Vulnerabilites related to novell - open_enterprise_server
cve-2006-0998
Vulnerability from cvelistv5
Published
2006-03-23 11:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/1043 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015799 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/24047 | vdb-entry, x_refsource_OSVDB | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25381 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/19324 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/64758 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/17176 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:56:15.200Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015799", }, { name: "24047", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/24047", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-weak-encryption(25381)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25381", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19324", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/64758", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/17176", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-03-17T00:00:00", descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015799", }, { name: "24047", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/24047", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-weak-encryption(25381)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25381", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19324", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/64758", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/17176", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0998", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2006-1043", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015799", }, { name: "24047", refsource: "OSVDB", url: "http://www.osvdb.org/24047", }, { name: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", refsource: "CONFIRM", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-weak-encryption(25381)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25381", }, { name: "19324", refsource: "SECUNIA", url: "http://secunia.com/advisories/19324", }, { name: "64758", refsource: "BID", url: "http://www.securityfocus.com/bid/64758", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", refsource: "BID", url: "http://www.securityfocus.com/bid/17176", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0998", datePublished: "2006-03-23T11:00:00", dateReserved: "2006-03-06T00:00:00", dateUpdated: "2024-08-07T16:56:15.200Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0598
Vulnerability from cvelistv5
Published
2014-06-18 17:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.novell.com/support/kb/doc.php?id=7010867 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/59113 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/68066 | vdb-entry, x_refsource_BID | |
| https://bugzilla.novell.com/show_bug.cgi?id=869970 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:20:19.865Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59113", }, { name: "68066", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/68066", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.novell.com/show_bug.cgi?id=869970", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-09T00:00:00", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-05T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59113", }, { name: "68066", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/68066", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.novell.com/show_bug.cgi?id=869970", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-0598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.novell.com/support/kb/doc.php?id=7010867", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", refsource: "SECUNIA", url: "http://secunia.com/advisories/59113", }, { name: "68066", refsource: "BID", url: "http://www.securityfocus.com/bid/68066", }, { name: "https://bugzilla.novell.com/show_bug.cgi?id=869970", refsource: "CONFIRM", url: "https://bugzilla.novell.com/show_bug.cgi?id=869970", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-0598", datePublished: "2014-06-18T17:00:00", dateReserved: "2013-12-28T00:00:00", dateUpdated: "2024-08-06T09:20:19.865Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-4636
Vulnerability from cvelistv5
Published
2008-11-27 00:00
Modified
2024-08-07 10:24
Severity ?
EPSS score ?
Summary
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/32464 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32832 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/50284 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46879 | vdb-entry, x_refsource_XF | |
| http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:24:20.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32464", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32832", }, { name: "50284", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-11-25T00:00:00", descriptions: [ { lang: "en", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-07T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "32464", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32832", }, { name: "50284", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-4636", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32464", refsource: "BID", url: "http://www.securityfocus.com/bid/32464", }, { name: "32832", refsource: "SECUNIA", url: "http://secunia.com/advisories/32832", }, { name: "50284", refsource: "OSVDB", url: "http://osvdb.org/50284", }, { name: "yast2backup-backup-command-execution(46879)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { name: "SUSE-SA:2008:054", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-4636", datePublished: "2008-11-27T00:00:00", dateReserved: "2008-10-21T00:00:00", dateUpdated: "2024-08-07T10:24:20.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-3655
Vulnerability from cvelistv5
Published
2006-01-14 01:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/16226 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24111 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/22455 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/18484 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1015487 | vdb-entry, x_refsource_SECTRACK | |
| http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371 | third-party-advisory, x_refsource_IDEFENSE | |
| http://securityreason.com/securityalert/348 | third-party-advisory, x_refsource_SREASON | |
| http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:17:23.435Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "16226", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16226", }, { name: "novell-remote-manager-bo(24111)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24111", }, { name: "22455", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/22455", }, { name: "18484", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18484", }, { name: "1015487", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015487", }, { name: "20060113 Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371", }, { name: "348", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/348", }, { name: "SUSE-SA:2006:002", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-01-13T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "16226", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16226", }, { name: "novell-remote-manager-bo(24111)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24111", }, { name: "22455", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/22455", }, { name: "18484", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18484", }, { name: "1015487", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015487", }, { name: "20060113 Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371", }, { name: "348", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/348", }, { name: "SUSE-SA:2006:002", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3655", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "16226", refsource: "BID", url: "http://www.securityfocus.com/bid/16226", }, { name: "novell-remote-manager-bo(24111)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24111", }, { name: "22455", refsource: "OSVDB", url: "http://www.osvdb.org/22455", }, { name: "18484", refsource: "SECUNIA", url: "http://secunia.com/advisories/18484", }, { name: "1015487", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015487", }, { name: "20060113 Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow", refsource: "IDEFENSE", url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371", }, { name: "348", refsource: "SREASON", url: "http://securityreason.com/securityalert/348", }, { name: "SUSE-SA:2006:002", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3655", datePublished: "2006-01-14T01:00:00", dateReserved: "2005-11-18T00:00:00", dateUpdated: "2024-08-07T23:17:23.435Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0999
Vulnerability from cvelistv5
Published
2006-03-23 11:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/1043 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015799 | vdb-entry, x_refsource_SECTRACK | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25382 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/19324 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/64758 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/24048 | vdb-entry, x_refsource_OSVDB | |
| http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/17176 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:56:15.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015799", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-forced-weak-encryption(25382)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19324", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/64758", }, { name: "24048", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/24048", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/17176", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-03-17T00:00:00", descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015799", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-forced-weak-encryption(25382)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19324", }, { name: "64758", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/64758", }, { name: "24048", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/24048", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/17176", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0999", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2006-1043", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015799", }, { name: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", refsource: "CONFIRM", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "netware-nile-forced-weak-encryption(25382)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382", }, { name: "19324", refsource: "SECUNIA", url: "http://secunia.com/advisories/19324", }, { name: "64758", refsource: "BID", url: "http://www.securityfocus.com/bid/64758", }, { name: "24048", refsource: "OSVDB", url: "http://www.osvdb.org/24048", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { name: "17176", refsource: "BID", url: "http://www.securityfocus.com/bid/17176", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0999", datePublished: "2006-03-23T11:00:00", dateReserved: "2006-03-06T00:00:00", dateUpdated: "2024-08-07T16:56:15.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0736
Vulnerability from cvelistv5
Published
2006-02-27 20:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2006_10_casa.html | vendor-advisory, x_refsource_SUSE | |
| http://www.vupen.com/english/advisories/2006/0693 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/16779 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18995 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:48:55.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SA:2006:010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18995", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-02-22T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2006-03-10T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SA:2006:010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18995", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0736", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SA:2006:010", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { name: "ADV-2006-0693", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0693", }, { name: "16779", refsource: "BID", url: "http://www.securityfocus.com/bid/16779", }, { name: "18995", refsource: "SECUNIA", url: "http://secunia.com/advisories/18995", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0736", datePublished: "2006-02-27T20:00:00", dateReserved: "2006-02-16T00:00:00", dateUpdated: "2024-08-07T16:48:55.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0611
Vulnerability from cvelistv5
Published
2009-02-17 17:00
Modified
2024-08-07 04:40
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33886 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/33708 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/51941 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2009/0421 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48619 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt | x_refsource_MISC | |
| http://www.securitytracker.com/id?1021695 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:40:05.082Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "33886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33886", }, { name: "33708", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/33708", }, { name: "51941", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/51941", }, { name: "ADV-2009-0421", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0421", }, { name: "quickfinderserver-multiple-xss(48619)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48619", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", }, { name: "1021695", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021695", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-02-10T00:00:00", descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "33886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33886", }, { name: "33708", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/33708", }, { name: "51941", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/51941", }, { name: "ADV-2009-0421", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0421", }, { name: "quickfinderserver-multiple-xss(48619)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48619", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", }, { name: "1021695", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021695", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0611", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "33886", refsource: "SECUNIA", url: "http://secunia.com/advisories/33886", }, { name: "33708", refsource: "BID", url: "http://www.securityfocus.com/bid/33708", }, { name: "51941", refsource: "OSVDB", url: "http://osvdb.org/51941", }, { name: "ADV-2009-0421", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/0421", }, { name: "quickfinderserver-multiple-xss(48619)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48619", }, { name: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", refsource: "MISC", url: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", }, { name: "1021695", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1021695", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0611", datePublished: "2009-02-17T17:00:00", dateReserved: "2009-02-17T00:00:00", dateUpdated: "2024-08-07T04:40:05.082Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-2016
Vulnerability from cvelistv5
Published
2019-12-30 21:47
Modified
2024-08-06 15:20
Severity ?
EPSS score ?
Summary
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-2016 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2013-2016 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/04/29/5 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/04/29/6 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/59541 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/83850 | x_refsource_MISC | |
| https://github.com/qemu/qemu/commit/5f5a1318653c08e435cfa52f60b6a712815b659d | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| qemu | qemu (virtio-rng) |
Version: v1.3.0 and later |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:20:37.490Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-2016", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2013-2016", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/5", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/6", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.securityfocus.com/bid/59541", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/qemu/qemu/commit/5f5a1318653c08e435cfa52f60b6a712815b659d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "qemu (virtio-rng)", vendor: "qemu", versions: [ { status: "affected", version: "v1.3.0 and later", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-31T14:29:44", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-2016", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2013-2016", }, { tags: [ "x_refsource_MISC", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/5", }, { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/6", }, { tags: [ "x_refsource_MISC", ], url: "http://www.securityfocus.com/bid/59541", }, { tags: [ "x_refsource_MISC", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/qemu/qemu/commit/5f5a1318653c08e435cfa52f60b6a712815b659d", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-2016", datePublished: "2019-12-30T21:47:07", dateReserved: "2013-02-19T00:00:00", dateUpdated: "2024-08-06T15:20:37.490Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0997
Vulnerability from cvelistv5
Published
2006-03-23 11:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/1043 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015799 | vdb-entry, x_refsource_SECTRACK | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm | x_refsource_CONFIRM | |
| http://secunia.com/advisories/19324 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25380 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/17176 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/24046 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:56:15.298Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015799", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19324", }, { name: "netware-nile-ssl-cleartext(25380)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/17176", }, { name: "24046", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/24046", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-03-17T00:00:00", descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2006-1043", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015799", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "19324", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19324", }, { name: "netware-nile-ssl-cleartext(25380)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380", }, { name: "17176", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/17176", }, { name: "24046", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/24046", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0997", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2006-1043", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1043", }, { name: "1015799", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015799", }, { name: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", refsource: "CONFIRM", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { name: "19324", refsource: "SECUNIA", url: "http://secunia.com/advisories/19324", }, { name: "netware-nile-ssl-cleartext(25380)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380", }, { name: "17176", refsource: "BID", url: "http://www.securityfocus.com/bid/17176", }, { name: "24046", refsource: "OSVDB", url: "http://www.osvdb.org/24046", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0997", datePublished: "2006-03-23T11:00:00", dateReserved: "2006-03-06T00:00:00", dateUpdated: "2024-08-07T16:56:15.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-4194
Vulnerability from cvelistv5
Published
2012-02-02 02:00
Modified
2024-09-16 18:14
Severity ?
EPSS score ?
Summary
Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/support/viewContent.do?externalId=7010084 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:01:50.999Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/viewContent.do?externalId=7010084", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-02-02T02:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/viewContent.do?externalId=7010084", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-4194", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.novell.com/support/viewContent.do?externalId=7010084", refsource: "CONFIRM", url: "http://www.novell.com/support/viewContent.do?externalId=7010084", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-4194", datePublished: "2012-02-02T02:00:00Z", dateReserved: "2011-10-25T00:00:00Z", dateUpdated: "2024-09-16T18:14:32.263Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0115
Vulnerability from cvelistv5
Published
2009-03-30 16:00
Modified
2024-08-07 04:24
Severity ?
EPSS score ?
Summary
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:24:17.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "SUSE-SR:2009:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", }, { name: "34759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34759", }, { name: "38794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38794", }, { name: "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { name: "DSA-1767", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1767", }, { name: "34642", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34642", }, { name: "34694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34694", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", }, { name: "34418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34418", }, { name: "34710", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34710", }, { name: "FEDORA-2009-3453", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html", }, { name: "SUSE-SR:2009:008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://launchpad.net/bugs/cve/2009-0115", }, { name: "oval:org.mitre.oval:def:9214", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214", }, { name: "FEDORA-2009-3449", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", }, { name: "ADV-2010-0528", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-03-24T00:00:00", descriptions: [ { lang: "en", value: "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "SUSE-SR:2009:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", }, { name: "34759", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34759", }, { name: "38794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38794", }, { name: "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { name: "DSA-1767", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1767", }, { name: "34642", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34642", }, { name: "34694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34694", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", }, { name: "34418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34418", }, { name: "34710", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34710", }, { name: "FEDORA-2009-3453", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html", }, { name: "SUSE-SR:2009:008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", }, { tags: [ "x_refsource_MISC", ], url: "http://launchpad.net/bugs/cve/2009-0115", }, { name: "oval:org.mitre.oval:def:9214", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214", }, { name: "FEDORA-2009-3449", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", }, { name: "ADV-2010-0528", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0115", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "SUSE-SR:2009:007", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", }, { name: "34759", refsource: "SECUNIA", url: "http://secunia.com/advisories/34759", }, { name: "38794", refsource: "SECUNIA", url: "http://secunia.com/advisories/38794", }, { name: "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", refsource: "MLIST", url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { name: "DSA-1767", refsource: "DEBIAN", url: "http://www.debian.org/security/2009/dsa-1767", }, { name: "34642", refsource: "SECUNIA", url: "http://secunia.com/advisories/34642", }, { name: "34694", refsource: "SECUNIA", url: "http://secunia.com/advisories/34694", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", }, { name: "34418", refsource: "SECUNIA", url: "http://secunia.com/advisories/34418", }, { name: "34710", refsource: "SECUNIA", url: "http://secunia.com/advisories/34710", }, { name: "FEDORA-2009-3453", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html", }, { name: "SUSE-SR:2009:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", }, { name: "http://launchpad.net/bugs/cve/2009-0115", refsource: "MISC", url: "http://launchpad.net/bugs/cve/2009-0115", }, { name: "oval:org.mitre.oval:def:9214", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214", }, { name: "FEDORA-2009-3449", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { name: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", refsource: "CONFIRM", url: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", }, { name: "ADV-2010-0528", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0528", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0115", datePublished: "2009-03-30T16:00:00", dateReserved: "2009-01-13T00:00:00", dateUpdated: "2024-08-07T04:24:17.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-3707
Vulnerability from cvelistv5
Published
2013-12-01 17:00
Modified
2024-08-06 16:14
Severity ?
EPSS score ?
