriaId: "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD", vulnerable: false, }, { criteria: "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*", matchCriteriaId: "9F532860-9E26-45C3-9FB3-6B0888F1279A", vulnerable: false, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.", }, { lang: "es", value: "El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegación de servicio.", }, ], id: "CVE-2004-0112", lastModified: "2024-11-20T23:47:47.537", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/484726", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-04-05 18:04
Modified
2024-11-21 00:09
Severity ?
Summary
Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) \"valid, but obsolete\" or (2) \"specially crafted\" HTTP requests.", }, ], id: "CVE-2006-1631", lastModified: "2024-11-21T00:09:21.180", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-04-05T18:04:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/19552", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015870", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/24433", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/17383", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1257", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19552", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/24433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/17383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25642", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-11-02 00:02
Modified
2024-11-21 00:01
Severity ?
Summary
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.", }, ], id: "CVE-2005-3426", lastModified: "2024-11-21T00:01:52.377", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-11-02T00:02:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/17260", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/99", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://securitytracker.com/id?1015081", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/15144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/99", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://securitytracker.com/id?1015081", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20051019-css.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/15144", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-07-06 17:17
Modified
2024-11-21 01:14
Severity ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500 | 08.20.1.01 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:08.20.1.01:*:*:*:*:*:*:*", matchCriteriaId: "63BA31CE-19C7-4FDB-8A0A-F1C252EC6146", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.", }, { lang: "es", value: "Cisco Content Services Switch (CSS) 11500 con software v08.20.1.01 transporta datos de autenticaciión a través de cabeceras ClientCert-* pero no borra cabeceras client-supplied ClientCert-, lo que puede permitir a atacantes remotos superar la autenticación a través de datos de cabecera manipulados, como quedó demostrado por la cabecera ClientCert-Subject-CN, conocido como Bug ID CSCsz04690.", }, ], id: "CVE-2010-1575", lastModified: "2024-11-21T01:14:43.277", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-07-06T17:17:13.203", references: [ { source: "psirt@cisco.com", url: "http://osvdb.org/66091", }, { source: "psirt@cisco.com", url: "http://securitytracker.com/id?1024167", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/41315", }, { source: "psirt@cisco.com", tags: [ "Exploit", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/66091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/41315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/714121 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/714121 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11000 | * | |
| cisco | content_services_switch_11500 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11000:*:*:*:*:*:*:*:*", matchCriteriaId: "98FC94DE-BBD2-43C6-9435-0242BA5DCC8C", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.", }, ], id: "CVE-2003-1132", lastModified: "2024-11-20T23:46:25.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/714121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/714121", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-01-16 18:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "E0146341-364C-4085-A2E1-BC8C260FBA3D", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A045971-8756-47E8-9044-C39D08B36F1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "44E85930-3AAD-420B-8E3E-AEC57344F6C4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", matchCriteriaId: "00993464-BE09-4691-B3F0-51BBA9FB80C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", matchCriteriaId: "896AB39E-2078-4BA2-9522-477BD5F98FD1", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", matchCriteriaId: "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E7300C3E-8105-4C23-89B9-7D29CED18C15", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", matchCriteriaId: "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", matchCriteriaId: "715F4E0B-7E4B-4520-A987-9B3ED3136B75", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", matchCriteriaId: "9CA1F606-C558-40FD-9300-6E2796F47BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "EA1C4B3C-5701-4233-BA94-28915713F9C8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "0F85F672-0F21-4AD7-8620-13D82F2ECC22", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "89070041-613A-4F7B-BD6A-C6091D21FC52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "D9A71933-4BD5-4B11-8B14-D997E75F29CD", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "5B6BE11D-FC02-4950-A554-08CC9D8B1853", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "69FA0221-5073-4D45-950F-119497B53FED", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "2CC1A110-B203-4962-8E1A-74BD98121AF6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "B5A92C4D-B024-4D39-9479-409C39586F64", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "5E8998CC-E372-46D0-8339-47DC8D92D253", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "AF131FDC-BF8D-4A17-99F0-444EB900E83D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "880811B3-E78E-456E-972E-DE733F368576", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "22411F18-2B93-405A-A3B5-2CF0A04977C6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", matchCriteriaId: "C71188B7-E6DC-41E5-B619-367341113501", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "07491444-0196-4504-A971-A5E388B86BBA", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", matchCriteriaId: "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "A7C2E603-568F-40F6-9A7C-439E2A51B37F", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "703421A7-E8C5-450B-97EF-FD9D99D4B834", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.", }, { lang: "es", value: "La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo.", }, ], id: "CVE-2004-0079", lastModified: "2025-01-16T18:15:19.483", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17381", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17398", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17401", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/18247", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2004/dsa-465", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://docs.info.apple.com/article.html?artnum=61798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.apple.com/mhonarc/security-announce/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=107953412903636&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=108403806509920&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/17401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/18247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://support.lexmark.com/index?page=content&id=TE88&locale=EN&userlocale=EN_US", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.ciac.org/ciac/bulletins/o-101.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2004/dsa-465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/288574", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.novell.com/linux/security/advisories/2004_07_openssl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openssl.org/news/secadv_20040317.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-829.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.redhat.com/support/errata/RHSA-2005-830.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.455961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", lastModified: "2007-03-14T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2010-07-06 17:17
Modified
2024-11-21 01:17
Severity ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500 | * | |
| cisco | content_services_switch_11500 | 8.20.0.01 | |
| cisco | content_services_switch_11500 | 08.20.1.01 | |
| cisco | content_services_switch_11500 | 8.20.1.01 | |
| cisco | content_services_switch_11500 | 8.20.2.01 | |
| cisco | ace_4710 | * | |
| cisco | ace_4710 | a1\(2.0\) | |
| cisco | ace_4710 | a1\(8.0\) |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "522CC12B-058D-4711-8A04-AAC81A460B2B", versionEndIncluding: "8.20.3.03", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.0.01:*:*:*:*:*:*:*", matchCriteriaId: "934D3A1C-7723-4250-BC86-5921572AB358", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:08.20.1.01:*:*:*:*:*:*:*", matchCriteriaId: "63BA31CE-19C7-4FDB-8A0A-F1C252EC6146", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.1.01:*:*:*:*:*:*:*", matchCriteriaId: "545E9F44-A61F-4037-9BDF-5DE7F8E506B6", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.2.01:*:*:*:*:*:*:*", matchCriteriaId: "7241A8A3-C8C8-44CA-990F-BDA47EB75D64", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FF387C-79BE-481C-A461-D32DCF421CC1", versionEndIncluding: "a3\\(2.5\\)", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:ace_4710:a1\\(2.0\\):*:*:*:*:*:*:*", matchCriteriaId: "142B1472-4694-436F-85C0-52B6A9CFCA64", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:ace_4710:a1\\(8.0\\):*:*:*:*:*:*:*", matchCriteriaId: "A421567F-1772-46DC-9FBA-E0072DC6B7C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.", }, { lang: "es", value: "Cisco Content Services Switch (CSS) 11500 con software v8.20.4.02 y Application Control Engine (ACE) 4710 con software A2(3.0) no maneja adecuadamente las terminacioens de cabecera LF en situaciones donde la línea GET es terminada con CRLF, permitiendo a atacantes remotos llevar a cabo ataques contrabando de peticiones HTTP y probablemente superar la inserción de cabeceras de datos privistas, como quedó demostrado por el carácter LF entre las cabeceras ClientCert-Subject y ClientCert-Subject-CN. NOTA: esta vulnerabilidad existe debido a una solución incompleta de CVE-2010-1576.", }, ], id: "CVE-2010-2629", lastModified: "2024-11-21T01:17:02.510", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-07-06T17:17:13.517", references: [ { source: "cve@mitre.org", url: "http://securitytracker.com/id?1024167", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1024168", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/41315", }, { source: "cve@mitre.org", url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/41315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-07-06 17:17
Modified
2024-11-21 01:14
Severity ?