Summary
The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/support/kb/doc.php?id=7014063 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:14:56.653Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7014063", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-11-07T00:00:00", descriptions: [ { lang: "en", value: "The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-12-01T17:26:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7014063", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-3707", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.novell.com/support/kb/doc.php?id=7014063", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7014063", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-3707", datePublished: "2013-12-01T17:00:00", dateReserved: "2013-05-30T00:00:00", dateUpdated: "2024-08-06T16:14:56.653Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0609
Vulnerability from cvelistv5
Published
2014-08-17 18:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/59982 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.novell.com/support/kb/doc.php?id=7014420 | x_refsource_CONFIRM | |
| http://www.novell.com/support/kb/doc.php?id=7010867 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:20:19.871Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "59982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59982", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7014420", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7010867", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-08-08T00:00:00", descriptions: [ { lang: "en", value: "Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-04T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "59982", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59982", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7014420", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7010867", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-0609", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "59982", refsource: "SECUNIA", url: "http://secunia.com/advisories/59982", }, { name: "http://www.novell.com/support/kb/doc.php?id=7014420", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7014420", }, { name: "http://www.novell.com/support/kb/doc.php?id=7010867", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7010867", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-0609", datePublished: "2014-08-17T18:00:00", dateReserved: "2013-12-28T00:00:00", dateUpdated: "2024-08-06T09:20:19.871Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-6271
Vulnerability from cvelistv5
Published
2014-09-24 18:00
Modified
2025-02-07 13:47
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:10:13.276Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "37816", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/37816/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "SUSE-SU-2014:1223", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "SSRT101816", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "39918", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39918/", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "RHSA-2014:1295", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1295.html", }, { name: "openSUSE-SU-2014:1226", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "HPSBST03196", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61188", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61676", }, { name: "40619", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40619/", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60433", }, { name: "38849", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/38849/", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", }, { name: "SUSE-SU-2014:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61715", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "USN-2362-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2362-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61654", }, { name: "61542", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61542", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61065", }, { name: "SUSE-SU-2014:1213", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "70103", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/70103", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "SUSE-SU-2014:1212", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61641", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/node/1200223", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "RHSA-2014:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1293.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "openSUSE-SU-2014:1238", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/34879/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62343", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61485", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "HPSBST03265", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1294.html", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60063", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "40938", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/40938/", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/security/cve/CVE-2014-6271.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "61547", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61547", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200223", }, { name: "DSA-3032", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3032", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61291", }, { name: "RHSA-2014:1294", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1294.html", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0388.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61128", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1293.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "42938", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/42938/", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61700", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2014-6271", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:45:49.549420Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-01-28", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-6271", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:47:31.669Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-24T00:00:00.000Z", descriptions: [ { lang: "en", value: "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-05T16:37:05.000Z", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "37816", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/37816/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "SUSE-SU-2014:1223", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "SSRT101816", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "39918", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39918/", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "RHSA-2014:1295", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1295.html", }, { name: "openSUSE-SU-2014:1226", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "HPSBST03196", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61188", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61676", }, { name: "40619", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40619/", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60433", }, { name: "38849", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/38849/", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", }, { name: "SUSE-SU-2014:1260", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61715", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "USN-2362-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2362-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61654", }, { name: "61542", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61542", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61065", }, { name: "SUSE-SU-2014:1213", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "70103", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/70103", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "SUSE-SU-2014:1212", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61641", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/node/1200223", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "RHSA-2014:1293", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1293.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "openSUSE-SU-2014:1238", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/34879/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62343", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61485", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "HPSBST03265", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1294.html", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60063", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "40938", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/40938/", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/security/cve/CVE-2014-6271.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "61547", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61547", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200223", }, { name: "DSA-3032", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3032", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61291", }, { name: "RHSA-2014:1294", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1294.html", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0388.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61128", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1293.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "42938", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/42938/", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61700", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2014-6271", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "37816", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/37816/", }, { name: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "SUSE-SU-2014:1223", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "HPSBMU03165", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "SSRT101816", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "39918", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39918/", }, { name: "HPSBHF03119", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "RHSA-2014:1295", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1295.html", }, { name: "openSUSE-SU-2014:1226", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html", }, { name: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", refsource: "CONFIRM", url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "HPSBST03196", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { name: "61188", refsource: "SECUNIA", url: "http://secunia.com/advisories/61188", }, { name: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", refsource: "CONFIRM", url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "JVN#55667175", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", refsource: "SECUNIA", url: "http://secunia.com/advisories/61676", }, { name: "40619", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40619/", }, { name: "openSUSE-SU-2014:1254", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", refsource: "SECUNIA", url: "http://secunia.com/advisories/60433", }, { name: "38849", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/38849/", }, { name: "HPSBMU03143", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", refsource: "CONFIRM", url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", }, { name: "SUSE-SU-2014:1260", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html", }, { name: "HPSBST03155", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", refsource: "SECUNIA", url: "http://secunia.com/advisories/61715", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", refsource: "SECUNIA", url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", refsource: "SECUNIA", url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", refsource: "SECUNIA", url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "USN-2362-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2362-1", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", refsource: "SECUNIA", url: "http://secunia.com/advisories/61654", }, { name: "61542", refsource: "SECUNIA", url: "http://secunia.com/advisories/61542", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015701", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", refsource: "SECUNIA", url: "http://secunia.com/advisories/62312", }, { name: "59272", refsource: "SECUNIA", url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "SSRT101868", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", refsource: "SECUNIA", url: "http://secunia.com/advisories/61703", }, { name: "http://support.apple.com/kb/HT6495", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", refsource: "SECUNIA", url: "http://secunia.com/advisories/61065", }, { name: "SUSE-SU-2014:1213", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html", }, { name: "HPSBST03129", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "70103", refsource: "BID", url: "http://www.securityfocus.com/bid/70103", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", refsource: "CERT", url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "SUSE-SU-2014:1212", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html", }, { name: "61641", refsource: "SECUNIA", url: "http://secunia.com/advisories/61641", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "https://access.redhat.com/node/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/node/1200223", }, { name: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", refsource: "APPLE", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "RHSA-2014:1293", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1293.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "openSUSE-SU-2014:1238", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html", }, { name: "HPSBMU03220", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", refsource: "SECUNIA", url: "http://secunia.com/advisories/60325", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", refsource: "SECUNIA", url: "http://secunia.com/advisories/60024", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/34879/", }, { name: "https://access.redhat.com/articles/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/articles/1200223", }, { name: "62343", refsource: "SECUNIA", url: "http://secunia.com/advisories/62343", }, { name: "61565", refsource: "SECUNIA", url: "http://secunia.com/advisories/61565", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", refsource: "SECUNIA", url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", refsource: "SECUNIA", url: "http://secunia.com/advisories/61873", }, { name: "61485", refsource: "SECUNIA", url: "http://secunia.com/advisories/61485", }, { name: "60947", refsource: "SECUNIA", url: "http://secunia.com/advisories/60947", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "https://support.apple.com/kb/HT6535", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "HPSBST03265", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", refsource: "SECUNIA", url: "http://secunia.com/advisories/61312", }, { name: "60193", refsource: "SECUNIA", url: "http://secunia.com/advisories/60193", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1294.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1294.html", }, { name: "60063", refsource: "SECUNIA", url: "http://secunia.com/advisories/60063", }, { name: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", }, { name: "60034", refsource: "SECUNIA", url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { name: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", refsource: "SECUNIA", url: "http://secunia.com/advisories/59907", }, { name: "58200", refsource: "SECUNIA", url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", refsource: "SECUNIA", url: "http://secunia.com/advisories/61643", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", refsource: "SECUNIA", url: "http://secunia.com/advisories/61503", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "40938", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/40938/", }, { name: "HPSBGN03117", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { name: "http://support.novell.com/security/cve/CVE-2014-6271.html", refsource: "CONFIRM", url: "http://support.novell.com/security/cve/CVE-2014-6271.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "61547", refsource: "SECUNIA", url: "http://secunia.com/advisories/61547", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", refsource: "SECUNIA", url: "http://secunia.com/advisories/61552", }, { name: "61780", refsource: "SECUNIA", url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200223", }, { name: "DSA-3032", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3032", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", refsource: "SECUNIA", url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", refsource: "SECUNIA", url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", refsource: "SECUNIA", url: "http://secunia.com/advisories/60044", }, { name: "61291", refsource: "SECUNIA", url: "http://secunia.com/advisories/61291", }, { name: "RHSA-2014:1294", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1294.html", }, { name: "HPSBHF03125", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", refsource: "SECUNIA", url: "http://secunia.com/advisories/59737", }, { name: "61287", refsource: "SECUNIA", url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { name: "SSRT101739", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", refsource: "SECUNIA", url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "http://advisories.mageia.org/MGASA-2014-0388.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0388.html", }, { name: "61128", refsource: "SECUNIA", url: "http://secunia.com/advisories/61128", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", refsource: "SECUNIA", url: "http://secunia.com/advisories/61471", }, { name: "60055", refsource: "SECUNIA", url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", refsource: "SECUNIA", url: "http://secunia.com/advisories/61550", }, { name: "61633", refsource: "SECUNIA", url: "http://secunia.com/advisories/61633", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1293.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1293.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "61328", refsource: "SECUNIA", url: "http://secunia.com/advisories/61328", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "42938", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/42938/", }, { name: "61129", refsource: "SECUNIA", url: "http://secunia.com/advisories/61129", }, { name: "61700", refsource: "SECUNIA", url: "http://secunia.com/advisories/61700", }, { name: "61603", refsource: "SECUNIA", url: "http://secunia.com/advisories/61603", }, { name: "61857", refsource: "SECUNIA", url: "http://secunia.com/advisories/61857", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { name: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2014-6271", datePublished: "2014-09-24T18:00:00.000Z", dateReserved: "2014-09-09T00:00:00.000Z", dateUpdated: "2025-02-07T13:47:31.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1767
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:59:24.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18056", }, { name: "USN-187-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-187-1", }, { name: "18977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18977", }, { name: "18059", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18059", }, { name: "MDKSA-2006:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "14467", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14467", }, { name: "DSA-921", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-921", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, { name: "oval:org.mitre.oval:def:11101", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-08-04T00:00:00", descriptions: [ { lang: "en", value: "traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-10T00:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18056", }, { name: "USN-187-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-187-1", }, { name: "18977", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18977", }, { name: "18059", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18059", }, { name: "MDKSA-2006:044", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "14467", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14467", }, { name: "DSA-921", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-921", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, { name: "oval:org.mitre.oval:def:11101", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-1767", datePublished: "2005-08-05T04:00:00", dateReserved: "2005-05-31T00:00:00", dateUpdated: "2024-08-07T21:59:24.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0595
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/67144 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html | vendor-advisory, x_refsource_SUSE | |
| http://www.novell.com/support/kb/doc.php?id=7014932 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:20:20.041Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "67144", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/67144", }, { name: "SUSE-SU-2014:0847", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7014932", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-04-21T00:00:00", descriptions: [ { lang: "en", value: "/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-21T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "67144", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/67144", }, { name: "SUSE-SU-2014:0847", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7014932", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-0595", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "67144", refsource: "BID", url: "http://www.securityfocus.com/bid/67144", }, { name: "SUSE-SU-2014:0847", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html", }, { name: "http://www.novell.com/support/kb/doc.php?id=7014932", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7014932", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-0595", datePublished: "2014-05-08T10:00:00", dateReserved: "2013-12-28T00:00:00", dateUpdated: "2024-08-06T09:20:20.041Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-5021
Vulnerability from cvelistv5
Published
2008-11-13 11:00
Modified
2024-08-07 10:40
Severity ?
EPSS score ?
Summary
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:40:17.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2008-3146", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { name: "DSA-1697", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { name: "DSA-1671", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { name: "32281", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/32281", }, { name: "FEDORA-2008-9667", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { name: "32713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32713", }, { name: "RHSA-2008:0977", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { name: "MDVSA-2008:230", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { name: "ADV-2009-0977", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { name: "32695", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32695", }, { name: "RHSA-2008:0978", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { name: "DSA-1669", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { name: "32778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32778", }, { name: "RHSA-2008:0976", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { name: "FEDORA-2008-9669", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { name: "33433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33433", }, { name: "256408", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { name: "SUSE-SA:2008:055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { name: "32694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32694", }, { name: "32721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32721", }, { name: "TA08-319A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { name: "32853", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32853", }, { name: "DSA-1696", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { name: "1021186", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1021186", }, { name: "32715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32715", }, { name: "32693", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32693", }, { name: "MDVSA-2008:228", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { name: "32845", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32845", }, { name: "MDVSA-2008:235", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { name: "33434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33434", }, { name: "32798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32798", }, { name: "32684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32684", }, { name: "USN-667-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-667-1", }, { name: "oval:org.mitre.oval:def:9642", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { name: "32714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32714", }, { name: "34501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34501", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-11-12T00:00:00", descriptions: [ { lang: "en", value: "nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-09-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "ADV-2008-3146", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { name: "DSA-1697", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { name: "DSA-1671", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { name: "32281", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/32281", }, { name: "FEDORA-2008-9667", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { name: "32713", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32713", }, { name: "RHSA-2008:0977", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { name: "MDVSA-2008:230", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { name: "ADV-2009-0977", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { name: "32695", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32695", }, { name: "RHSA-2008:0978", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { name: "DSA-1669", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { name: "32778", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32778", }, { name: "RHSA-2008:0976", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { name: "FEDORA-2008-9669", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { name: "33433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33433", }, { name: "256408", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { name: "SUSE-SA:2008:055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { name: "32694", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32694", }, { name: "32721", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32721", }, { name: "TA08-319A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { name: "32853", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32853", }, { name: "DSA-1696", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { name: "1021186", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1021186", }, { name: "32715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32715", }, { name: "32693", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32693", }, { name: "MDVSA-2008:228", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { name: "32845", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32845", }, { name: "MDVSA-2008:235", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { name: "33434", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33434", }, { name: "32798", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32798", }, { name: "32684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32684", }, { name: "USN-667-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-667-1", }, { name: "oval:org.mitre.oval:def:9642", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { name: "32714", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32714", }, { name: "34501", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34501", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-5021", datePublished: "2008-11-13T11:00:00", dateReserved: "2008-11-10T00:00:00", dateUpdated: "2024-08-07T10:40:17.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-7169
Vulnerability from cvelistv5
Published
2014-09-25 01:00
Modified
2025-02-10 19:31
Severity ?
EPSS score ?
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T12:40:19.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61654", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61065", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", "x_transferred", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61619", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61622", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62343", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61618", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61479", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200223", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61700", }, { name: "61626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61626", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2014-7169", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-10T19:31:47.209255Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-01-28", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-7169", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-10T19:31:56.166Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-09-24T00:00:00.000Z", descriptions: [ { lang: "en", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-05T16:41:42.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61654", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62312", }, { name: "59272", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61703", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61065", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", tags: [ "third-party-advisory", "x_refsource_JVNDB", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61619", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60325", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60024", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61622", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://access.redhat.com/articles/1200223", }, { name: "62343", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62343", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61565", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61873", }, { name: "61485", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61618", }, { name: "60947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60947", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61312", }, { name: "60193", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60193", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61479", }, { name: "60063", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60063", }, { name: "60034", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59907", }, { name: "58200", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61643", }, { tags: [ "x_refsource_MISC", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61503", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61552", }, { name: "61780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61780", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200223", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60044", }, { name: "61291", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59737", }, { name: "61287", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61471", }, { name: "60055", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61550", }, { name: "61633", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61633", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61328", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61129", }, { name: "61700", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61700", }, { name: "61626", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61626", }, { name: "61603", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61603", }, { name: "61857", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/61857", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-7169", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { name: "[oss-security] 20140924 Re: CVE-2014-6271: remote code execution through bash", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { name: "HPSBMU03165", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { name: "HPSBHF03119", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { name: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", refsource: "CONFIRM", url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { name: "HPSBST03131", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { name: "SSRT101819", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "20141001 NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { name: "HPSBMU03245", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "openSUSE-SU-2014:1229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { name: "61188", refsource: "SECUNIA", url: "http://secunia.com/advisories/61188", }, { name: "JVN#55667175", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { name: "61676", refsource: "SECUNIA", url: "http://secunia.com/advisories/61676", }, { name: "openSUSE-SU-2014:1254", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { name: "60433", refsource: "SECUNIA", url: "http://secunia.com/advisories/60433", }, { name: "HPSBMU03143", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { name: "HPSBMU03182", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { name: "RHSA-2014:1306", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { name: "HPSBST03155", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { name: "61715", refsource: "SECUNIA", url: "http://secunia.com/advisories/61715", }, { name: "USN-2363-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-2", }, { name: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { name: "61816", refsource: "SECUNIA", url: "http://secunia.com/advisories/61816", }, { name: "openSUSE-SU-2014:1310", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { name: "61442", refsource: "SECUNIA", url: "http://secunia.com/advisories/61442", }, { name: "HPSBMU03246", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { name: "HPSBST03195", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { name: "61283", refsource: "SECUNIA", url: "http://secunia.com/advisories/61283", }, { name: "SSRT101711", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { name: "openSUSE-SU-2014:1308", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { name: "61654", refsource: "SECUNIA", url: "http://secunia.com/advisories/61654", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015701", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { name: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", refsource: "CONFIRM", url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { name: "62312", refsource: "SECUNIA", url: "http://secunia.com/advisories/62312", }, { name: "59272", refsource: "SECUNIA", url: "http://secunia.com/advisories/59272", }, { name: "HPSBST03122", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { name: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", refsource: "CONFIRM", url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { name: "HPSBMU03217", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "RHSA-2014:1312", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { name: "USN-2363-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2363-1", }, { name: "SSRT101868", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61703", refsource: "SECUNIA", url: "http://secunia.com/advisories/61703", }, { name: "http://support.apple.com/kb/HT6495", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT6495", }, { name: "VU#252743", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/252743", }, { name: "61065", refsource: "SECUNIA", url: "http://secunia.com/advisories/61065", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3075.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { name: "HPSBST03129", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { name: "HPSBMU03144", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { name: "http://support.novell.com/security/cve/CVE-2014-7169.html", refsource: "CONFIRM", url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { name: "JVNDB-2014-000126", refsource: "JVNDB", url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { name: "SSRT101827", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { name: "TA14-268A", refsource: "CERT", url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { name: "61641", refsource: "SECUNIA", url: "http://secunia.com/advisories/61641", }, { name: "SUSE-SU-2014:1247", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { name: "https://access.redhat.com/node/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/node/1200223", }, { name: "SUSE-SU-2014:1287", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { name: "APPLE-SA-2014-10-16-1", refsource: "APPLE", url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { name: "20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { name: "MDVSA-2015:164", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { name: "61619", refsource: "SECUNIA", url: "http://secunia.com/advisories/61619", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3078.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { name: "HPSBMU03220", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { name: "60325", refsource: "SECUNIA", url: "http://secunia.com/advisories/60325", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "60024", refsource: "SECUNIA", url: "http://secunia.com/advisories/60024", }, { name: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { name: "34879", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/34879/", }, { name: "61622", refsource: "SECUNIA", url: "http://secunia.com/advisories/61622", }, { name: "https://access.redhat.com/articles/1200223", refsource: "CONFIRM", url: "https://access.redhat.com/articles/1200223", }, { name: "62343", refsource: "SECUNIA", url: "http://secunia.com/advisories/62343", }, { name: "http://advisories.mageia.org/MGASA-2014-0393.html", refsource: "CONFIRM", url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { name: "61565", refsource: "SECUNIA", url: "http://secunia.com/advisories/61565", }, { name: "https://www.suse.com/support/shellshock/", refsource: "CONFIRM", url: "https://www.suse.com/support/shellshock/", }, { name: "HPSBST03157", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { name: "61313", refsource: "SECUNIA", url: "http://secunia.com/advisories/61313", }, { name: "SSRT101742", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { name: "61873", refsource: "SECUNIA", url: "http://secunia.com/advisories/61873", }, { name: "61485", refsource: "SECUNIA", url: "http://secunia.com/advisories/61485", }, { name: "openSUSE-SU-2014:1242", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { name: "61618", refsource: "SECUNIA", url: "http://secunia.com/advisories/61618", }, { name: "60947", refsource: "SECUNIA", url: "http://secunia.com/advisories/60947", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { name: "https://support.apple.com/kb/HT6535", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT6535", }, { name: "HPSBST03154", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { name: "HPSBGN03142", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { name: "61312", refsource: "SECUNIA", url: "http://secunia.com/advisories/61312", }, { name: "60193", refsource: "SECUNIA", url: "http://secunia.com/advisories/60193", }, { name: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { name: "61479", refsource: "SECUNIA", url: "http://secunia.com/advisories/61479", }, { name: "60063", refsource: "SECUNIA", url: "http://secunia.com/advisories/60063", }, { name: "60034", refsource: "SECUNIA", url: "http://secunia.com/advisories/60034", }, { name: "HPSBMU03133", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { name: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", refsource: "MISC", url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { name: "59907", refsource: "SECUNIA", url: "http://secunia.com/advisories/59907", }, { name: "58200", refsource: "SECUNIA", url: "http://secunia.com/advisories/58200", }, { name: "HPSBST03181", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { name: "61643", refsource: "SECUNIA", url: "http://secunia.com/advisories/61643", }, { name: "http://twitter.com/taviso/statuses/514887394294652929", refsource: "MISC", url: "http://twitter.com/taviso/statuses/514887394294652929", }, { name: "http://www.novell.com/support/kb/doc.php?id=7015721", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { name: "61503", refsource: "SECUNIA", url: "http://secunia.com/advisories/61503", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { name: "RHSA-2014:1354", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { name: "HPSBGN03117", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { name: "HPSBHF03145", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { name: "http://www.qnap.com/i/en/support/con_show.php?cid=61", refsource: "CONFIRM", url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { name: "HPSBST03148", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { name: "61552", refsource: "SECUNIA", url: "http://secunia.com/advisories/61552", }, { name: "61780", refsource: "SECUNIA", url: "http://secunia.com/advisories/61780", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { name: "https://support.citrix.com/article/CTX200223", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200223", }, { name: "http://linux.oracle.com/errata/ELSA-2014-3077.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { name: "62228", refsource: "SECUNIA", url: "http://secunia.com/advisories/62228", }, { name: "HPSBGN03138", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { name: "61855", refsource: "SECUNIA", url: "http://secunia.com/advisories/61855", }, { name: "HPSBHF03124", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { name: "60044", refsource: "SECUNIA", url: "http://secunia.com/advisories/60044", }, { name: "61291", refsource: "SECUNIA", url: "http://secunia.com/advisories/61291", }, { name: "HPSBHF03125", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { name: "59737", refsource: "SECUNIA", url: "http://secunia.com/advisories/59737", }, { name: "61287", refsource: "SECUNIA", url: "http://secunia.com/advisories/61287", }, { name: "HPSBHF03146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { name: "HPSBGN03233", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "SSRT101739", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { name: "61711", refsource: "SECUNIA", url: "http://secunia.com/advisories/61711", }, { name: "HPSBOV03228", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { name: "HPSBGN03141", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { name: "RHSA-2014:1311", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { name: "61128", refsource: "SECUNIA", url: "http://secunia.com/advisories/61128", }, { name: "DSA-3035", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-3035", }, { name: "https://support.citrix.com/article/CTX200217", refsource: "CONFIRM", url: "https://support.citrix.com/article/CTX200217", }, { name: "61471", refsource: "SECUNIA", url: "http://secunia.com/advisories/61471", }, { name: "60055", refsource: "SECUNIA", url: "http://secunia.com/advisories/60055", }, { name: "20140926 GNU Bash Environmental Variable Command Injection Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { name: "61550", refsource: "SECUNIA", url: "http://secunia.com/advisories/61550", }, { name: "61633", refsource: "SECUNIA", url: "http://secunia.com/advisories/61633", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { name: "http://linux.oracle.com/errata/ELSA-2014-1306.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { name: "https://kb.bluecoat.com/index?page=content&id=SA82", refsource: "CONFIRM", url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { name: "SUSE-SU-2014:1259", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { name: "61328", refsource: "SECUNIA", url: "http://secunia.com/advisories/61328", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { name: "61129", refsource: "SECUNIA", url: "http://secunia.com/advisories/61129", }, { name: "61700", refsource: "SECUNIA", url: "http://secunia.com/advisories/61700", }, { name: "61626", refsource: "SECUNIA", url: "http://secunia.com/advisories/61626", }, { name: "61603", refsource: "SECUNIA", url: "http://secunia.com/advisories/61603", }, { name: "61857", refsource: "SECUNIA", url: "http://secunia.com/advisories/61857", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-7169", datePublished: "2014-09-25T01:00:00.000Z", dateReserved: "2014-09-24T00:00:00.000Z", dateUpdated: "2025-02-10T19:31:56.166Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-5182
Vulnerability from cvelistv5
Published
2017-01-23 15:00
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.novell.com/support/kb/doc.php?id=7018503 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037689 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/95743 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Focus International | Open Enterprise Server |
Version: All |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:55:35.431Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7018503", }, { name: "1037689", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037689", }, { name: "95743", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/95743", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Open Enterprise Server", vendor: "Micro Focus International", versions: [ { status: "affected", version: "All", }, ], }, ], datePublic: "2017-01-20T00:00:00", descriptions: [ { lang: "en", value: "Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).", }, ], problemTypes: [ { descriptions: [ { description: "unauthenticated directory traversal", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-06T16:15:47", orgId: "f81092c5-7f14-476d-80dc-24857f90be84", shortName: "microfocus", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7018503", }, { name: "1037689", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037689", }, { name: "95743", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/95743", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@microfocus.com", ID: "CVE-2017-5182", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Open Enterprise Server", version: { version_data: [ { version_value: "All", }, ], }, }, ], }, vendor_name: "Micro Focus International", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "unauthenticated directory traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://www.novell.com/support/kb/doc.php?id=7018503", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7018503", }, { name: "1037689", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037689", }, { name: "95743", refsource: "BID", url: "http://www.securityfocus.com/bid/95743", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f81092c5-7f14-476d-80dc-24857f90be84", assignerShortName: "microfocus", cveId: "CVE-2017-5182", datePublished: "2017-01-23T15:00:00", dateReserved: "2017-01-06T00:00:00", dateUpdated: "2024-08-05T14:55:35.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-0599
Vulnerability from cvelistv5
Published
2014-06-18 17:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.novell.com/support/kb/doc.php?id=7010867 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/59113 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.novell.com/show_bug.cgi?id=869975 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:20:19.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/59113", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.novell.com/show_bug.cgi?id=869975", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-06-09T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-06-19T14:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/59113", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.novell.com/show_bug.cgi?id=869975", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-0599", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.novell.com/support/kb/doc.php?id=7010867", refsource: "CONFIRM", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { name: "59113", refsource: "SECUNIA", url: "http://secunia.com/advisories/59113", }, { name: "https://bugzilla.novell.com/show_bug.cgi?id=869975", refsource: "CONFIRM", url: "https://bugzilla.novell.com/show_bug.cgi?id=869975", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-0599", datePublished: "2014-06-18T17:00:00", dateReserved: "2013-12-28T00:00:00", dateUpdated: "2024-08-06T09:20:19.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1761
Vulnerability from cvelistv5
Published
2005-08-05 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:59:24.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18056", }, { name: "14051", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14051", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17073", }, { name: "19369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19369", }, { name: "oval:org.mitre.oval:def:10487", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { name: "DSA-1018", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1018", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "RHSA-2005:551", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { name: "1014275", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014275", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-08-04T00:00:00", descriptions: [ { lang: "en", value: "Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "18056", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18056", }, { name: "14051", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14051", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { name: "17073", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17073", }, { name: "19369", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19369", }, { name: "oval:org.mitre.oval:def:10487", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { name: "DSA-1018", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1018", }, { name: "DSA-922", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-922", }, { name: "RHSA-2005:551", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { name: "1014275", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014275", }, { name: "RHSA-2005:514", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { name: "17002", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17002", }, { name: "SUSE-SA:2005:044", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { name: "FLSA:157459-3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { name: "RHSA-2005:663", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { name: "ADV-2005-1878", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/1878", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2005-1761", datePublished: "2005-08-05T04:00:00", dateReserved: "2005-05-31T00:00:00", dateUpdated: "2024-08-07T21:59:24.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-2770
Vulnerability from cvelistv5
Published
2013-04-07 17:00
Modified
2024-09-17 03:53
Severity ?
EPSS score ?
Summary
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/support/kb/doc.php?id=7011965 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:44:33.749Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.novell.com/support/kb/doc.php?id=7011965", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-04-07T17:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.novell.com/support/kb/doc.php?id=7011965", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2013-2770", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.novell.com/support/kb/doc.php?id=7011965", refsource: "CONFIRM", url: "http://www.novell.com/support/kb/doc.php?id=7011965", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2013-2770", datePublished: "2013-04-07T17:00:00Z", dateReserved: "2013-04-07T00:00:00Z", dateUpdated: "2024-09-17T03:53:38.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2014-06-18 17:55
Modified
2024-11-21 02:02
Severity ?
Summary
Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp1:*:*:*:linux_kernel:*:*", matchCriteriaId: "8BED3FC3-942C-4E55-84F5-B66D74E14DA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.", }, { lang: "es", value: "Vulnerabilidad de salto de directorio en iPrint en Novell Open Enterprise Server (OES) 11 SP1 anterior a la actualización de mantenimiento (Maintenance Update) 9151 en Linux tiene impacto y vectores remotos de ataque no especificados.", }, ], id: "CVE-2014-0598", lastModified: "2024-11-21T02:02:28.087", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-06-18T17:55:06.443", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/59113", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/68066", }, { source: "cve@mitre.org", url: "https://bugzilla.novell.com/show_bug.cgi?id=869970", }, { source: "cve@mitre.org", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/68066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.novell.com/show_bug.cgi?id=869970", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-03-23 11:06
Modified
2024-11-21 00:07
Severity ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C1DA33CB-1F9D-4042-BD23-1E41A6079511", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*", matchCriteriaId: "D328A81E-DC60-4B67-B707-F0AD9A6F48E2", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*", matchCriteriaId: "1CEB9CEA-9245-490F-88F6-EFD23B11A19B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*", matchCriteriaId: "0669D0E2-AB83-44AE-A87C-C7EB7AA2953A", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*", matchCriteriaId: "062E2A9A-CF88-4844-B5A1-7418722087D9", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*", matchCriteriaId: "0F8E031C-CE1F-410F-8F32-B3E33719C498", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*", matchCriteriaId: "87F80FDC-7851-4EA8-BC7D-87B85C6BB93C", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*", matchCriteriaId: "8C3AB68F-1D78-4217-9C56-B1B25F62FF38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.", }, { lang: "es", value: "La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) a veces selecciona un cifrado débil en lugar de un cifrado más fuerte disponible, lo que facilita a atacantes remotos rastrear y descifrar una sesión SSL protegida.", }, ], id: "CVE-2006-0998", lastModified: "2024-11-21T00:07:49.227", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-03-23T11:06:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/19324", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015799", }, { source: "cve@mitre.org", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/24047", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/17176", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/64758", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25381", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/24047", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/17176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/64758", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25381", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-08-17 18:55
Modified
2024-11-21 02:02
Severity ?
Summary
Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 11.0 | |
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp1:*:*:*:linux_kernel:*:*", matchCriteriaId: "8BED3FC3-942C-4E55-84F5-B66D74E14DA3", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*", matchCriteriaId: "D42ADCD9-1455-401C-B94F-D367A78A2B97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.", }, { lang: "es", value: "Vulnerabilidad no especificada en Novell Open Enterprise Server (OES) 11 SP1 anterior a Scheduled Maintenance Update 9415 y 11 SP2 anterior a Scheduled Maintenance Update 9413 para Linux tiene un impacto y vectores de ataque desconocidos.", }, ], id: "CVE-2014-0609", lastModified: "2024-11-21T02:02:29.233", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-08-17T18:55:01.543", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/59982", }, { source: "cve@mitre.org", url: "http://www.novell.com/support/kb/doc.php?id=7010867", }, { source: "cve@mitre.org", url: "http://www.novell.com/support/kb/doc.php?id=7014420", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/support/kb/doc.php?id=7010867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/support/kb/doc.php?id=7014420", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-02-02 04:09
Modified
2024-11-21 01:32
Severity ?
Summary
Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 2 | |
| novell | open_enterprise_server | 2.0.1 | |
| novell | open_enterprise_server | 2.0.2 | |
| novell | open_enterprise_server | 2.0.3 | |
| linux | linux_kernel | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:2:*:*:*:*:*:*:*", matchCriteriaId: "3080194B-1920-4D13-9C60-506BA11F9EDB", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0.1:sp1:*:*:*:*:*:*", matchCriteriaId: "2A34392D-5F68-4B4A-97EF-F1174849E2E3", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0.2:sp2:*:*:*:*:*:*", matchCriteriaId: "DDA74C30-2BF4-415D-B56E-5570F3A900FF", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0.3:sp3:*:*:*:*:*:*", matchCriteriaId: "C085545B-7B84-4C4D-9CF7-F3396403F5AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "155AD4FB-E527-4103-BCEF-801B653DEA37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.", }, { lang: "es", value: "Desbordamiento de buffer en Novell iPrint Server de Novell Open Enterprise Server 2 (OES2) hasta la versión SP3 de Linux permite a atacantes remotos ejecutar código arbitrario a través de un campo attributes-natural-language modificado.", }, ], id: "CVE-2011-4194", lastModified: "2024-11-21T01:32:00.457", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-02-02T04:09:47.817", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/viewContent.do?externalId=7010084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/viewContent.do?externalId=7010084", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-06-18 17:55
Modified
2024-11-21 02:02
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp1:*:*:*:linux_kernel:*:*", matchCriteriaId: "8BED3FC3-942C-4E55-84F5-B66D74E14DA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", }, { lang: "es", value: "Vulnerabilidad de XSS en iPrint en Novell Open Enterprise Server (OES) 11 SP1 anterior a la actualización de mantenimiento (Maintenance Update) 9151 en Linux permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados.", }, ], id: "CVE-2014-0599", lastModified: "2024-11-21T02:02:28.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2014-06-18T17:55:06.507", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/59113", }, { source: "cve@mitre.org", url: "https://bugzilla.novell.com/show_bug.cgi?id=869975", }, { source: "cve@mitre.org", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/59113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.novell.com/show_bug.cgi?id=869975", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.novell.com/support/kb/doc.php?id=7010867", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-03-23 11:06
Modified
2024-11-21 00:07
Severity ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C1DA33CB-1F9D-4042-BD23-1E41A6079511", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*", matchCriteriaId: "D328A81E-DC60-4B67-B707-F0AD9A6F48E2", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*", matchCriteriaId: "1CEB9CEA-9245-490F-88F6-EFD23B11A19B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*", matchCriteriaId: "0669D0E2-AB83-44AE-A87C-C7EB7AA2953A", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*", matchCriteriaId: "062E2A9A-CF88-4844-B5A1-7418722087D9", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*", matchCriteriaId: "0F8E031C-CE1F-410F-8F32-B3E33719C498", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*", matchCriteriaId: "87F80FDC-7851-4EA8-BC7D-87B85C6BB93C", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*", matchCriteriaId: "8C3AB68F-1D78-4217-9C56-B1B25F62FF38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.", }, ], id: "CVE-2006-0997", lastModified: "2024-11-21T00:07:49.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-03-23T11:06:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/19324", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015799", }, { source: "cve@mitre.org", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/24046", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/17176", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/24046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/17176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-03-23 11:06
Modified
2024-11-21 00:07
Severity ?
Summary
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C1DA33CB-1F9D-4042-BD23-1E41A6079511", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*", matchCriteriaId: "D328A81E-DC60-4B67-B707-F0AD9A6F48E2", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1:*:*:*:*:*:*", matchCriteriaId: "1CEB9CEA-9245-490F-88F6-EFD23B11A19B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1a:*:*:*:*:*:*", matchCriteriaId: "0669D0E2-AB83-44AE-A87C-C7EB7AA2953A", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp1.1b:*:*:*:*:*:*", matchCriteriaId: "062E2A9A-CF88-4844-B5A1-7418722087D9", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*", matchCriteriaId: "0F8E031C-CE1F-410F-8F32-B3E33719C498", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp3:*:*:*:*:*:*", matchCriteriaId: "87F80FDC-7851-4EA8-BC7D-87B85C6BB93C", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:netware:6.5:sp4:*:*:*:*:*:*", matchCriteriaId: "8C3AB68F-1D78-4217-9C56-B1B25F62FF38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.", }, { lang: "es", value: "La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) permite a un cliente forzar el servidor para usar cifrado débil afirmando que se requiere un cifrado débil para la compatibilidad del cliente, lo que podría permitir a atacantes remotos descifrar contenidos de una sesión SSL protegida.", }, ], id: "CVE-2006-0999", lastModified: "2024-11-21T00:07:49.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-03-23T11:06:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/19324", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015799", }, { source: "cve@mitre.org", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/24048", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/17176", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/64758", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19324", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/24048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/17176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/64758", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-04-07 17:55
Modified
2024-11-21 01:52
Severity ?
Summary
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.novell.com/support/kb/doc.php?id=7011965 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/support/kb/doc.php?id=7011965 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:kanaka:*:-:*:*:*:macos:*:*", matchCriteriaId: "F9912862-125F-4082-AA4C-D873FFAD210D", versionEndIncluding: "2.7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:kanaka:2.7:-:*:*:*:macos:*:*", matchCriteriaId: "22708A30-D87B-45BC-A5F7-F06FDBD6B7CE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C1DA33CB-1F9D-4042-BD23-1E41A6079511", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.", }, { lang: "es", value: "La funcionalidad de instalación en el componente Novell Kanaka anterior a 2.8 para Novell Enterprise Server en OS X no verifica el certificado X.509 del servidor durante la sesión SSL, lo que permite a atacantes MiTM suplantar a los servidores a través de un certificado de su elección.", }, ], id: "CVE-2013-2770", lastModified: "2024-11-21T01:52:20.323", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-04-07T17:55:02.407", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7011965", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7011965", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 9 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "A2740DD2-7F0C-47DE-9174-FD8BF0106D22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.", }, ], id: "CVE-2005-3655", lastModified: "2024-11-21T00:02:21.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/18484", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/348", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015487", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/22455", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/16226", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24111", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/348", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_02_novellnrm.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/22455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/16226", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24111", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-02-17 17:30
Modified
2024-11-21 01:00
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 1.x |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:1.x:*:*:*:*:*:*:*", matchCriteriaId: "244685A2-31AA-4833-B57F-665A6F4142E8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter.", }, { lang: "es", value: "Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en qfsearch/AdminServlet en QuickFinder Server en Novell Open Enterprise Server v1.x permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de (1) el parámetro \"siteloc\" en un acción displayaddsite, el parámetro \"site\" en (2)generalproperties o (3)acción clusterserviceproperties, (4) el parámetro \"adminurl\" en una acción global, o (5) el parámetro \"print-list\".", }, ], id: "CVE-2009-0611", lastModified: "2024-11-21T01:00:30.710", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2009-02-17T17:30:06.047", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/51941", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33886", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/33708", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1021695", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2009/0421", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/51941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://packetstormsecurity.org/0902-exploits/nqfs-xss.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/33708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1021695", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2009/0421", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/48619", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-03-30 16:30
Modified
2024-11-21 00:59
Severity ?
Summary
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| christophe.varoqui | multipath-tools | 0.4.8 | |
| fedoraproject | fedora | 9 | |
| fedoraproject | fedora | 10 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 5.0 | |
| avaya | intuity_audix_lx | 2.0 | |
| avaya | intuity_audix_lx | 2.0 | |
| avaya | intuity_audix_lx | 2.0 | |
| avaya | message_networking | 3.1 | |
| avaya | messaging_storage_server | 3.0 | |
| avaya | messaging_storage_server | 4.0 | |
| avaya | messaging_storage_server | 5.0 | |
| novell | open_enterprise_server | - | |
| opensuse | opensuse | * | |
| suse | linux_enterprise_desktop | 9 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| juniper | ctpview | * | |
| juniper | ctpview | 7.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:christophe.varoqui:multipath-tools:0.4.8:*:*:*:*:*:*:*", matchCriteriaId: "5D1B5821-FF7F-41DB-807D-EF28B3C4ADF0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", matchCriteriaId: "743CBBB1-C140-4FEF-B40E-FAE4511B1140", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*", matchCriteriaId: "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "8C757774-08E7-40AA-B532-6F705C8F7639", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*", matchCriteriaId: "BE386B55-B9FA-41BD-AD00-EB6A6552C34E", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*", matchCriteriaId: "965928CF-FDE4-42F7-9486-CB4D2F011225", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*", matchCriteriaId: "1E61EBAF-F034-4070-BFD5-68AD1239CD86", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*", matchCriteriaId: "E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*", matchCriteriaId: "34E42226-4F91-4EEB-8151-71BA15E8B7D4", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*", matchCriteriaId: "CB90E377-B821-4508-B1AB-B10F47975E54", vulnerable: true, }, { criteria: "cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "FBA21139-B8E2-42A8-AC1D-8DA00F230D8B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", matchCriteriaId: "C5C0C136-E406-4628-994A-682E8E729B50", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*", matchCriteriaId: "9A8362BB-5717-4714-BD92-220DDB646D07", versionEndIncluding: "11.0", versionStartIncluding: "10.3", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "68B14008-5E0A-4187-AF93-DE2FF5BA5921", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*", matchCriteriaId: "38C3AEB0-59E2-400A-8943-60C0A223B680", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*", matchCriteriaId: "A2953793-3D79-4128-A841-EDAF50095FF6", versionEndExcluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*", matchCriteriaId: "D6B30D89-FF23-4818-A63D-7DE5C3328165", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.", }, { lang: "es", value: "multipath-tools en SUSE openSUSE v10.3 hasta v11.0 y SUSE Linux Enterprise Server (SLES) v10 utiliza permisos de escritura a todos para el fichero del socket (también conocido como /var/run/multipathd.sock), permitiendo a usuarios locales enviar comandos de su elección al demonio \"multipath\".", }, ], id: "CVE-2009-0115", lastModified: "2024-11-21T00:59:05.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2009-03-30T16:30:00.343", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Exploit", ], url: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://launchpad.net/bugs/cve/2009-0115", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34418", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34642", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34694", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34710", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34759", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/38794", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1767", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Exploit", ], url: "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://launchpad.net/bugs/cve/2009-0115", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://lists.vmware.com/pipermail/security-announce/2010/000082.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34710", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/34759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://secunia.com/advisories/38794", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "http://www.vupen.com/english/advisories/2010/0528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-09-25 01:55
Modified
2025-02-10 20:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
References
Impacted products
{ cisaActionDue: "2022-07-28", cisaExploitAdd: "2022-01-28", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*", matchCriteriaId: "F4DBE402-1B0A-4854-ABE5-891321454C25", versionEndIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7", versionEndExcluding: "4.9.12", versionStartIncluding: "4.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0", versionEndExcluding: "4.10.9", versionStartIncluding: "4.10.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9056776F-03F6-4C3D-8635-37D66FD16EAA", versionEndExcluding: "4.11.11", versionStartIncluding: "4.11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6", versionEndExcluding: "4.12.9", versionStartIncluding: "4.12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "8296875A-64FA-4592-848A-A923126BD8AF", versionEndExcluding: "4.13.9", versionStartIncluding: "4.13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "816A16AF-1F5E-483A-AA89-3022818FAE43", versionEndExcluding: "4.14.4f", versionStartIncluding: "4.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*", matchCriteriaId: "F8421899-5D10-4C2B-88AA-3DA909FE3E67", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", matchCriteriaId: "62A2AC02-A933-4E51-810E-5D040B476B7B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*", matchCriteriaId: "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649", versionEndExcluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*", matchCriteriaId: "F407EA72-BA1A-41A2-B699-874304A638A5", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*", matchCriteriaId: "DDA25903-B334-438B-8196-B9E5119199D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", matchCriteriaId: "76F1E356-E019-47E8-AA5F-702DA93CF74E", vulnerable: true, }, { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*", matchCriteriaId: "EC489F35-07F1-4C3E-80B9-78F0689BC54B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "95CE35FC-266F-4025-A0B8-FB853C020800", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6172AF57-B26D-45F8-BE3A-F75ABDF28F49", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "6252E88C-27FF-420D-A64A-C34124CF7E6A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "8A8E07B7-3739-4BEB-88F8-C7F62431E889", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*", matchCriteriaId: "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "804DFF9F-BAA8-4239-835B-6182471A224F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "9EE496C0-35F7-44DC-B3F0-71EA3A613C38", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*", matchCriteriaId: "71179893-49F2-433C-A7AC-687075F9CC1B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "37ECC029-3D84-4DD7-B28B-E5AD5559CF94", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "F4CBED2A-B6B0-420E-BC40-160930D8662E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*", matchCriteriaId: "29BBF1AC-F31F-4251-8054-0D89A8E6E990", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*", matchCriteriaId: "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "D8ED0658-5F8F-48F0-A605-A2205DA27DA5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "C385DA76-4863-4D39-84D2-9D185D322365", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "188019BF-3700-4B3F-BFA5-553B2B545B7F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9B8B2E32-B838-4E51-BAA2-764089D2A684", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "4319B943-7B19-468D-A160-5895F7F997A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", matchCriteriaId: "634C23AC-AC9C-43F4-BED8-1C720816D5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*", matchCriteriaId: "BB6ADFB8-210D-4E46-82A2-1C8705928382", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "92C9F1C4-55B0-426D-BB5E-01372C23AF97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AD6D0378-F0F4-4AAA-80AF-8287C790EC96", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*", matchCriteriaId: "8821E5FE-319D-40AB-A515-D56C1893E6F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", matchCriteriaId: "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*", matchCriteriaId: "74BCA435-7594-49E8-9BAE-9E02E129B6C0", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*", matchCriteriaId: "CED02712-1031-4206-AC4D-E68710F46EC9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*", matchCriteriaId: "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "E534C201-BCC5-473C-AAA7-AAB97CEB5437", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*", matchCriteriaId: "94C9C346-6DEC-4C72-9F59-BB3BEC42B551", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*", matchCriteriaId: "2071DABB-7102-47F2-A15F-A6C03607D01F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*", matchCriteriaId: "A8661E86-E075-427F-8E05-7A33811A3A76", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E", versionEndIncluding: "1.0.0.4", versionStartIncluding: "1.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "054736AF-96E0-491D-B824-CC4A35B76E14", versionEndIncluding: "1.1.0.4", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "575894EE-F13C-4D56-8B63-59A379F63BD2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0E476AEB-AD38-4033-8426-DC502497D75A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*", matchCriteriaId: "20981443-6A64-4852-B2CB-3299927C6F78", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*", matchCriteriaId: "59761BB8-FCC7-4D15-88A8-82076CCF196F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*", matchCriteriaId: "CF399B2E-8413-4B80-A0C0-E61E8A0A8604", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*", matchCriteriaId: "230EBA53-66AF-432B-B4C1-08D8FC903B2B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*", matchCriteriaId: "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*", matchCriteriaId: "EF102659-B067-473E-AA37-EA90A82D1864", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*", matchCriteriaId: "81DF915D-D764-4C21-B213-0ADFD844E9DB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*", matchCriteriaId: "C29A4119-A992-4713-85D6-4FDED7CD416A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*", matchCriteriaId: "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*", matchCriteriaId: "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*", matchCriteriaId: "F03006B7-037B-491F-A09F-DEB2FF076754", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*", matchCriteriaId: "FE78AED4-AD60-406C-82E0-BA52701B49BA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*", matchCriteriaId: "3D0B71F0-CCED-4E23-989A-3E9E2D71307C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*", matchCriteriaId: "5CF8FC22-C556-451C-B928-F5AF8DF4BF45", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*", matchCriteriaId: "081D3B14-45F6-4F96-944B-94D967FEFA26", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*", matchCriteriaId: "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*", matchCriteriaId: "D922DC5A-63F6-4188-BCDE-BB987402E47E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*", matchCriteriaId: "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*", matchCriteriaId: "C2BCC22C-A32B-4945-AFBC-777DBE248FB8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*", matchCriteriaId: "92F92890-63B0-4918-A147-8852B6E2FA8A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*", matchCriteriaId: "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*", matchCriteriaId: "ED0B143A-5386-4375-AEB2-48619B2B1EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*", matchCriteriaId: "E7ECA734-9E95-484F-B880-2491A0E2531B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*", matchCriteriaId: "5D7CD9E9-033C-44B8-A68C-47AC260873E1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*", matchCriteriaId: "07B660DC-A94F-48F0-A2F4-1C39CC4751A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*", matchCriteriaId: "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*", matchCriteriaId: "329C8551-98D1-4255-B598-9E75A071C186", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*", matchCriteriaId: "FD0687B7-F374-4368-AD9E-041123B23A6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*", matchCriteriaId: "D0330E77-454E-4E77-9628-50681B748491", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*", matchCriteriaId: "3863726E-15AD-4A47-85CB-0C9965E76EF1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*", matchCriteriaId: "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*", matchCriteriaId: "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*", matchCriteriaId: "D1F35447-889F-4CE9-9473-87046B4707EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*", matchCriteriaId: "A3A5DFC0-BBD7-430C-A026-E1F34E08894D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*", matchCriteriaId: "141E8F6A-3998-4F22-A717-3F52BC998F97", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*", matchCriteriaId: "F09AA197-BB55-4CF0-AC29-4449C07DE510", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*", matchCriteriaId: "3E468E33-B183-4830-97E2-EAF9FD3758E9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*", matchCriteriaId: "738C8F2B-3D3E-4E1F-977A-05D3A39F115D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*", matchCriteriaId: "1ED03E83-909B-423F-81F2-34AB7F24BBE1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*", matchCriteriaId: "9778E8AA-A034-4B04-A42E-6A182378C7DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*", matchCriteriaId: "AEE15598-4064-4E31-86BA-7851AA4B76C4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*", matchCriteriaId: "59FE3789-FB47-4939-B9AA-86D203445526", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*", matchCriteriaId: "2F96389A-82B9-42DE-8E93-D2B2EE610F7A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*", matchCriteriaId: "3131CDA5-1C4D-489C-8788-FA396F8ADB2C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*", matchCriteriaId: "DCC7DF3E-658C-41D7-A4AC-433440A02092", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*", matchCriteriaId: "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*", matchCriteriaId: "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*", matchCriteriaId: "D6870C1E-E4A4-4666-89DB-D72C8100D27E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*", matchCriteriaId: "BE183CA0-FFBB-4746-8BBE-5D1910DD2100", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*", matchCriteriaId: "D04B5EBF-C94C-4A44-9A7E-75623CAF832C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*", matchCriteriaId: "5723FDF4-198B-488E-B075-F528EC6E4D18", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*", matchCriteriaId: "7E23A972-5BCA-4C7E-B6F9-AD54992861A2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*", matchCriteriaId: "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*", matchCriteriaId: "BFE4D0FF-6445-4E14-9536-ADB32662B346", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "9AC763FD-C143-4CA3-9A24-D50C9ED243D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "299C6CBE-905F-4E59-AF2F-89A1CD767916", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "78538461-1B7E-4712-AA8D-D2EA3477635B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*", matchCriteriaId: "5725106C-A650-4C24-9636-1200BD44CCA4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*", matchCriteriaId: "F1501425-96F7-487B-9588-FDA2DAC3790A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*", matchCriteriaId: "48D95998-9434-4AFF-9983-0D7AC34176A3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*", matchCriteriaId: "D60BB309-860D-4D74-B08F-F94AFE84C881", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*", matchCriteriaId: "F63E864E-6323-41B4-956F-51F9364DFAE2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "EC724282-7431-465E-8E60-4037121B8838", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "73151221-C102-4425-9316-1EE4CAAB6531", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "D1E9DDCD-6D22-4175-94EF-D8A5457E7355", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "35AB906F-43CD-4D54-8274-1FD551532E58", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1ADC75F0-B27E-4B15-B829-482FBA0063A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "D015D670-8AEA-49A3-8D22-9E3009322EB0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "28CE650B-BE03-4EDF-BE27-2FA6657F7A52", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "2356A4E6-561B-40CA-8348-B30D581B1E46", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "74509F3F-840E-48B8-88B1-EA4FFB90ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "BE7BD528-628F-4CA9-9FE8-8A79BDC97680", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "26118C2B-78CC-4038-9DEA-7A9417029790", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "4F445D93-D482-4A74-810D-66D78CBCAFED", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "2C9F200C-ECC9-4D51-AFE7-E99C16D09148", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "56B87CB5-0F77-4040-BB58-9DBF5723A4FD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*", matchCriteriaId: "F4B3321B-11AD-43EB-867C-FA4FA6A5421E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*", matchCriteriaId: "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "4975223D-9E31-4CEC-A4B6-C0996828B855", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C15C820B-4778-4B8F-8BD8-E996F1D4062D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A42E70EE-2E23-4D92-ADE0-9177B9EDD430", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*", matchCriteriaId: "01C91446-4A36-4FCE-A973-3E6F813FABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "58281E62-E350-4B0D-9322-8BA1E1773CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "BF1A152E-5795-4319-BD4D-855DE19C744C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "438FCE7F-035A-4D89-96FE-EE5278C85493", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "80900F2C-7CFA-4C40-A6B5-51E12C3DA187", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "33F900E6-AE47-4789-A337-70C6BEF22895", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "AD2E5054-2151-414D-A88F-6697FF280D41", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "3EB09361-372E-4F51-B255-C7D2DB41969F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "A36D6991-3728-4F60-A443-37652DFAA053", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "63C0F7CA-5F3C-41D4-AAD6-084643115D85", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "45CD14D8-665A-46C5-8387-33FF266822A7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*", matchCriteriaId: "6A846C69-CA94-4F5E-9E02-69EA6680549E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "7AAEE176-631A-41B9-BC40-93F866DA9D5E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "9388D932-9818-4A68-9543-B0643166DB2A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "770A9287-C910-4690-9402-0C0B7BAC8912", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "B503F1F7-F439-420D-B465-9A51CCECAB06", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "27948B08-C452-41FB-B41F-6ADB3AAE087E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "4D7F2743-71BB-4011-B919-7E8032B6B72F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*", matchCriteriaId: "3738FAC6-B90B-4014-9E86-17ED6D19D23D", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*", matchCriteriaId: "35B6634E-4F09-423C-87E7-59D4127CC023", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*", matchCriteriaId: "0A7A7100-A1DA-4191-A4C1-D930829A3DC2", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "83739ED7-37F1-4712-8C81-E56F58790240", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*", matchCriteriaId: "1CDD227E-1F98-4F73-BB65-3820F39127F0", versionEndIncluding: "3.1.0.7", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "250AF7A4-8DDF-427C-8BF7-788667908D77", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "22433CE0-9772-48CE-8069-612FF3732C21", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "2569AA28-5C61-4BBD-A501-E1ACFA36837B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*", matchCriteriaId: "3AB188A2-D7CE-4141-A55A-C074C84E366E", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*", matchCriteriaId: "FE4E5283-0FEE-4F37-9C41-FA695063FF79", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*", matchCriteriaId: "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*", matchCriteriaId: "73EB6121-62CD-49FC-A1D2-5467B007253C", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "97E19969-DD73-42F2-9E91-504E1663B268", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "F9CC2E05-5179-4241-A710-E582510EEB0D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3CB18F38-AC6A-406A-A4DD-40688B803744", versionEndExcluding: "1.4.3.5", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB", versionEndExcluding: "1.5.0.4", versionStartIncluding: "1.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AA2ED020-4C7B-4303-ABE6-74D46D127556", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C4EF774-BD92-444D-9583-25DB97CDA4F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FB9850A-3308-4277-A68C-AD418612101E", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C84D7A48-6745-49D3-AE52-31DD7EEC0D61", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*", matchCriteriaId: "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A1A3A3E-5636-4422-9B7B-B3D97989E674", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7384B993-049F-48D7-86D6-FE221C783245", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1DF6129-9CEA-4812-800F-A6FD5095D60E", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*", matchCriteriaId: "7352FACE-C8D0-49A7-A2D7-B755599F0FB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79788A89-4152-4B4B-BFF0-518D90EE4D2B", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "680738C5-63D5-4F60-9610-FD0D87FCBBCA", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "872E2102-6BE6-42B6-93B0-942B7DABCBDA", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E31991-DF33-4F00-8430-7B626E8174CE", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2E25BB0-6F5A-4A7B-9147-D4E17014C747", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B80C1675-4948-45DC-B593-EDB1354E42F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "D5D84487-CEBA-48A0-9B15-A0300D992E3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDEC166F-A967-4616-B9EF-503054EFD197", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713E71BC-16F5-41E3-9816-74D5E8D8C9A9", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*", matchCriteriaId: "4D2487E0-046C-476F-BFF4-EF77D9E856D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0287F3CD-2151-491D-8BC3-6D3921BE8FFA", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4179899-87B4-42C3-8245-9A34EC04F6A1", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8CED766-9742-4037-8005-F0BDDE9176DD", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*", matchCriteriaId: "C41EEAEC-08AE-4478-8977-5A4D7B48C175", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "298C961D-5E5F-4277-B192-A4C29243BECC", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0663FBC-01C0-4AD8-A0B8-6097E537D352", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*", matchCriteriaId: "CE145DE3-3C9B-4949-B6D4-9B259372CCE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", matchCriteriaId: "01EDA41C-6B2E-49AF-B503-EB3882265C11", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*", matchCriteriaId: "0ABC25E5-76CD-469B-879A-B1F7109D0181", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*", matchCriteriaId: "98942F6C-330F-459A-B2B4-72572DB4070E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*", matchCriteriaId: "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*", matchCriteriaId: "8C0BAB94-6521-4B57-9E56-A57BA5E20C24", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3A7788E5-93B9-4149-8823-2ACBA5CF17E0", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*", matchCriteriaId: "B41B4ECD-6F30-46F5-A559-1CEFC7964873", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*", matchCriteriaId: "D42ADCD9-1455-401C-B94F-D367A78A2B97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "2853A787-E5F1-4455-9482-7C538B80556C", versionEndExcluding: "r77.30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "79618AB4-7A8E-4488-8608-57EC2F8681FE", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8E910D60-1145-4229-9890-80D2D67C3845", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48BBEF73-E87D-467F-85EB-47BE212DF0E8", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B276E4DF-69FC-4158-B93A-781A45605034", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "EE23220D-E364-41B7-A440-43B3AA4A716A", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C483253F-841E-4D4E-9B4A-932E9D07268B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5B40837-EC2B-41FB-ACC3-806054EAF28C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "667D3780-3949-41AC-83DE-5BCB8B36C382", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "475F0EF8-42CB-4099-9C4A-390F946C4924", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "A8347412-DC42-4B86-BF6E-A44A5E1541ED", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C8942D9D-8E3A-4876-8E93-ED8D201FF546", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "06BA93C0-A7AE-4A8E-BD74-08149A204463", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D7D7863D-B064-4D7A-A66B-C3D3523425FD", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5CDEC701-DAB3-4D92-AA67-B886E6693E46", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D61BF2-69D8-4AD2-85CD-D87F640A6888", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2C0B4C01-C71E-4E35-B63A-68395984E033", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "9828CBA5-BB72-46E2-987D-633A5B3E2AFF", versionEndIncluding: "11.4.