Summary
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500 | * | |
| cisco | content_services_switch_11500 | 8.20.0.01 | |
| cisco | content_services_switch_11500 | 08.20.1.01 | |
| cisco | content_services_switch_11500 | 8.20.1.01 | |
| cisco | content_services_switch_11500 | 8.20.2.01 | |
| cisco | ace_4710 | * | |
| cisco | ace_4710 | a1\(2.0\) | |
| cisco | ace_4710 | a1\(8.0\) |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "522CC12B-058D-4711-8A04-AAC81A460B2B", versionEndIncluding: "8.20.3.03", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.0.01:*:*:*:*:*:*:*", matchCriteriaId: "934D3A1C-7723-4250-BC86-5921572AB358", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:08.20.1.01:*:*:*:*:*:*:*", matchCriteriaId: "63BA31CE-19C7-4FDB-8A0A-F1C252EC6146", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.1.01:*:*:*:*:*:*:*", matchCriteriaId: "545E9F44-A61F-4037-9BDF-5DE7F8E506B6", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:8.20.2.01:*:*:*:*:*:*:*", matchCriteriaId: "7241A8A3-C8C8-44CA-990F-BDA47EB75D64", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FF387C-79BE-481C-A461-D32DCF421CC1", versionEndIncluding: "a3\\(2.5\\)", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:ace_4710:a1\\(2.0\\):*:*:*:*:*:*:*", matchCriteriaId: "142B1472-4694-436F-85C0-52B6A9CFCA64", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:ace_4710:a1\\(8.0\\):*:*:*:*:*:*:*", matchCriteriaId: "A421567F-1772-46DC-9FBA-E0072DC6B7C6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.", }, { lang: "es", value: "El Content Services Switch Cisco (CSS) 11500 con software anterios a v8.20.4.02 y el Application Control Engine (ACE) 4710 con software anterior a vA2(3.0) no gestiona adecuadamente el uso de LF, CR y LFCR como alternativas a la secuencia estandar CRLF entre cabeceras HTTP, lo cual permite a los atacantes remotos evitar las restricciones de inserciones de cabecera HTTP o llevar a cabo ataques de contrabando a través de cabeceras de datos manipuladas, como lo demuestra el caracter LF precediendo a las cabeceras ClientCert-Subject y ClientCert-Subject-CN, también conocido como Bug ID CSCta04885.", }, ], id: "CVE-2010-1576", lastModified: "2024-11-21T01:14:43.387", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-07-06T17:17:13.233", references: [ { source: "psirt@cisco.com", url: "http://osvdb.org/66092", }, { source: "psirt@cisco.com", url: "http://securitytracker.com/id?1024167", }, { source: "psirt@cisco.com", url: "http://securitytracker.com/id?1024168", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/41315", }, { source: "psirt@cisco.com", tags: [ "Exploit", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/66092", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024167", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1024168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/512144/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/41315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.vsecurity.com/resources/advisory/20100702-1/", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-05-31 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:agent_desktop:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA6F73C-A3F2-460C-8CE5-25F818E39933", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:e-mail_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "D4288E9F-8010-43F2-AEBE-A048BDA33858", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*", matchCriteriaId: "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:intelligent_contact_manager:5.0:*:*:*:*:*:*:*", matchCriteriaId: "67E326AE-12CC-4673-8FE6-7979AD489905", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:interactive_voice_response:*:*:*:*:*:*:*:*", matchCriteriaId: "35354155-4E01-469B-B947-3947F2490809", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ip_contact_center_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "BD4EBA42-D50B-4A72-9D7E-C1387E8F3FF8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ip_contact_center_express:*:*:*:*:*:*:*:*", matchCriteriaId: "768CD80D-9FC2-43E9-AB69-51B403C0AC2F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:meetingplace:*:*:*:*:*:*:*:*", matchCriteriaId: "41EEA208-7F2E-4E01-8C8C-29009161E6EF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D2B8308C-7C36-48E1-97BC-282908B9A38D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "29AF8C73-C10F-4873-941B-26C832D854EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8CE1C413-0678-4E9A-AC7F-105538D3C56E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "F4ADC051-C35B-4C68-B751-B8A2434A6E79", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "131ABD48-89ED-45B9-865B-20AF3631BA6C", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0BC18EEF-1DA5-402A-9C22-BCF287F2D501", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:remote_monitoring_suite_option:*:*:*:*:*:*:*:*", matchCriteriaId: "FD6DC298-5EC8-4303-A50A-8A22ABB8518E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.0:*:unix:*:*:*:*:*", matchCriteriaId: "22B6CD99-5B21-4961-AD47-B1722E586664", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.1:*:windows_nt:*:*:*:*:*", matchCriteriaId: "3BF391B2-17C6-4633-8CE9-35B637BFDC79", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*", matchCriteriaId: "7889030E-97F7-4CCD-8050-5250B1F58C26", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:windows_nt:*:*:*:*:*", matchCriteriaId: "26B0CB70-CC82-4FF1-882C-0712354DA113", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.3.5.1:*:unix:*:*:*:*:*", matchCriteriaId: "543A3774-28EB-406D-830E-957B5E9E7A66", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.3.6.1:*:unix:*:*:*:*:*", matchCriteriaId: "B0B5C19A-58BB-4A7A-886D-3567B37F466D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.4:*:windows_nt:*:*:*:*:*", matchCriteriaId: "4126D9DE-A75E-4A9E-9DA7-1477D5688872", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.5:*:windows_nt:*:*:*:*:*", matchCriteriaId: "0354C50C-4104-4960-B1EE-F212CD3D6AE5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.6:*:windows_nt:*:*:*:*:*", matchCriteriaId: "DE9B81AC-1D16-4FDF-B438-3D3ED2BE9538", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:windows_nt:*:*:*:*:*", matchCriteriaId: "8F515D7A-D663-49F0-8F12-1484000505FB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*", matchCriteriaId: "A668278F-8080-4295-95EB-88341478D16B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:windows_nt:*:*:*:*:*", matchCriteriaId: "A66BED35-F385-4A0C-9416-6F007536133E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:2.42:*:windows_nt:*:*:*:*:*", matchCriteriaId: "5EA57609-522C-4431-92AE-4FF11AA67320", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "44D05855-C8C1-4243-8438-5A36A01A8F48", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*", matchCriteriaId: "A60B49A7-B569-4485-A6B3-E14B9FB96950", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*", matchCriteriaId: "FA889730-B2FF-4219-BBCA-A4364BA61EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*", matchCriteriaId: "8731D5CC-A6F9-48DB-B1D1-FD50CEAC63D1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*", matchCriteriaId: "FB11A75E-2E4B-4B83-B763-CBBC1D9DFB36", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*", matchCriteriaId: "DFFE6A50-B704-42BB-8FFF-27E9F4D3B576", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*", matchCriteriaId: "109147BF-3225-48E4-8BE1-2E5B59921032", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*", matchCriteriaId: "7CDA01B6-6887-40BB-B541-65F198D03219", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86806D6E-1BDF-4253-AEB7-D9D88D224812", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1.20\\):*:*:*:*:*:*:*", matchCriteriaId: "B0BD6882-379C-4EA7-8E51-124273C5A56F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "680E5A81-6409-4CE7-8496-D7845FD7E851", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "3868E060-0278-491A-9943-1A2E435C7606", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F39D3441-C84A-403A-ACB4-8019579EE4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.2.2:*:*:*:*:*:*:*", matchCriteriaId: "61ED039B-C3E6-4BC8-A97A-351EC9CEAF16", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:*:*:*:*:*:*", matchCriteriaId: "D2793200-D95D-4BD3-8DF2-4A847230FBE5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0E587654-B5A0-47A4-BED6-D8DB69AEF566", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "6F07B954-817F-47AC-BCAC-3DA697A6E2F2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:secure_access_control_server:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "0CC1B599-05C0-4FB5-A47B-5D858DAB43A0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:support_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "FFCEB1D7-38BB-4056-A2A5-8F344048A95A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:web_collaboration_option:*:*:*:*:*:*:*:*", matchCriteriaId: "CDF58F1E-ED37-4334-9194-E6FC07C6AB4D", vulnerable: true, }, { criteria: "cpe:2.3:a:hitachi:alaxala:ax:*:*:*:*:*:*:*", matchCriteriaId: "811B1CC7-325B-4017-BAA8-2F90BBE50FFA", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*", matchCriteriaId: "14BF1392-C6E2-4946-9B9E-A64BFE7E8057", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "EA117831-013A-4B62-90EA-9F87D0DBACF3", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*", matchCriteriaId: "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*", matchCriteriaId: "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "C9C25529-9048-46E8-8A59-61CAD59C2C40", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "70ADFE52-9C89-4C29-AC74-7F510326F810", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*", matchCriteriaId: "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*", matchCriteriaId: "9306CD67-C43D-46F7-B76B-1FA0ACC6135E", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*", matchCriteriaId: "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "A6659C2E-691B-47B8-9659-73FF4DEE3C19", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.1:*:*:*:*:*:*:*", matchCriteriaId: "C0317B33-20DC-4E57-8AFC-097FBC6067F4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.2:*:*:*:*:*:*:*", matchCriteriaId: "D382C84D-C8F7-4257-B6C6-D00C595F6B63", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.3:*:*:*:*:*:*:*", matchCriteriaId: "6DF21240-6275-434F-B7C3-8CC029B9ABA2", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.4:*:*:*:*:*:*:*", matchCriteriaId: "8934A49D-9ABB-4B49-9B69-615B8CFFAF10", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:2.46:*:*:*:*:*:*:*", matchCriteriaId: "0E60BDFE-108B-4621-9B02-774AA844407B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "856D99BB-1CB3-4A8D-9752-CC854829C65A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:3.1:*:*:*:*:*:*:*", matchCriteriaId: "B13E26E7-8284-4B70-B51C-B3B96995094F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2414F807-1EAE-438D-9497-B6259AC1AA2C", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:3.3:*:*:*:*:*:*:*", matchCriteriaId: "CCB4D983-658F-4B5F-B136-02A9605DAF4C", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:unity_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D26F84D4-B6AC-4BAD-8D9D-B33842FEF9F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:mgx_8230:1.2.10:*:*:*:*:*:*:*", matchCriteriaId: "7BF93667-8DEC-4A3F-836F-51169553A5D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:mgx_8230:1.2.11:*:*:*:*:*:*:*", matchCriteriaId: "81A5B93D-90F2-4133-B9FA-A0E659DD66CC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:mgx_8250:1.2.10:*:*:*:*:*:*:*", matchCriteriaId: "933C2E60-230F-41B2-B978-03BCD9C017B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:mgx_8250:1.2.11:*:*:*:*:*:*:*", matchCriteriaId: "920C5EDC-003F-4805-97E1-E78AD9DA6A35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_access_control_list_manager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "826A77B1-76FA-489E-B630-916DE44067D1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_access_control_list_manager:1.6:*:*:*:*:*:*:*", matchCriteriaId: "58781C8F-0E66-467E-AF2D-44BE027CF649", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:*", matchCriteriaId: "716ABF75-32B2-4E9A-A612-BA06C5C2E17D", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.2:*:*:*:*:*:*:*", matchCriteriaId: "63F8D490-22C8-4638-88D4-7D629D74A68F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_lms:1.3:*:*:*:*:*:*:*", matchCriteriaId: "A81483D4-D1F5-4BDA-975B-5C22D81A6F43", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_vpn_security_management_solution:*:*:*:*:*:*:*:*", matchCriteriaId: "95875913-E9F6-47C4-845C-71F363E515C6", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_windows:*:*:*:*:*:*:*:*", matchCriteriaId: "14A49F9C-78F5-4FC6-A8CD-ACA45D689CB5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_\\(05.07\\)s:*:*:*:*:*:*:*", matchCriteriaId: "40EA78B8-E97E-4EFF-8A59-3977A48E21E3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.20_\\(03.09\\)s:*:*:*:*:*:*:*", matchCriteriaId: "8D214E48-0E05-4C82-81E7-8C4FA08DD7E1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.20_\\(03.10\\)s:*:*:*:*:*:*:*", matchCriteriaId: "0CA012F9-EEE5-4085-8EEA-DCF576C09DCD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.30_\\(00.08\\)s:*:*:*:*:*:*:*", matchCriteriaId: "FAD48517-F464-4DDE-9902-1FEAE1A962AC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.30_\\(00.09\\)s:*:*:*:*:*:*:*", matchCriteriaId: "568B63CF-7B0D-45B2-ABC3-C333CF1B66F7", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:business_communications_manager:200:*:*:*:*:*:*:*", matchCriteriaId: "F49ECAF3-0922-4C6B-A991-93504457668A", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:business_communications_manager:400:*:*:*:*:*:*:*", matchCriteriaId: "E34503FD-5462-4D07-B626-A0061EDB6DC8", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*", matchCriteriaId: "2401C82A-BC79-435D-B921-FEE8DD3129C7", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:callpilot:200i:*:*:*:*:*:*:*", matchCriteriaId: "C5AEEAEC-04E3-4AF0-8ECB-59684CBB4D57", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:callpilot:201i:*:*:*:*:*:*:*", matchCriteriaId: "396BD40F-EC2B-4F16-89BA-BCD67D318C63", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:callpilot:702t:*:*:*:*:*:*:*", matchCriteriaId: "ED7D542E-A47B-4B21-8F31-1B4AE50486FF", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:callpilot:703t:*:*:*:*:*:*:*", matchCriteriaId: "68D6193D-F50D-4B86-9F4C-74C74A026176", vulnerable: true, }, { criteria: "cpe:2.3:a:nortel:contact_center:*:*:*:*:*:*:*:*", matchCriteriaId: "81C976A2-0E66-4CDD-B6B7-A93DEDB47754", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11000:*:*:*:*:*:*:*:*", matchCriteriaId: "98FC94DE-BBD2-43C6-9435-0242BA5DCC8C", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11050:*:*:*:*:*:*:*:*", matchCriteriaId: "B327940A-8884-4B45-8981-D1F19A318DCA", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11150:*:*:*:*:*:*:*:*", matchCriteriaId: "E3D01950-FFD4-4491-9C95-59AE911722F9", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11501:*:*:*:*:*:*:*:*", matchCriteriaId: "3FD2203A-CE41-4353-A291-AFB117FDDA40", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11503:*:*:*:*:*:*:*:*", matchCriteriaId: "BC289BD9-E1CD-4B22-89B0-D8D525B004A5", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11506:*:*:*:*:*:*:*:*", matchCriteriaId: "74E298BB-ADAA-4AAB-9851-2255FCC42ABD", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11800:*:*:*:*:*:*:*:*", matchCriteriaId: "3B4A3675-9561-434E-A2C0-AF56CBD30560", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:7220_wlan_access_point:*:*:*:*:*:*:*:*", matchCriteriaId: "2E4AED72-AD89-4FBB-89F4-1459617B882A", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:7250_wlan_access_point:*:*:*:*:*:*:*:*", matchCriteriaId: "3D5EA867-A9AD-4400-A8F9-CC73C3A311A3", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:ethernet_routing_switch_1612:*:*:*:*:*:*:*:*", matchCriteriaId: "12F5436F-68B2-4A10-87CA-390684FCE921", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:ethernet_routing_switch_1624:*:*:*:*:*:*:*:*", matchCriteriaId: "83688351-789A-495D-BA97-57FA65E443A3", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:ethernet_routing_switch_1648:*:*:*:*:*:*:*:*", matchCriteriaId: "BC7DA7DE-9310-4BB4-941D-01589E8B4853", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:optical_metro_5000:*:*:*:*:*:*:*:*", matchCriteriaId: "A3270F2E-A780-4843-B3D1-ED85DC972AE5", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:optical_metro_5100:*:*:*:*:*:*:*:*", matchCriteriaId: "6BF6BDE8-C6B5-42DA-B16C-2258D765CB2C", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:optical_metro_5200:*:*:*:*:*:*:*:*", matchCriteriaId: "F8B29C7C-D06E-4E08-88AA-AEDA987B19F0", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:succession_communication_server_1000:*:*:*:*:*:*:*:*", matchCriteriaId: "2A0CB855-CDD4-42B7-9328-64B10F5A3A4D", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:survivable_remote_gateway:1.0:*:*:*:*:*:*:*", matchCriteriaId: "A9FED9ED-570F-4050-93E8-2A31E52DCEB9", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:universal_signaling_point:5200:*:*:*:*:*:*:*", matchCriteriaId: "05D8AA04-63A1-46C2-985A-84779FD7971C", vulnerable: true, }, { criteria: "cpe:2.3:h:nortel:universal_signaling_point:compact_lite:*:*:*:*:*:*:*", matchCriteriaId: "D5B3E8A3-0B7E-46D1-9847-6DC1B498FA87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_1105_hosting_solution_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "11CED8EB-2292-4F16-8CD4-C3B56D1DF71B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_1105_wireless_lan_solution_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "6BC9380C-E602-4718-A98B-DA5ACD8AB69B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:*", matchCriteriaId: "419D225D-28FD-4D76-ACBF-45EA35B9973E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_cd1:2nd:*:*:*:*:*:*:*", matchCriteriaId: "AF809BC6-93A5-4B1D-BC3C-2A41F32D4A92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_cd1:3rd:*:*:*:*:*:*:*", matchCriteriaId: "EED9047B-5AA5-49C1-B8D1-690D505082D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_cd1:4th:*:*:*:*:*:*:*", matchCriteriaId: "45096D29-930F-4FE0-A23F-8C57BF62567A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_cd1:5th:*:*:*:*:*:*:*", matchCriteriaId: "AC6393A1-F3A2-4D73-A845-03C9725B91A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ciscoworks_windows_wug:*:*:*:*:*:*:*:*", matchCriteriaId: "80FE5EBC-DCD3-4FFA-A120-83DE51E2FA0A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "35D53AA4-4E6D-4586-A84A-634C68C0C967", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*", matchCriteriaId: "38CC94AA-9702-4A7E-82C5-DE06FB7D6631", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "C496B665-70DA-4B98-A5D1-E2935C0CE840", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", matchCriteriaId: "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "34797660-41F5-4358-B70F-2A40DE48F182", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", matchCriteriaId: "4054D69F-596F-4EB4-BE9A-E2478343F55A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", matchCriteriaId: "CA26ABBE-9973-45FA-9E9B-82170B751219", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "7891202C-62AF-4590-9E5F-3514FDA2B38E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "BF8F9B2F-E898-4F87-A245-32A41748587B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", matchCriteriaId: "183667CA-6DF1-4BFB-AE32-9ABF55B7283A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", matchCriteriaId: "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", matchCriteriaId: "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", matchCriteriaId: "314BA420-4C74-4060-8ACE-D7A7C041CF2B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", matchCriteriaId: "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", matchCriteriaId: "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", matchCriteriaId: "EE38C50A-81FE-412E-9717-3672FAE6A6F4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", matchCriteriaId: "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "263F3734-7076-4EA8-B4C0-F37CFC4E979E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "B982342C-1981-4C55-8044-AFE4D87623DF", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "47E02BE6-4800-4940-B269-385B66AC5077", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", matchCriteriaId: "0EB09993-B837-4352-B09D-3656F62638A8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", matchCriteriaId: "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", matchCriteriaId: "29EAA113-2404-4ABB-826B-3AA2AA858D02", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", matchCriteriaId: "D0A585A1-FF82-418F-90F8-072458DB7816", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", matchCriteriaId: "E3F7EB61-55A5-4776-B0E7-3508920A6CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", matchCriteriaId: "A442DE97-4485-4D95-B95D-58947585E455", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", matchCriteriaId: "AE31DFF8-06AB-489D-A0C5-509C090283B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", matchCriteriaId: "1E8A6564-129A-4555-A5ED-6F65C56AE7B4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", matchCriteriaId: "237174A4-E030-4A0B-AD0B-5C463603EAA4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", matchCriteriaId: "DF49BF03-C25E-4737-84D5-892895C86C58", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", matchCriteriaId: "5D7F8F11-1869-40E2-8478-28B4E946D3CC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", matchCriteriaId: "D2019E0E-426B-43AF-8904-1B811AE171E8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", matchCriteriaId: "9062BAB5-D437-49BE-A384-39F62434B70B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*", matchCriteriaId: "3BA1504C-14FE-4C21-A801-944041F2946F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*", matchCriteriaId: "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", matchCriteriaId: "6E53C673-9D6D-42C8-A502-033E1FC28D97", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", matchCriteriaId: "55C5FC1A-1253-4390-A4FC-573BB14EA937", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*", matchCriteriaId: "6F4AC452-6042-409D-8673-ACAD108EE3B5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*", matchCriteriaId: "2FE1009B-371A-48E2-A456-935A1F0B7D0D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*", matchCriteriaId: "C844A170-B5A7-4703-AF3B-67366D44EA8B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", matchCriteriaId: "44308D13-D935-4FF8-AB52-F0E115ED1AD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*", matchCriteriaId: "3D41CB12-7894-4D25-80EC-23C56171D973", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*", matchCriteriaId: "9BCD9C12-EDAB-473F-9CC5-04F06B413720", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*", matchCriteriaId: "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*", matchCriteriaId: "09789843-6A1A-4CDB-97E8-89E82B79DDB5", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", matchCriteriaId: "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*", matchCriteriaId: "118211EF-CED7-4EB5-9669-F54C8169D4AE", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*", matchCriteriaId: "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*", matchCriteriaId: "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*", matchCriteriaId: "9A405AE2-ECC4-4BB0-80DD-4736394FB217", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", matchCriteriaId: "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", matchCriteriaId: "B86C77AB-B8FF-4376-9B4E-C88417396F3D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*", matchCriteriaId: "E5612FB0-8403-4A7E-B89A-D7BDFAC00078", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*", matchCriteriaId: "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*", matchCriteriaId: "AFDA151E-E614-4A24-A34D-B6D5309110CC", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*", matchCriteriaId: "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*", matchCriteriaId: "09BFA20B-2F31-4246-8F74-63DF1DB884EE", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*", matchCriteriaId: "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*", matchCriteriaId: "4AE93D3D-34B4-47B7-A784-61F4479FF5A2", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*", matchCriteriaId: "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*", matchCriteriaId: "9FFD9D1C-A459-47AD-BC62-15631417A32F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*", matchCriteriaId: "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*", matchCriteriaId: "6E21E50A-A368-4487-A791-87366CC5C86E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*", matchCriteriaId: "43E84296-9B5C-4623-A2C4-431D76FC2765", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*", matchCriteriaId: "E18328E2-3CB5-4D36-8EA3-77DD909B46A3", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*", matchCriteriaId: "EF73D76B-FBB8-4D10-8393-9FAF53392A4B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*", matchCriteriaId: "F177AE1C-58C2-4575-807C-ABFFC5119FA8", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", matchCriteriaId: "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*", matchCriteriaId: "3B13D898-C1B6-44B9-8432-7DDB8A380E9E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*", matchCriteriaId: "51A612F6-E4EB-4E34-8F55-79E16C74758E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*", matchCriteriaId: "5C19B266-8FE7-49ED-8678-2D522257491D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*", matchCriteriaId: "15C4D826-A419-45F5-B91C-1445DB480916", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*", matchCriteriaId: "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*", matchCriteriaId: "8E4BC012-ADE4-468F-9A25-261CD8055694", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*", matchCriteriaId: "D8A80E6A-6502-4A33-83BA-7DCC606D79AA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*", matchCriteriaId: "0D6428EB-5E1A-41CB-979C-4C9402251D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*", matchCriteriaId: "2DCA9879-C9F5-475A-8EC9-04D151001C8D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*", matchCriteriaId: "0A94132F-4C47-49CC-B03C-8756613E9A38", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*", matchCriteriaId: "46A60ED5-1D92-4B40-956F-D1801CAB9039", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*", matchCriteriaId: "3F629879-66F0-427B-86D8-D740E0E3F6E8", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", matchCriteriaId: "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", matchCriteriaId: "294EBA01-147B-4DA0-937E-ACBB655EDE53", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", matchCriteriaId: "4E8B7346-F2AA-434C-A048-7463EC1BB117", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", matchCriteriaId: "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", matchCriteriaId: "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*", matchCriteriaId: "E69D0E21-8C62-403E-8097-2CA403CBBB1B", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*", matchCriteriaId: "B127407D-AE50-4AFE-A780-D85B5AF44A2D", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*", matchCriteriaId: "5D42E51C-740A-4441-8BAF-D073111B984C", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*", matchCriteriaId: "34ACB544-87DD-4D9A-99F0-A10F48C1EE05", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*", matchCriteriaId: "74AD256D-4BCE-41FB-AD73-C5C63A59A06D", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*", matchCriteriaId: "A3AC387D-BB23-4EB9-A7DA-6E3F5CD8EFD7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*", matchCriteriaId: "B518E945-5FDE-4A37-878D-6946653C91F7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*", matchCriteriaId: "91D6D065-A28D-49DA-B7F4-38421FF86498", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*", matchCriteriaId: "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", matchCriteriaId: "BC176BB0-1655-4BEA-A841-C4158167CC9B", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", matchCriteriaId: "403945FA-8676-4D98-B903-48452B46F48F", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", matchCriteriaId: "4BF263CB-4239-4DB0-867C-9069ED02CAD7", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*", matchCriteriaId: "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*", matchCriteriaId: "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*", matchCriteriaId: "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", matchCriteriaId: "6A05337E-18A5-4939-85A0-69583D9B5AD9", vulnerable: true, }, { criteria: "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", matchCriteriaId: "FB2BE2DE-7B06-47ED-A674-15D45448F357", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*", matchCriteriaId: "60DA30A1-3360-46BC-85B7-008D535F95BE", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*", matchCriteriaId: "DA33E7E2-DE7B-411E-8991-718DA0988C51", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", matchCriteriaId: "1957B3C0-7F25-469B-BC3F-7B09260837ED", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", matchCriteriaId: "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*", matchCriteriaId: "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:alaxala:alaxala_networks:ax5400s:*:*:*:*:*:*:*", matchCriteriaId: "36F8D909-66F0-4D52-B909-12A8F0F57E4D", vulnerable: true, }, { criteria: "cpe:2.3:h:alaxala:alaxala_networks:ax7800r:*:*:*:*:*:*:*", matchCriteriaId: "107670ED-9000-476A-A95E-A5DB1DF5DE2D", vulnerable: true, }, { criteria: "cpe:2.3:h:alaxala:alaxala_networks:ax7800s:*:*:*:*:*:*:*", matchCriteriaId: "2513589C-5598-419E-A1CC-1113E8E1ED47", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*", matchCriteriaId: "2E8B5553-7295-4786-9F81-B4527EAD4F0B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:aironet_ap350:*:*:*:*:*:*:*:*", matchCriteriaId: "7AF8AA1B-17C3-49E3-BA0F-17FFCE2AAE03", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:sn_5420_storage_router:*:*:*:*:*:*:*:*", matchCriteriaId: "67CD39D2-2BD7-475C-99AF-785FC1468268", vulnerable: true, }, { criteria: "cpe:2.3:h:hitachi:gr3000:*:*:*:*:*:*:*:*", matchCriteriaId: "6BE18FB6-E292-47B2-8FA2-74EE122C2B02", vulnerable: true, }, { criteria: "cpe:2.3:h:hitachi:gr4000:*:*:*:*:*:*:*:*", matchCriteriaId: "D377F14F-44AE-4D74-8C14-BA73AC77FDB7", vulnerable: true, }, { criteria: "cpe:2.3:h:hitachi:gs4000:*:*:*:*:*:*:*:*", matchCriteriaId: "2E0F430E-3C96-4012-8B4B-9DBC7FC2C696", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rt105:*:*:*:*:*:*:*:*", matchCriteriaId: "1DF64DBC-0642-420F-984D-D362BB58543E", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rt250i:*:*:*:*:*:*:*:*", matchCriteriaId: "49D56D5F-5E20-4273-B4BE-D603666B69EF", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rt300i:*:*:*:*:*:*:*:*", matchCriteriaId: "04E91CCC-2C87-4821-BECB-CCAA2C02746B", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rt57i:*:*:*:*:*:*:*:*", matchCriteriaId: "E34B7C2B-399B-4892-B715-8ACA3C2FCD39", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rtv700:*:*:*:*:*:*:*:*", matchCriteriaId: "51AF5618-F041-43F9-B225-ADEAE8379C3E", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rtx1000:*:*:*:*:*:*:*:*", matchCriteriaId: "83831044-089B-4BA9-965C-7A5B2CBBACB7", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rtx1100:*:*:*:*:*:*:*:*", matchCriteriaId: "52AA01AA-C220-411B-8F96-77FE54EFFAF6", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rtx1500:*:*:*:*:*:*:*:*", matchCriteriaId: "B03C6BB5-8BA2-475C-86FA-69B33BF7B3E6", vulnerable: true, }, { criteria: "cpe:2.3:h:yamaha:rtx2000:*:*:*:*:*:*:*:*", matchCriteriaId: "D9A4B1ED-30F3-477A-8D4E-1342AF8DEB1C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6576F05C-271D-401F-99BF-54D004B8D9B4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "718815AE-B1F2-4275-946A-A6FE5D5106C7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "8702F2BF-7B5B-4692-BEA5-EE86142892B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "AE896351-297D-432B-97A5-F5732EC8B419", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "E4C5D0D3-F5F4-402F-880B-32A07AAA8694", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5420_storage_router_firmware:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "CEEA4099-F68F-4542-815F-3716C13EBFD9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:2-3.3.1-k9:*:*:*:*:*:*:*", matchCriteriaId: "9EE654EE-28AF-42D3-A4C9-4BFB7E9D168B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:2-3.3.2-k9:*:*:*:*:*:*:*", matchCriteriaId: "89EB3837-6F21-4B2E-BA36-FCCFCAA10F87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:2.5.1-k9:*:*:*:*:*:*:*", matchCriteriaId: "2A709E73-B933-4F82-B48C-338B391EB779", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:3.2.1-k9:*:*:*:*:*:*:*", matchCriteriaId: "D7B6E779-3A98-48FE-943F-03F1B461E052", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:3.2.2-k9:*:*:*:*:*:*:*", matchCriteriaId: "A320E9FF-16C5-4924-81E4-30AB859B5535", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:3.3.1-k9:*:*:*:*:*:*:*", matchCriteriaId: "106E35AF-5D63-4D94-9B51-853F565B81B7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:sn_5428_storage_router:3.3.2-k9:*:*:*:*:*:*:*", matchCriteriaId: "64A981F8-A671-48FD-93D8-27D03ED6DA60", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.0:*:*:*:*:*:*:*", matchCriteriaId: "04C3A906-6DB7-405A-924B-35D9C53E2453", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.2:*:*:*:*:*:*:*", matchCriteriaId: "6ADD5E15-8174-4C87-A8DF-A266B90D0644", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.3:*:*:*:*:*:*:*", matchCriteriaId: "63D35C2D-DD83-4337-AEA1-5B7E9D5E2EE8", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.4:*:*:*:*:*:*:*", matchCriteriaId: "5DFC90CF-9AAA-4D3E-9F91-1B278EA46E40", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5:*:*:*:*:*:*:*", matchCriteriaId: "A0DB69D7-AEBB-428F-A229-9132D91342CC", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5.6:*:*:*:*:*:*:*", matchCriteriaId: "6A96B67C-DD7B-441D-A18B-59F5680D10AF", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5.9:*:*:*:*:*:*:*", matchCriteriaId: "7E8D947C-2A9F-47AD-B221-C80107DD341E", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5.10:*:*:*:*:*:*:*", matchCriteriaId: "431E7D83-CC65-4A8B-8A3E-5D9C5D6BE406", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5.11:*:*:*:*:*:*:*", matchCriteriaId: "A49E573B-F732-4F96-B7F2-DE7989D403CE", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.5.12:*:*:*:*:*:*:*", matchCriteriaId: "F98E8B40-12E1-4B27-98F3-AF589E516EF1", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.6:*:*:*:*:*:*:*", matchCriteriaId: "8E71C845-F308-4B36-81DD-906F2C5D8226", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:4.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8FAE8872-60E7-453E-8C6F-20D970EFAA70", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0:*:*:*:*:*:*:*", matchCriteriaId: "96240FCA-244C-40E5-9509-2F79ECF51BE6", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0.1:*:*:*:*:*:*:*", matchCriteriaId: "724E2496-E0D2-47AF-AC30-CC671731A37D", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0.2:*:*:*:*:*:*:*", matchCriteriaId: "A70E46B6-FFE2-47A6-A907-E606E8D16495", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0.3:*:*:*:*:*:*:*", matchCriteriaId: "8783BBE4-A081-4409-A369-B063C4D73C46", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0.4:*:*:*:*:*:*:*", matchCriteriaId: "951A82A0-3C91-4B50-AE4D-929A4EA75F34", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:tmos:9.0.5:*:*:*:*:*:*:*", matchCriteriaId: "38992D08-E1FF-4C89-982E-635C43B5BC2C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.", }, ], id: "CVE-2005-0356", lastModified: "2024-11-20T23:54:57.377", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-05-31T04:00:00.000", references: [ { source: "cret@cert.org", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc", }, { source: "cret@cert.org", url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/15393", }, { source: "cret@cert.org", tags: [ "Patch", ], url: "http://secunia.com/advisories/15417/", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/18222", }, { source: "cret@cert.org", url: "http://secunia.com/advisories/18662", }, { source: "cret@cert.org", url: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/637934", }, { source: "cret@cert.org", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/13676", }, { source: "cret@cert.