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "68BC025A-D45E-45FB-A4E4-1C89320B5BBE", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "7C75978B-566B-4353-8716-099CB8790EE0", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", matchCriteriaId: "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2", versionEndIncluding: "4.4.0", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", matchCriteriaId: "3AEB1FC5-1179-4DE9-99A2-D650167A7A60", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ADD1B04-9F78-40B3-8314-6935277073B0", versionEndIncluding: "2.3.0", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "482E630B-93A1-4B9B-8273-821C116ADC4F", versionEndIncluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1343FBDC-4BF0-403B-B257-96672F092263", versionEndIncluding: "4.0.5", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7C138527-73D3-4AEE-BFAB-1D240A585A0F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8F2EB3D6-EF4C-4241-A31E-3990664004A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1D1168D2-93D5-4415-A666-B4BE0B2AC201", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48A2FBA9-207F-4F16-932D-BF0BA3440503", versionEndIncluding: "6.4.0", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*", matchCriteriaId: "4C6AC80F-9D91-468D-BEE3-6A0759723673", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680", versionEndExcluding: "9.3.67.5r1", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "665EF643-3CDC-4518-9693-0D49F0870283", versionEndExcluding: "10.1.129.11r1", versionStartIncluding: "10", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BAE3CC45-49E5-40DE-B5C3-52A754A9C599", versionEndExcluding: "10.5.52.11r1", versionStartIncluding: "10.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*", matchCriteriaId: "8968E39A-1E16-4B7F-A16A-190EBC20D04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "864B5480-704F-4636-A938-7D95AD4223AD", versionEndExcluding: "10.10.0", versionStartIncluding: "10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*", matchCriteriaId: "35D34345-0AD1-499C-9A74-982B2D3F305A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*", matchCriteriaId: "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*", matchCriteriaId: "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*", matchCriteriaId: "FECF06B5-3915-48F0-A140-41C7A27EE99D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*", matchCriteriaId: "BBD8B161-0A07-492F-89E4-7A0BD02F6464", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*", matchCriteriaId: "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*", matchCriteriaId: "29DF8DD7-B5CC-4152-A726-1D48459068D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*", matchCriteriaId: "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BC337BB7-9A45-4406-A783-851F279130EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", matchCriteriaId: "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.", }, { lang: "es", value: "GNU Bash hasta 4.3 bash43-025 procesa cadenas finales después de la definición malformada de funciones en los valores de variables de entorno, lo que permite a atacantes remotos escribir hacia ficheros o posiblemente tener otro impacto desconocido a través de un entorno manipulado, tal y como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en la cual establecer el entorno ocurre a través de un límite privilegiado de la ejecución de Bash. Nota: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2014-6271.", }, ], id: "CVE-2014-7169", lastModified: "2025-02-10T20:15:37.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2014-09-25T01:55:04.367", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/58200", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59272", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59737", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59907", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60024", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60034", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60044", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60055", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60063", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60193", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60325", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60433", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60947", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61065", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61128", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61129", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61188", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61283", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61287", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61291", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61312", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61313", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61328", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61442", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61471", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61479", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61485", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61503", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61550", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61552", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61565", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61603", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61618", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61619", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61622", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61626", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61633", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61641", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61643", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61654", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61676", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61700", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61703", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61711", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61715", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61780", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61816", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61855", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61857", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61873", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62228", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62312", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62343", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0393.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1306.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3075.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3077.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-3078.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00041.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1306.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1311.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1312.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/58200", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/59907", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/60947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61065", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61128", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61442", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61552", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61603", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61618", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61816", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/61873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-7169.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://twitter.com/taviso/statuses/514887394294652929", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2014/09/24/32", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2363-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2005-08-05 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 9 | |
| novell | linux_desktop | 9 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| suse | suse_linux | 9.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "A2740DD2-7F0C-47DE-9174-FD8BF0106D22", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", matchCriteriaId: "A7D073E9-E535-4B36-BEF2-8499536E37DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.", }, { lang: "es", value: "Vulnerabilidad desconocida en el kernel de Linux permite que usuarios locales provoquen una denegación de servicio mediante ptrace", }, ], id: "CVE-2005-1761", lastModified: "2024-11-20T23:58:04.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-08-05T04:00:00.000", references: [ { source: "secalert@redhat.com", url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17002", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17073", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18056", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/19369", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1014275", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2006/dsa-1018", }, { source: "secalert@redhat.com", url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/14051", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1018", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-514.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-551.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/427980/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10487", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:02
Severity ?
Summary
/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*", matchCriteriaId: "D42ADCD9-1455-401C-B94F-D367A78A2B97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.", }, { lang: "es", value: "/opt/novell/ncl/bin/nwrights en Novell Client para Linux en Novell Open Enterprise Server (OES) 11 Linux SP2 no maneja debidamente cierto array, lo que permite a usuarios locales obtener el permiso S en circunstancias oportunistas mediante el aprovechamiento de la concesión del permiso F por un administrador.", }, ], id: "CVE-2014-0595", lastModified: "2024-11-21T02:02:27.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-05-08T10:55:03.183", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7014932", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/67144", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7014932", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/67144", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-09-24 18:48
Modified
2025-03-13 19:08
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
References
Impacted products
{ cisaActionDue: "2022-07-28", cisaExploitAdd: "2022-01-28", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*", matchCriteriaId: "F4DBE402-1B0A-4854-ABE5-891321454C25", versionEndIncluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "DCA5A28D-79B6-4F3E-9C98-65D4DFAD8EE7", versionEndExcluding: "4.9.12", versionStartIncluding: "4.9.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9B1DC7EF-C994-4252-9DFE-DCA63FB17AE0", versionEndExcluding: "4.10.9", versionStartIncluding: "4.10.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "9056776F-03F6-4C3D-8635-37D66FD16EAA", versionEndExcluding: "4.11.11", versionStartIncluding: "4.11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "AFEE6963-F73F-4B71-B4F8-6E550FBDA5F6", versionEndExcluding: "4.12.9", versionStartIncluding: "4.12.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "8296875A-64FA-4592-848A-A923126BD8AF", versionEndExcluding: "4.13.9", versionStartIncluding: "4.13.0", vulnerable: true, }, { criteria: "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", matchCriteriaId: "816A16AF-1F5E-483A-AA89-3022818FAE43", versionEndExcluding: "4.14.4f", versionStartIncluding: "4.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:linux:4:*:*:*:*:*:*:*", matchCriteriaId: "F8421899-5D10-4C2B-88AA-3DA909FE3E67", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*", matchCriteriaId: "62A2AC02-A933-4E51-810E-5D040B476B7B", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", matchCriteriaId: "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*", matchCriteriaId: "BE8B7F1F-22F6-4B10-A6E5-DE44B1D2E649", versionEndExcluding: "4.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:-:*:*:*:*:*:*", matchCriteriaId: "F407EA72-BA1A-41A2-B699-874304A638A5", vulnerable: true, }, { criteria: "cpe:2.3:o:qnap:qts:4.1.1:build_0927:*:*:*:*:*:*", matchCriteriaId: "DDA25903-B334-438B-8196-B9E5119199D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", matchCriteriaId: "76F1E356-E019-47E8-AA5F-702DA93CF74E", vulnerable: true, }, { criteria: "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F805A106-9A6F-48E7-8582-D3C5A26DFC11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:gluster_storage_server_for_on-premise:2.1:*:*:*:*:*:*:*", matchCriteriaId: "EC489F35-07F1-4C3E-80B9-78F0689BC54B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:3.4:*:*:*:*:*:*:*", matchCriteriaId: "95CE35FC-266F-4025-A0B8-FB853C020800", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6172AF57-B26D-45F8-BE3A-F75ABDF28F49", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", matchCriteriaId: "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "6252E88C-27FF-420D-A64A-C34124CF7E6A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "8A8E07B7-3739-4BEB-88F8-C7F62431E889", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "569964DA-31BE-4520-A66D-C3B09D557AB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "807C024A-F8E8-4B48-A349-4C68CD252CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.9_s390x:*:*:*:*:*:*:*", matchCriteriaId: "EC5537E1-1E8E-49C5-B4CB-A8E2EE3F5088", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "804DFF9F-BAA8-4239-835B-6182471A224F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "9EE496C0-35F7-44DC-B3F0-71EA3A613C38", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.3_s390x:*:*:*:*:*:*:*", matchCriteriaId: "71179893-49F2-433C-A7AC-687075F9CC1B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "1D4C43D8-02A5-4385-A89E-F265FEEC9E9B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.5_s390x:*:*:*:*:*:*:*", matchCriteriaId: "37ECC029-3D84-4DD7-B28B-E5AD5559CF94", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "F4CBED2A-B6B0-420E-BC40-160930D8662E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "652F7BB0-A6EA-45D0-86D4-49F4CA6C3EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0_ppc:*:*:*:*:*:*:*", matchCriteriaId: "29BBF1AC-F31F-4251-8054-0D89A8E6E990", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.9_ppc:*:*:*:*:*:*:*", matchCriteriaId: "C52A4A2F-6385-4E5F-B2C7-0EF7267546F6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "D8ED0658-5F8F-48F0-A605-A2205DA27DA5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "C385DA76-4863-4D39-84D2-9D185D322365", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "188019BF-3700-4B3F-BFA5-553B2B545B7F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "9B8B2E32-B838-4E51-BAA2-764089D2A684", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "4319B943-7B19-468D-A160-5895F7F997A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", matchCriteriaId: "634C23AC-AC9C-43F4-BED8-1C720816D5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*", matchCriteriaId: "BB6ADFB8-210D-4E46-82A2-1C8705928382", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", matchCriteriaId: "92C9F1C4-55B0-426D-BB5E-01372C23AF97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", matchCriteriaId: "AD6D0378-F0F4-4AAA-80AF-8287C790EC96", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", matchCriteriaId: "AF83BB87-B203-48F9-9D06-48A5FE399050", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*", matchCriteriaId: "8821E5FE-319D-40AB-A515-D56C1893E6F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*", matchCriteriaId: "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:7.0:*:*:*:*:*:*:*", matchCriteriaId: "F732C7C9-A9CC-4DEF-A8BE-D0F18C944C78", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", matchCriteriaId: "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*", matchCriteriaId: "74BCA435-7594-49E8-9BAE-9E02E129B6C0", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", matchCriteriaId: "3ED68ADD-BBDA-4485-BC76-58F011D72311", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", matchCriteriaId: "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*", matchCriteriaId: "CED02712-1031-4206-AC4D-E68710F46EC9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", matchCriteriaId: "35BBD83D-BDC7-4678-BE94-639F59281139", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:-:*:*", matchCriteriaId: "7F4AF9EC-7C74-40C3-A1BA-82B80C4A7EE0", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", matchCriteriaId: "E534C201-BCC5-473C-AAA7-AAB97CEB5437", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", matchCriteriaId: "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", matchCriteriaId: "1831D45A-EE6E-4220-8F8C-248B69520948", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:8.2:*:*:*:*:*:*:*", matchCriteriaId: "94C9C346-6DEC-4C72-9F59-BB3BEC42B551", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.0:*:*:*:*:*:*:*", matchCriteriaId: "2071DABB-7102-47F2-A15F-A6C03607D01F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:infosphere_guardium_database_activity_monitoring:9.1:*:*:*:*:*:*:*", matchCriteriaId: "A8661E86-E075-427F-8E05-7A33811A3A76", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "BEFCC35D-1C83-4CA5-8B1D-9A637613AD7E", versionEndIncluding: "1.0.0.4", versionStartIncluding: "1.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:*:*:*:*:*:*:*:*", matchCriteriaId: "054736AF-96E0-491D-B824-CC4A35B76E14", versionEndIncluding: "1.1.0.4", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "575894EE-F13C-4D56-8B63-59A379F63BD2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_risk_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0E476AEB-AD38-4033-8426-DC502497D75A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:*:*:*:*:*:*:*", matchCriteriaId: "3C062C89-5DC2-46EE-A9D3-23E7539A5DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr1:*:*:*:*:*:*", matchCriteriaId: "20981443-6A64-4852-B2CB-3299927C6F78", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.0:mr2:*:*:*:*:*:*", matchCriteriaId: "59761BB8-FCC7-4D15-88A8-82076CCF196F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:-:*:*:*:*:*:*", matchCriteriaId: "CF399B2E-8413-4B80-A0C0-E61E8A0A8604", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p1:*:*:*:*:*:*", matchCriteriaId: "230EBA53-66AF-432B-B4C1-08D8FC903B2B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p2:*:*:*:*:*:*", matchCriteriaId: "789F398A-5CB2-48F8-AF8F-05BF0A8E04B9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.1:p3:*:*:*:*:*:*", matchCriteriaId: "EF102659-B067-473E-AA37-EA90A82D1864", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:-:*:*:*:*:*:*", matchCriteriaId: "81DF915D-D764-4C21-B213-0ADFD844E9DB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p1:*:*:*:*:*:*", matchCriteriaId: "C29A4119-A992-4713-85D6-4FDED7CD416A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p10:*:*:*:*:*:*", matchCriteriaId: "4CA59C9D-74C2-4AFC-B1D1-1BC305FD493B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p11:*:*:*:*:*:*", matchCriteriaId: "5720A37E-1DB5-45BA-9FDE-0EAEFE1F2257", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p12:*:*:*:*:*:*", matchCriteriaId: "F03006B7-037B-491F-A09F-DEB2FF076754", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p13:*:*:*:*:*:*", matchCriteriaId: "FE78AED4-AD60-406C-82E0-BA52701B49BA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p2:*:*:*:*:*:*", matchCriteriaId: "3D0B71F0-CCED-4E23-989A-3E9E2D71307C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p3:*:*:*:*:*:*", matchCriteriaId: "5CF8FC22-C556-451C-B928-F5AF8DF4BF45", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p4:*:*:*:*:*:*", matchCriteriaId: "081D3B14-45F6-4F96-944B-94D967FEFA26", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p5:*:*:*:*:*:*", matchCriteriaId: "DE2C36B5-43F8-401B-B420-1FA5F13A4D6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p6:*:*:*:*:*:*", matchCriteriaId: "D922DC5A-63F6-4188-BCDE-BB987402E47E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p7:*:*:*:*:*:*", matchCriteriaId: "BFD5737C-AAE8-4C8D-BCFE-FFDF5DA4221C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p8:*:*:*:*:*:*", matchCriteriaId: "C2BCC22C-A32B-4945-AFBC-777DBE248FB8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.1.2:p9:*:*:*:*:*:*", matchCriteriaId: "92F92890-63B0-4918-A147-8852B6E2FA8A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*", matchCriteriaId: "8016ECD3-4417-47A8-9493-C9F9EDF5FAA5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:-:*:*:*:*:*:*", matchCriteriaId: "ED0B143A-5386-4375-AEB2-48619B2B1EF3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p1:*:*:*:*:*:*", matchCriteriaId: "E7ECA734-9E95-484F-B880-2491A0E2531B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p2:*:*:*:*:*:*", matchCriteriaId: "5D7CD9E9-033C-44B8-A68C-47AC260873E1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.0:p3:*:*:*:*:*:*", matchCriteriaId: "07B660DC-A94F-48F0-A2F4-1C39CC4751A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:-:*:*:*:*:*:*", matchCriteriaId: "44D355AE-A8C0-4D7B-87FE-5D4138B6BB2E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p1:*:*:*:*:*:*", matchCriteriaId: "329C8551-98D1-4255-B598-9E75A071C186", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p2:*:*:*:*:*:*", matchCriteriaId: "FD0687B7-F374-4368-AD9E-041123B23A6C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.1:p3:*:*:*:*:*:*", matchCriteriaId: "D0330E77-454E-4E77-9628-50681B748491", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:-:*:*:*:*:*:*", matchCriteriaId: "3863726E-15AD-4A47-85CB-0C9965E76EF1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p1:*:*:*:*:*:*", matchCriteriaId: "5C07D9DC-E6C1-4FB0-86F1-144FD51B08CD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p2:*:*:*:*:*:*", matchCriteriaId: "3105129C-8FE8-4BF0-8CB9-A7F3F7FE1107", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p3:*:*:*:*:*:*", matchCriteriaId: "D1F35447-889F-4CE9-9473-87046B4707EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.2:p4:*:*:*:*:*:*", matchCriteriaId: "A3A5DFC0-BBD7-430C-A026-E1F34E08894D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:-:*:*:*:*:*:*", matchCriteriaId: "141E8F6A-3998-4F22-A717-3F52BC998F97", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p1:*:*:*:*:*:*", matchCriteriaId: "F09AA197-BB55-4CF0-AC29-4449C07DE510", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p2:*:*:*:*:*:*", matchCriteriaId: "3E468E33-B183-4830-97E2-EAF9FD3758E9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p3:*:*:*:*:*:*", matchCriteriaId: "738C8F2B-3D3E-4E1F-977A-05D3A39F115D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.3:p4:*:*:*:*:*:*", matchCriteriaId: "1ED03E83-909B-423F-81F2-34AB7F24BBE1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:-:*:*:*:*:*:*", matchCriteriaId: "9778E8AA-A034-4B04-A42E-6A182378C7DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p1:*:*:*:*:*:*", matchCriteriaId: "AEE15598-4064-4E31-86BA-7851AA4B76C4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p2:*:*:*:*:*:*", matchCriteriaId: "59FE3789-FB47-4939-B9AA-86D203445526", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p3:*:*:*:*:*:*", matchCriteriaId: "2F96389A-82B9-42DE-8E93-D2B2EE610F7A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p4:*:*:*:*:*:*", matchCriteriaId: "3131CDA5-1C4D-489C-8788-FA396F8ADB2C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p5:*:*:*:*:*:*", matchCriteriaId: "DCC7DF3E-658C-41D7-A4AC-433440A02092", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.4:p6:*:*:*:*:*:*", matchCriteriaId: "EEBB12B8-4EF6-42B9-9D28-A9CA129B0FBA", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:-:*:*:*:*:*:*", matchCriteriaId: "279C30FB-EA1C-4D1D-A37E-F1EEF79F19F4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p1:*:*:*:*:*:*", matchCriteriaId: "D6870C1E-E4A4-4666-89DB-D72C8100D27E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p2:*:*:*:*:*:*", matchCriteriaId: "BE183CA0-FFBB-4746-8BBE-5D1910DD2100", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p3:*:*:*:*:*:*", matchCriteriaId: "D04B5EBF-C94C-4A44-9A7E-75623CAF832C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p4:*:*:*:*:*:*", matchCriteriaId: "5723FDF4-198B-488E-B075-F528EC6E4D18", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p5:*:*:*:*:*:*", matchCriteriaId: "7E23A972-5BCA-4C7E-B6F9-AD54992861A2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.5:p6:*:*:*:*:*:*", matchCriteriaId: "1D00AFC9-8A9C-4BB1-9E60-BC6D552DC8E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:-:*:*:*:*:*:*", matchCriteriaId: "BFE4D0FF-6445-4E14-9536-ADB32662B346", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "C7FC4FDA-1C8D-4D7A-B5EA-D905FA830805", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "753AA0F3-09F4-4E34-8E72-FAFD8BFE18EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "9AC763FD-C143-4CA3-9A24-D50C9ED243D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "299C6CBE-905F-4E59-AF2F-89A1CD767916", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "78538461-1B7E-4712-AA8D-D2EA3477635B", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "E3FF46F1-EF19-49D7-9EDD-44441C1A3F94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "D9F91FB6-7D8F-4D89-B6BA-2C6DF15B9A51", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:-:*:*:*:*:*:*", matchCriteriaId: "5725106C-A650-4C24-9636-1200BD44CCA4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p1:*:*:*:*:*:*", matchCriteriaId: "F1501425-96F7-487B-9588-FDA2DAC3790A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p2:*:*:*:*:*:*", matchCriteriaId: "48D95998-9434-4AFF-9983-0D7AC34176A3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p3:*:*:*:*:*:*", matchCriteriaId: "D60BB309-860D-4D74-B08F-F94AFE84C881", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.7:p4:*:*:*:*:*:*", matchCriteriaId: "F63E864E-6323-41B4-956F-51F9364DFAE2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "EC724282-7431-465E-8E60-4037121B8838", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "73151221-C102-4425-9316-1EE4CAAB6531", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "D1E9DDCD-6D22-4175-94EF-D8A5457E7355", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "35AB906F-43CD-4D54-8274-1FD551532E58", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1ADC75F0-B27E-4B15-B829-482FBA0063A5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "D015D670-8AEA-49A3-8D22-9E3009322EB0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "C18F3CC3-9BCF-4DE8-B7CA-59587D5E61F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "E543BC0F-ADFB-4CF2-BC6C-90DC76BE3A95", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "28CE650B-BE03-4EDF-BE27-2FA6657F7A52", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "2356A4E6-561B-40CA-8348-B30D581B1E46", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "74509F3F-840E-48B8-88B1-EA4FFB90ACC3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "BE7BD528-628F-4CA9-9FE8-8A79BDC97680", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "26118C2B-78CC-4038-9DEA-7A9417029790", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "29EBC1DD-6949-4B12-8CA5-EE2BCDB8C4C3", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "4F445D93-D482-4A74-810D-66D78CBCAFED", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "2C9F200C-ECC9-4D51-AFE7-E99C16D09148", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "56B87CB5-0F77-4040-BB58-9DBF5723A4FD", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.8.15:*:*:*:*:*:*:*", matchCriteriaId: "F4B3321B-11AD-43EB-867C-FA4FA6A5421E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.2.9:*:*:*:*:*:*:*", matchCriteriaId: "DFB104CA-55CD-4B9E-A2F7-CC06E57663CB", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.0:*:*:*:*:*:*:*", matchCriteriaId: "4975223D-9E31-4CEC-A4B6-C0996828B855", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "22E0F4A7-B8BD-42D1-92DB-2B510FFC9C36", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C15C820B-4778-4B8F-8BD8-E996F1D4062D", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "A42E70EE-2E23-4D92-ADE0-9177B9EDD430", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.4:*:*:*:*:*:*:*", matchCriteriaId: "01C91446-4A36-4FCE-A973-3E6F813FABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p1:*:*:*:*:*:*", matchCriteriaId: "58281E62-E350-4B0D-9322-8BA1E1773CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p2:*:*:*:*:*:*", matchCriteriaId: "BF1A152E-5795-4319-BD4D-855DE19C744C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p3:*:*:*:*:*:*", matchCriteriaId: "438FCE7F-035A-4D89-96FE-EE5278C85493", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p4:*:*:*:*:*:*", matchCriteriaId: "80900F2C-7CFA-4C40-A6B5-51E12C3DA187", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p5:*:*:*:*:*:*", matchCriteriaId: "DDE9A060-1D4D-46E5-A34F-CC4CFA260D94", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p6:*:*:*:*:*:*", matchCriteriaId: "33F900E6-AE47-4789-A337-70C6BEF22895", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.6:p7:*:*:*:*:*:*", matchCriteriaId: "AD2E5054-2151-414D-A88F-6697FF280D41", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:-:*:*:*:*:*:*", matchCriteriaId: "3EB09361-372E-4F51-B255-C7D2DB41969F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p1:*:*:*:*:*:*", matchCriteriaId: "A36D6991-3728-4F60-A443-37652DFAA053", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p10:*:*:*:*:*:*", matchCriteriaId: "4142CC4E-9F0D-4017-8D17-D59FBCEB36F1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p11:*:*:*:*:*:*", matchCriteriaId: "63C0F7CA-5F3C-41D4-AAD6-084643115D85", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p12:*:*:*:*:*:*", matchCriteriaId: "1D16C66D-15BF-4EB8-8D78-DF12A69BD7F8", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p13:*:*:*:*:*:*", matchCriteriaId: "81C388DC-0941-4D08-8C1C-BD43D9B0DC8F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p14:*:*:*:*:*:*", matchCriteriaId: "45CD14D8-665A-46C5-8387-33FF266822A7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p15:*:*:*:*:*:*", matchCriteriaId: "D510329D-B39E-4E2B-AAEC-1FDA7869C9E0", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p16:*:*:*:*:*:*", matchCriteriaId: "4640FE06-4D22-442E-A0E0-76EEFAF6ECB4", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p17:*:*:*:*:*:*", matchCriteriaId: "6A846C69-CA94-4F5E-9E02-69EA6680549E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p2:*:*:*:*:*:*", matchCriteriaId: "F3E63ECF-25CB-4E7F-BF51-B4D7B3541AE6", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p3:*:*:*:*:*:*", matchCriteriaId: "FF14DD4F-6779-4B17-AB1B-D4DE58E7E231", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p4:*:*:*:*:*:*", matchCriteriaId: "7AAEE176-631A-41B9-BC40-93F866DA9D5E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p5:*:*:*:*:*:*", matchCriteriaId: "75C963D5-F2D1-49EE-93B5-CA7FE7EAB98C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p6:*:*:*:*:*:*", matchCriteriaId: "9388D932-9818-4A68-9543-B0643166DB2A", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p7:*:*:*:*:*:*", matchCriteriaId: "770A9287-C910-4690-9402-0C0B7BAC8912", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p8:*:*:*:*:*:*", matchCriteriaId: "3F8AC068-D5AC-4042-8A7C-5B95EA0E85F5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:qradar_vulnerability_manager:7.2.8:p9:*:*:*:*:*:*", matchCriteriaId: "B503F1F7-F439-420D-B465-9A51CCECAB06", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.3.0:*:*:*:*:*:*:*", matchCriteriaId: "27948B08-C452-41FB-B41F-6ADB3AAE087E", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:2.4.0:*:*:*:*:*:*:*", matchCriteriaId: "8AB8FB4C-5BBC-420D-84F0-C8424DC25CD7", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.1.0:*:*:*:*:*:*:*", matchCriteriaId: "CAF1F14C-DB2C-40A8-B899-C127C7ECC0D5", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_entry_appliance:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E87FA9CC-D201-430F-8FE6-8C9A88CEAB1C", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:smartcloud_provisioning:2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "4D7F2743-71BB-4011-B919-7E8032B6B72F", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:kvm:*:*:*", matchCriteriaId: "3738FAC6-B90B-4014-9E86-17ED6D19D23D", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:openflow:*:*:*", matchCriteriaId: "35B6634E-4F09-423C-87E7-59D4127CC023", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:software_defined_network_for_virtual_environments:*:*:*:*:vmware:*:*:*", matchCriteriaId: "0A7A7100-A1DA-4191-A4C1-D930829A3DC2", versionEndExcluding: "1.2.1", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:starter_kit_for_cloud:2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "83739ED7-37F1-4712-8C81-E56F58790240", vulnerable: true, }, { criteria: "cpe:2.3:a:ibm:workload_deployer:*:*:*:*:*:*:*:*", matchCriteriaId: "1CDD227E-1F98-4F73-BB65-3820F39127F0", versionEndIncluding: "3.1.0.7", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "250AF7A4-8DDF-427C-8BF7-788667908D77", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.1:*:*:*:*:*:*:*", matchCriteriaId: "22433CE0-9772-48CE-8069-612FF3732C21", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "2569AA28-5C61-4BBD-A501-E1ACFA36837B", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "79AFD6BE-4ED1-4A9C-AF30-F083A7A4F418", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.4:*:*:*:*:*:*:*", matchCriteriaId: "3AB188A2-D7CE-4141-A55A-C074C84E366E", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "DE776097-1DA4-4F27-8E96-61E3D9FFE8D0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.6:*:*:*:*:*:*:*", matchCriteriaId: "FE4E5283-0FEE-4F37-9C41-FA695063FF79", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.7:*:*:*:*:*:*:*", matchCriteriaId: "39D9B9CF-5F3D-4CA3-87A0-AAE1BA5F09C1", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.8:*:*:*:*:*:*:*", matchCriteriaId: "73EB6121-62CD-49FC-A1D2-5467B007253C", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", matchCriteriaId: "97E19969-DD73-42F2-9E91-504E1663B268", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", matchCriteriaId: "F9CC2E05-5179-4241-A710-E582510EEB0D", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3CB18F38-AC6A-406A-A4DD-40688B803744", versionEndExcluding: "1.4.3.5", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DFE781C8-40F7-4F6D-8FED-8EB3071FE9DB", versionEndExcluding: "1.5.0.4", versionStartIncluding: "1.5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A5AB3395-B458-49F8-A8E3-25FF0C1C3BD3", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EC57FAE-AD4D-4C9F-97A4-581C977B5FE4", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AA2ED020-4C7B-4303-ABE6-74D46D127556", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47A17EE0-7D3E-4CD7-984C-BB17BF6F4BFD", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33A46CF2-392A-4BB9-B4BF-DE8C5228CAAE", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v5000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C4EF774-BD92-444D-9583-25DB97CDA4F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*", matchCriteriaId: "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8753BBDB-A858-4A51-A8FD-8DF8DF2734A0", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0FB9850A-3308-4277-A68C-AD418612101E", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C84D7A48-6745-49D3-AE52-31DD7EEC0D61", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*", matchCriteriaId: "49318A1D-49F6-4CA7-AE31-0EB4B3790CBB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A1A3A3E-5636-4422-9B7B-B3D97989E674", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7384B993-049F-48D7-86D6-FE221C783245", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:storwize_v3500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1DF6129-9CEA-4812-800F-A6FD5095D60E", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*", matchCriteriaId: "7352FACE-C8D0-49A7-A2D7-B755599F0FB3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79788A89-4152-4B4B-BFF0-518D90EE4D2B", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "680738C5-63D5-4F60-9610-FD0D87FCBBCA", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:flex_system_v7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "872E2102-6BE6-42B6-93B0-942B7DABCBDA", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:flex_system_v7000:-:*:*:*:*:*:*:*", matchCriteriaId: "DACA26CF-7C3F-4215-B032-ED9C5EFD57D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E31991-DF33-4F00-8430-7B626E8174CE", versionEndExcluding: "7.1.0.11", versionStartIncluding: "1.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2E25BB0-6F5A-4A7B-9147-D4E17014C747", versionEndExcluding: "7.2.0.9", versionStartIncluding: "7.2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:san_volume_controller_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B80C1675-4948-45DC-B593-EDB1354E42F3", versionEndExcluding: "7.3.0.7", versionStartIncluding: "7.3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:san_volume_controller:-:*:*:*:*:*:*:*", matchCriteriaId: "D5D84487-CEBA-48A0-9B15-A0300D992E3D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CE69F8D-5EEE-4BC7-939C-CE71BCD2E11D", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDEC166F-A967-4616-B9EF-503054EFD197", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "713E71BC-16F5-41E3-9816-74D5E8D8C9A9", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6500:-:*:*:*:*:*:*:*", matchCriteriaId: "4D2487E0-046C-476F-BFF4-EF77D9E856D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0287F3CD-2151-491D-8BC3-6D3921BE8FFA", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C4179899-87B4-42C3-8245-9A34EC04F6A1", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8CED766-9742-4037-8005-F0BDDE9176DD", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn6800:-:*:*:*:*:*:*:*", matchCriteriaId: "C41EEAEC-08AE-4478-8977-5A4D7B48C175", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "298C961D-5E5F-4277-B192-A4C29243BECC", versionEndExcluding: "3.8.0.07", versionStartIncluding: "3.8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A76C40-BA90-4FBD-8DFF-4AF8F952963A", versionEndExcluding: "3.9.1.08", versionStartIncluding: "3.9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:ibm:stn7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B0663FBC-01C0-4AD8-A0B8-6097E537D352", versionEndExcluding: "4.1.2.06", versionStartIncluding: "4.1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:ibm:stn7800:-:*:*:*:*:*:*:*", matchCriteriaId: "CE145DE3-3C9B-4949-B6D4-9B259372CCE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", matchCriteriaId: "01EDA41C-6B2E-49AF-B503-EB3882265C11", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:10.3:*:*:*:*:*:*:*", matchCriteriaId: "0ABC25E5-76CD-469B-879A-B1F7109D0181", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11:*:*:*:*:*:*:*", matchCriteriaId: "98942F6C-330F-459A-B2B4-72572DB4070E", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.1:*:*:*:*:*:*:*", matchCriteriaId: "F5A92B0C-7256-45F0-8E0C-ADFEF36CF43D", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.2:*:*:*:*:*:*:*", matchCriteriaId: "8C0BAB94-6521-4B57-9E56-A57BA5E20C24", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:zenworks_configuration_management:11.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3A7788E5-93B9-4149-8823-2ACBA5CF17E0", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:2.0:sp3:*:*:*:linux_kernel:*:*", matchCriteriaId: "B41B4ECD-6F30-46F5-A559-1CEFC7964873", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp2:*:*:*:linux_kernel:*:*", matchCriteriaId: "D42ADCD9-1455-401C-B94F-D367A78A2B97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:checkpoint:security_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "2853A787-E5F1-4455-9482-7C538B80556C", versionEndExcluding: "r77.30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "79618AB4-7A8E-4488-8608-57EC2F8681FE", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8E910D60-1145-4229-9890-80D2D67C3845", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CFA77C6B-72DB-4D57-87CF-11F2C7EDB828", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "48BBEF73-E87D-467F-85EB-47BE212DF0E8", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B276E4DF-69FC-4158-B93A-781A45605034", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "EE23220D-E364-41B7-A440-43B3AA4A716A", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "B70D2BD5-8E3F-4B57-84EF-3AF40F6378F1", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C483253F-841E-4D4E-9B4A-932E9D07268B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5B40837-EC2B-41FB-ACC3-806054EAF28C", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "667D3780-3949-41AC-83DE-5BCB8B36C382", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4F0E7766-BDB4-42AB-B6CC-6B4E86A10038", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "475F0EF8-42CB-4099-9C4A-390F946C4924", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "A8347412-DC42-4B86-BF6E-A44A5E1541ED", versionEndIncluding: "10.2.4", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "C8942D9D-8E3A-4876-8E93-ED8D201FF546", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "7B5AF8C8-578E-4FD7-8BAA-53A57EE4C653", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "06BA93C0-A7AE-4A8E-BD74-08149A204463", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "D7D7863D-B064-4D7A-A66B-C3D3523425FD", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1DF6BB8A-FA63-4DBC-891C-256FF23CBCF0", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "3E0D8F52-0EAD-4E02-A8D8-CBAE2CDC703B", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "5CDEC701-DAB3-4D92-AA67-B886E6693E46", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "289CEABB-22A2-436D-AE4B-4BDA2D0EAFDB", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D61BF2-69D8-4AD2-85CD-D87F640A6888", versionEndIncluding: "11.5.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "2FF5A5F6-4BA3-4276-8679-B5560EACF2E0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167", versionEndIncluding: "11.5.1", versionStartIncluding: "11.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.0:*:*:*:*:*:*:*", matchCriteriaId: "CB8D3B87-B8F5-490A-B1D9-04F2EE93EEA3", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "2C0B4C01-C71E-4E35-B63A-68395984E033", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", matchCriteriaId: "9828CBA5-BB72-46E2-987D-633A5B3E2AFF", versionEndIncluding: "11.4.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "BB60C39D-52ED-47DD-9FB9-2B4BC8D9F8AC", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "68BC025A-D45E-45FB-A4E4-1C89320B5BBE", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "AE007A64-5867-4B1A-AEFB-3AB2CD6A5EA4", versionEndIncluding: "10.2.4", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "7C75978B-566B-4353-8716-099CB8790EE0", versionEndIncluding: "11.3.0", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", matchCriteriaId: "BC24B891-6DBA-4C02-B4CF-8D1CA53B4B74", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", matchCriteriaId: "0BB0FDAC-C49D-4E63-ACA9-7BAD7C93A5D2", versionEndIncluding: "4.4.0", versionStartIncluding: "4.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", matchCriteriaId: "3AEB1FC5-1179-4DE9-99A2-D650167A7A60", versionEndIncluding: "4.4.0", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "0ADD1B04-9F78-40B3-8314-6935277073B0", versionEndIncluding: "2.3.0", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "482E630B-93A1-4B9B-8273-821C116ADC4F", versionEndIncluding: "3.1.1", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "1343FBDC-4BF0-403B-B257-96672F092263", versionEndIncluding: "4.0.5", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "7C138527-73D3-4AEE-BFAB-1D240A585A0F", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8F2EB3D6-EF4C-4241-A31E-3990664004A7", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:3.5.1:*:*:*:*:*:*:*", matchCriteriaId: "8F0CD8F8-26CE-43F0-87EB-A08F1D1EDB25", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "1D1168D2-93D5-4415-A666-B4BE0B2AC201", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:f5:arx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48A2FBA9-207F-4F16-932D-BF0BA3440503", versionEndIncluding: "6.4.0", versionStartIncluding: "6.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:f5:arx:-:*:*:*:*:*:*:*", matchCriteriaId: "4C6AC80F-9D91-468D-BEE3-6A0759723673", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF1DB4B7-AFCC-4D56-95BA-C66AB7A36680", versionEndExcluding: "9.3.67.5r1", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "665EF643-3CDC-4518-9693-0D49F0870283", versionEndExcluding: "10.1.129.11r1", versionStartIncluding: "10", vulnerable: true, }, { criteria: "cpe:2.3:o:citrix:netscaler_sdx_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BAE3CC45-49E5-40DE-B5C3-52A754A9C599", versionEndExcluding: "10.5.52.11r1", versionStartIncluding: "10.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:citrix:netscaler_sdx:-:*:*:*:*:*:*:*", matchCriteriaId: "8968E39A-1E16-4B7F-A16A-190EBC20D04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "864B5480-704F-4636-A938-7D95AD4223AD", versionEndExcluding: "10.10.0", versionStartIncluding: "10.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*", matchCriteriaId: "35D34345-0AD1-499C-9A74-982B2D3F305A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*", matchCriteriaId: "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*", matchCriteriaId: "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*", matchCriteriaId: "FECF06B5-3915-48F0-A140-41C7A27EE99D", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*", matchCriteriaId: "BBD8B161-0A07-492F-89E4-7A0BD02F6464", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*", matchCriteriaId: "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:-:*:*:*:*:*:*", matchCriteriaId: "29DF8DD7-B5CC-4152-A726-1D48459068D0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*", matchCriteriaId: "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", matchCriteriaId: "BC337BB7-9A45-4406-A783-851F279130EE", vulnerable: true, }, { criteria: "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", matchCriteriaId: "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka \"ShellShock.\" NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.", }, { lang: "es", value: "GNU Bash hasta la versión 4.3 procesa cadenas finales después de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar código arbitrario a través de un entorno manipulado, tal como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a través de un límite privilegiado de la ejecución de Bash, también conocido como \"ShellShock.\" NOTA: la reparación original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todavía está presente después de la solución incorrecta.", }, ], id: "CVE-2014-6271", lastModified: "2025-03-13T19:08:10.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2014-09-24T18:48:04.477", references: [ { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0388.html", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "security@debian.org", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", }, { source: "security@debian.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1293.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1294.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1293.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1294.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1295.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/58200", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59272", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59737", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59907", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60024", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60034", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60044", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60055", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60063", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60193", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60325", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60433", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60947", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61065", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61128", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61129", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61188", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61283", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61287", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61291", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61312", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61313", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61328", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61442", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61471", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61485", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61503", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61542", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61547", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61550", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61552", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61565", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61603", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61633", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61641", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61643", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61654", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61676", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61700", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61703", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61711", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61715", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61780", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61816", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61855", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61857", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61873", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62228", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62312", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62343", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-6271.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "security@debian.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3032", }, { source: "security@debian.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70103", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2362-1", }, { source: "security@debian.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "security@debian.org", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "security@debian.org", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "security@debian.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/37816/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/38849/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39918/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/40619/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/40938/", }, { source: "security@debian.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42938/", }, { source: "security@debian.org", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://advisories.mageia.org/MGASA-2014-0388.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://jvn.jp/en/jp/JVN55667175/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", "Vendor Advisory", ], url: "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "http://lcamtuf.blogspot.com/2014/09/quick-notes-about-bash-bug-its-impact.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1293.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://linux.oracle.com/errata/ELSA-2014-1294.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00049.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141216207813411&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141216668515282&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141235957116749&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141319209015420&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141330425327438&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141330468527613&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141345648114150&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383026420882&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383081521087&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383138121313&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383196021590&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383244821813&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383304022067&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383353622268&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141383465822787&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141450491804793&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576728022234&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577137423233&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577241923505&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141577297623641&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141585637922673&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141694386919794&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141879528318582&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142113462216480&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142118135300698&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358026505815&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142358078406056&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142546741516006&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142719845423222&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142721162228379&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=142805027510172&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128517/VMware-Security-Advisory-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/128573/Apache-mod_cgi-Remote-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/137376/IPFire-Bash-Environment-Variable-Injection-Shellshock.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/161107/SonicWall-SSL-VPN-Shellshock-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1293.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1294.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1295.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2014-1354.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2014/Oct/0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/58200", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59737", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/59907", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60325", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/60947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61065", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61128", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61442", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61547", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61552", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61603", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61633", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61641", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61676", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61700", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61816", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/61873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/62343", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.apple.com/kb/HT6495", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://support.novell.com/security/cve/CVE-2014-6271.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685604", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685749", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21685914", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686131", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21686494", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21687079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-3032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/252743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015701", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7015721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.qnap.com/i/en/support/con_show.php?cid=61", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/533593/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/70103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-2362-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/ncas/alerts/TA14-268A", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vmware.com/security/advisories/VMSA-2014-0010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://access.redhat.com/articles/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://access.redhat.com/node/1200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1141597", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kb.bluecoat.com/index?page=content&id=SA82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT6535", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.citrix.com/article/CTX200217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://support.citrix.com/article/CTX200223", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04497075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c04518183", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673&src=securityAlerts", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1008-security-advisory-0006", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/34879/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/37816/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/38849/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/39918/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/40619/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/40938/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/42938/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/shellshock/", }, ], sourceIdentifier: "security@debian.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-30 22:15
Modified
2024-11-21 01:50
Severity ?
Summary
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| qemu | qemu | 1.5.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| novell | open_desktop_server | 11.0 | |
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", matchCriteriaId: "6265D005-1DD4-4CE2-89E1-01EC33046D1F", versionEndIncluding: "1.4.2", versionStartIncluding: "1.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:qemu:qemu:1.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "35B1E3F1-4647-47FF-9546-0742F10B607B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_desktop_server:11.0:sp3:*:*:*:linux_kernel:*:*", matchCriteriaId: "51188661-157E-476E-A6EC-23F1EFE44B52", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:open_enterprise_server:11.0:sp3:*:*:*:linux_kernel:*:*", matchCriteriaId: "8D3C2E01-F02A-4D69-AB67-53C0A59F123B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.", }, { lang: "es", value: "Se encontró un fallo en la manera en que qemu versión v1.3.0 y posteriores (virtio-rng) comprueba las direcciones cuando el invitado accede al espacio de configuración de un dispositivo virtio. Si el dispositivo virtio posee un espacio de configuración de tamaño cero o pequeño, ta y como virtio-rng, un usuario invitado privilegiado podría usar este fallo para acceder al espacio de direcciones qemu del host correspondiente y así aumentar sus privilegios en el host.", }, ], id: "CVE-2013-2016", lastModified: "2024-11-21T01:50:52.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-30T22:15:11.387", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/5", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/6", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/59541", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-2016", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/qemu/qemu/commit/5f5a1318653c08e435cfa52f60b6a712815b659d", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-2016", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/04/29/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/59541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2013-2016", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/qemu/qemu/commit/5f5a1318653c08e435cfa52f60b6a712815b659d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2013-2016", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-02-27 20:06
Modified
2024-11-21 00:07
Severity ?
Summary
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | 1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:1:*:*:*:*:*:*:*", matchCriteriaId: "842AFCB8-3186-4667-93DF-2F067840F117", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.", }, ], id: "CVE-2006-0736", lastModified: "2024-11-21T00:07:13.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-02-27T20:06:00.000", references: [ { source: "cve@mitre.org", url: "http://secunia.com/advisories/18995", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/16779", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2006_10_casa.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/16779", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0693", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-12-01 17:55
Modified
2024-11-21 01:54
Severity ?
Summary
The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.novell.com/support/kb/doc.php?id=7014063 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/support/kb/doc.php?id=7014063 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 11.0 | |
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:*:*:*:*:*:*:*", matchCriteriaId: "D3B94B07-A63A-4701-BBE2-D70B35A046D0", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:sp1:*:*:*:*:*:*", matchCriteriaId: "ED1DEB26-E344-400D-9068-E