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15393", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://secunia.com/advisories/15417/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18222", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/637934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/13676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B9CAFC15-178C-4176-9668-D4A04B63E77B", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "3C8D6949-89F4-40EF-98F4-8D15628DC345", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", matchCriteriaId: "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", matchCriteriaId: "6479D85C-1A12-486D-818C-6679F415CA26", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "287CF5FA-D0EC-4FD7-9718-973587EF34DF", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", matchCriteriaId: "C88168D4-7DB5-4720-8640-400BB680D0FD", vulnerable: true, }, { criteria: "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", matchCriteriaId: "968915A1-375B-4C69-BE11-9A393F7F1B0F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", matchCriteriaId: "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", matchCriteriaId: "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", matchCriteriaId: "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", matchCriteriaId: "2A4C5F60-B32D-4D85-BA28-AE11972ED614", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "6A5935C3-3D83-461F-BC26-E03362115C42", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", matchCriteriaId: "80AC523B-3106-46F2-B760-803DCF8061F4", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", matchCriteriaId: "F8B8D6F3-D15D-489F-A807-17E63F4831F2", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", matchCriteriaId: "808189BA-197F-49CE-933E-A728F395749C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", matchCriteriaId: "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", matchCriteriaId: "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", matchCriteriaId: "7BC2983F-5212-464B-AC21-8A897DEC1F58", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", matchCriteriaId: "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "BF2D00AC-FA2A-4C39-B796-DC19072862CF", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", matchCriteriaId: "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", matchCriteriaId: "441BE3A0-20F4-4972-B279-19B3DB5FA14D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", matchCriteriaId: "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", matchCriteriaId: "00EAEA17-033A-4A50-8E39-D61154876D2F", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", matchCriteriaId: "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", matchCriteriaId: "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", matchCriteriaId: "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", matchCriteriaId: "DD7C441E-444B-4DF5-8491-86805C70FB99", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", matchCriteriaId: "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", matchCriteriaId: "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", matchCriteriaId: "771931F7-9180-4EBD-8627-E1CF17D24647", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", matchCriteriaId: "EDD9BE2B-7255-4FC1-B452-E8370632B03F", vulnerable: true, }, { criteria: "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", matchCriteriaId: "32310AFE-38CC-4C6C-AE13-54C18720F2C0", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", matchCriteriaId: "AC46909F-DDFC-448B-BCDF-1EB343F96630", vulnerable: true, }, { criteria: "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", matchCriteriaId: "9496279F-AB43-4B53-81A6-87C651ABC4BA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", matchCriteriaId: "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "EC79FF22-2664-4C40-B0B3-6D23B5F45162", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", matchCriteriaId: "0EFE2E73-9536-41A9-B83B-0A06B54857F4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", matchCriteriaId: "E562907F-D915-4030-847A-3C6834A80D4E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", matchCriteriaId: "138985E6-5107-4E8B-A801-C3D5FE075227", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "038FEDE7-986F-4CA5-9003-BA68352B87D4", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1E140F76-D078-4F58-89CF-3278CDCB9AF3", vulnerable: true, }, { criteria: "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "D9D76A8D-832B-411E-A458-186733C66010", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", matchCriteriaId: "580BA1FE-0826-47A7-8BD3-9225E0841EDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", matchCriteriaId: "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", matchCriteriaId: "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", matchCriteriaId: "E72872C9-63AF-417F-BFAE-92B4D350C006", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", matchCriteriaId: "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", matchCriteriaId: "970939C5-1E6F-47B6-97E6-7B2C1E019985", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", matchCriteriaId: "CD1F4148-E772-4708-8C1F-D67F969C11DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", matchCriteriaId: "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", matchCriteriaId: "09458CD7-D430-4957-8506-FAB2A3E2AA65", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", matchCriteriaId: "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F8B87C95-4B34-4628-AD03-67D1DE13E097", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", matchCriteriaId: "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "E237919A-416B-4039-AAD2-7FAE1F4E100D", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "39149924-188C-40C1-B598-A9CD407C90DE", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", matchCriteriaId: "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", vulnerable: true, }, { criteria: "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E6501108-5455-48FE-AA82-37AFA5D7EC24", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", matchCriteriaId: "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", matchCriteriaId: "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", matchCriteriaId: "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", matchCriteriaId: "CCF6D59E-8AEA-4380-B86B-0803B2202F16", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", matchCriteriaId: "140ABF28-FA39-4D77-AEB2-304962ED48C2", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", matchCriteriaId: "09473DD9-5114-44C5-B56C-6630FBEBCACB", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", matchCriteriaId: "D36C140D-E80C-479A-ADA7-18E901549059", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "940712E9-B041-4B7F-BD02-7DD0AE596D65", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "03B887A2-9025-4C5B-8901-71BC63BF5293", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "33264586-7160-4550-9FF9-4101D72F5C9B", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5E6521-0611-4473-82AC-21655F10FEC0", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", matchCriteriaId: "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", matchCriteriaId: "8C83ABA2-87CD-429B-9800-590F8256B064", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "0A1A0B02-CF33-401F-9AB2-D595E586C795", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", matchCriteriaId: "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", matchCriteriaId: "90FB3825-21A6-4DBE-8188-67672DBE01CB", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", matchCriteriaId: "80623E58-8B46-4559-89A4-C329AACF3CB7", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", matchCriteriaId: "AEE6C228-CD93-4636-868B-C19BC1674BE6", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", matchCriteriaId: "A645148C-AD0D-46C1-BEE3-10F5C9066279", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", matchCriteriaId: "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*", matchCriteriaId: "C48F4DF4-8091-45D0-9F80-F760500B1202", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", matchCriteriaId: "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", matchCriteriaId: "02029D75-FAF2-4842-9246-079C7DE36417", vulnerable: true, }, { criteria: "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", matchCriteriaId: "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", matchCriteriaId: "B8496E0D-2507-4C25-A122-0B846CBCA72A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", matchCriteriaId: "8E383F2A-DFCF-47F8-94EE-3563D41EA597", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", matchCriteriaId: "D2D87EF0-056E-4128-89EB-2803ED83DEE9", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", matchCriteriaId: "BB3163C1-2044-44DA-9C88-076D75FDF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", matchCriteriaId: "07E1B690-C58B-4C08-A757-F3DF451FDAAA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", matchCriteriaId: "31F0E14C-7681-4D1A-B982-A51E450B93A7", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", matchCriteriaId: "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", matchCriteriaId: "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", matchCriteriaId: "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", matchCriteriaId: "37A94436-D092-4C7E-B87B-63BC621EE82E", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", matchCriteriaId: "862165CF-3CFB-4C6E-8238-86FA85F243C8", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", matchCriteriaId: "056F3336-BAA8-4A03-90B4-7B31710FC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", matchCriteriaId: "9FDC2510-FBB9-429A-B6D4-10AB11F93960", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", matchCriteriaId: "5D45127E-A544-40A0-9D34-BD70D95C9772", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", matchCriteriaId: "56C69C3E-C895-45C8-8182-7BB412A0C828", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", vulnerable: true, }, { criteria: "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D4D9564B-B92E-4C97-87FF-B56D62DCA775", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", matchCriteriaId: "B931D4F8-23F5-4ABA-A457-959995D30C58", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", matchCriteriaId: "BE6A023E-9C2A-487F-B5CE-674C766BFE75", vulnerable: true, }, { criteria: "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", matchCriteriaId: "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "2A045971-8756-47E8-9044-C39D08B36F1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", matchCriteriaId: "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "44E85930-3AAD-420B-8E3E-AEC57344F6C4", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", matchCriteriaId: "00993464-BE09-4691-B3F0-51BBA9FB80C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", matchCriteriaId: "896AB39E-2078-4BA2-9522-477BD5F98FD1", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", matchCriteriaId: "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E7300C3E-8105-4C23-89B9-7D29CED18C15", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", matchCriteriaId: "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", matchCriteriaId: "715F4E0B-7E4B-4520-A987-9B3ED3136B75", vulnerable: true, }, { criteria: "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", matchCriteriaId: "9CA1F606-C558-40FD-9300-6E2796F47BA8", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", matchCriteriaId: "A037FAA6-6D26-4496-BC67-03475B4D1155", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", matchCriteriaId: "D3831DD3-E783-4200-8986-FDBF7DD9BA53", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", matchCriteriaId: "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", matchCriteriaId: "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", vulnerable: true, }, { criteria: "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", matchCriteriaId: "699764B6-0F86-4AB0-86A3-4F2E69AD820C", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", matchCriteriaId: "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", matchCriteriaId: "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", matchCriteriaId: "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", matchCriteriaId: "41169D2F-4F16-466A-82E9-AD0735472B5B", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", matchCriteriaId: "947699C3-D9DE-411A-99C0-44ADD1D2223A", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", matchCriteriaId: "15F668C0-8420-4401-AB0F-479575596CF0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", matchCriteriaId: "CDDCC7B6-34CA-4551-9833-306B93E517BD", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "6D69C160-39F7-48B8-B9A3-CC86690453C0", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", matchCriteriaId: "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", matchCriteriaId: "8FA6420B-9F6A-48F4-A445-12B60A320347", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", matchCriteriaId: "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", matchCriteriaId: "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", matchCriteriaId: "180D07AE-C571-4DD6-837C-43E2A946007A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", matchCriteriaId: "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", matchCriteriaId: "90789533-C741-4B1C-A24B-2C77B9E4DE5F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", matchCriteriaId: "1520065B-46D7-48A4-B9D0-5B49F690C5B4", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", matchCriteriaId: "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", matchCriteriaId: "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", matchCriteriaId: "494E48E7-EF86-4860-9A53-94F6C313746E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", matchCriteriaId: "45A518E8-21BE-4C5C-B425-410AB1208E9C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", matchCriteriaId: "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", matchCriteriaId: "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", matchCriteriaId: "85BFEED5-4941-41BB-93D1-CD5C2A41290E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", matchCriteriaId: "78E79A05-64F3-4397-952C-A5BB950C967D", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", matchCriteriaId: "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", matchCriteriaId: "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", matchCriteriaId: "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", matchCriteriaId: "088F2FF7-96E5-455E-A35B-D99F9854EC6E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", matchCriteriaId: "FFA721BF-1B2E-479F-BF25-02D441BF175B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", matchCriteriaId: "AFEDCE49-21CC-4168-818F-4C638EE3B077", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", matchCriteriaId: "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", matchCriteriaId: "26430687-409B-448F-934B-06AB937DDF63", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", matchCriteriaId: "0702A32E-E577-403C-B4D9-15037D7100A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", matchCriteriaId: "29DC217F-C257-4A3C-9CBD-08010C30BEC3", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", matchCriteriaId: "DF1A5808-6D5D-48AD-9470-5A6510D17913", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", matchCriteriaId: "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", matchCriteriaId: "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "8D09E11C-C5BB-409E-BB0D-7F351250419B", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", matchCriteriaId: "6B06A05D-AA31-441D-9FC2-3558648C3B7E", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "C0886901-6F93-44C1-B774-84D7E5D9554C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "3F203A80-7C1E-4A04-8E99-63525E176753", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", matchCriteriaId: "CA0A204C-158B-4014-A53C-75E0CD63E0DE", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", matchCriteriaId: "085BA581-7DA5-4FA4-A888-351281FD0A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", matchCriteriaId: "EA1C4B3C-5701-4233-BA94-28915713F9C8", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", matchCriteriaId: "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "0F85F672-0F21-4AD7-8620-13D82F2ECC22", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", matchCriteriaId: "89070041-613A-4F7B-BD6A-C6091D21FC52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", matchCriteriaId: "D9A71933-4BD5-4B11-8B14-D997E75F29CD", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "5B6BE11D-FC02-4950-A554-08CC9D8B1853", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", matchCriteriaId: "69FA0221-5073-4D45-950F-119497B53FED", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", matchCriteriaId: "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "2CC1A110-B203-4962-8E1A-74BD98121AF6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "B5A92C4D-B024-4D39-9479-409C39586F64", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", matchCriteriaId: "5E8998CC-E372-46D0-8339-47DC8D92D253", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", matchCriteriaId: "AF131FDC-BF8D-4A17-99F0-444EB900E83D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", matchCriteriaId: "880811B3-E78E-456E-972E-DE733F368576", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", matchCriteriaId: "22411F18-2B93-405A-A3B5-2CF0A04977C6", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", matchCriteriaId: "C71188B7-E6DC-41E5-B619-367341113501", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "07491444-0196-4504-A971-A5E388B86BBA", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", matchCriteriaId: "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", matchCriteriaId: "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", matchCriteriaId: "A7C2E603-568F-40F6-9A7C-439E2A51B37F", vulnerable: true, }, { criteria: "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", matchCriteriaId: "703421A7-E8C5-450B-97EF-FD9D99D4B834", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", matchCriteriaId: "9519BCB2-B401-44CE-97F6-847BB36AE45F", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", matchCriteriaId: "BBE573E8-DD94-4293-99AE-27B9067B3ED9", vulnerable: true, }, { criteria: "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", matchCriteriaId: "D14413DA-5199-4282-9E22-D347E9D8E469", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", matchCriteriaId: "05CC5F49-0E9E-45D8-827D-A5940566DB25", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", matchCriteriaId: "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", matchCriteriaId: "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", matchCriteriaId: "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", matchCriteriaId: "8CE38F15-BD42-4171-8670-86AA8169A60C", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C3E6C4A8-59F4-43EE-8413-E95289037598", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FE76357A-27E6-4D85-9AA0-1BB658C41568", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C56C5FDB-24E2-479D-87CA-164CD28567D3", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", vulnerable: true, }, { criteria: "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", vulnerable: true, }, { criteria: "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", matchCriteriaId: "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12DE5E22-DF93-46BE-85A3-D4E04379E901", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", matchCriteriaId: "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", matchCriteriaId: "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", vulnerable: true, }, { criteria: "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", matchCriteriaId: "408A9DB0-81EF-4186-B338-44954E67289B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", matchCriteriaId: "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", matchCriteriaId: "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", matchCriteriaId: "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", matchCriteriaId: "FED22DC1-E06B-4511-B920-6DAB792262D8", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", matchCriteriaId: "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "F757B2A7-869F-4702-81EB-466317A79D61", vulnerable: true, }, { criteria: "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", matchCriteriaId: "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", vulnerable: true, }, { criteria: "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", matchCriteriaId: "64AF1E33-4086-43E2-8F54-DA75A99D4B75", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", matchCriteriaId: "53D16F03-A4C7-4497-AB74-499F208FF059", vulnerable: true, }, { criteria: "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", matchCriteriaId: "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", matchCriteriaId: "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C558CED8-8342-46CB-9F52-580B626D320E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0F85D19E-6C26-429D-B876-F34238B9DAAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", matchCriteriaId: "09063867-0E64-4630-B35B-4CCA348E4DAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", matchCriteriaId: "78F98CD7-A352-483C-9968-8FB2627A7CBD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B925E8-D2C2-4E8C-AC21-0C422245C482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B9170562-872E-4C32-869C-B10FF35A925E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D0927A68-8BB2-4F03-8396-E9CACC158FC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "559DDBA3-2AF4-4A0C-B219-6779BA931F21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", matchCriteriaId: "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5226C9CC-6933-4F10-B426-B47782C606FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "757DAE9A-B25D-4B8A-A41B-66C2897B537E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5E3DC170-E279-4725-B9EE-6840B5685CC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", matchCriteriaId: "8091EDA9-BD18-47F7-8CEC-E086238647C6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", matchCriteriaId: "6F867890-74A4-4892-B99A-27DB4603B873", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE05B514-F094-4632-B25B-973F976F6409", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3392428D-1A85-4472-A276-C482A78E2CE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", matchCriteriaId: "40954985-16E6-4F37-B014-6A55166AE093", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", matchCriteriaId: "0C097809-1FEF-4417-A201-42291CC29122", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.", }, { lang: "es", value: "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS.", }, ], id: "CVE-2004-0081", lastModified: "2024-11-20T23:47:43.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-11-23T05:00:00.000", references: [ { source: "cve@mitre.org", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "cve@mitre.org", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { source: "cve@mitre.org", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "cve@mitre.org", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { source: "cve@mitre.org", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/11139", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "cve@mitre.org", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "cve@mitre.org", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2004/dsa-465", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { source: "cve@mitre.org", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "cve@mitre.org", url: "http://www.trustix.org/errata/2004/0012", }, { source: "cve@mitre.org", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fedoranews.org/updates/FEDORA-2004-095.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=107955049331965&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=108403850228012&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2004-119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/11139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200403-03.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2004/dsa-465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/465542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-120.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-121.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2004-139.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9899", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.trustix.org/errata/2004/0012", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA04-078A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-18 23:59
Modified
2024-11-21 02:23
Severity ?
Summary
The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_services_switch_11500_firmware | * | |
| cisco | content_services_switch_11500 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:content_services_switch_11500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FBB6701F-F32A-4EF2-9D4C-F74DD68D01B1", versionEndIncluding: "8.20.4.02", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", matchCriteriaId: "BF28C435-C036-4507-8E3F-44E722F9974A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.", }, { lang: "es", value: "La interfaz de gestión en los dispositivos Cisco Content Services Switch (CSS) 11500 8.20.4.02 y anteriores permite a atacantes remotos evadir las restricciones del acceso a la red local a través de paquetes SSH manipulados, también conocido como Bug ID CSCut14855.", }, ], id: "CVE-2015-0667", lastModified: "2024-11-21T02:23:30.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-18T23:59:01.330", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=37889", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1031939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=37889", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1031939", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }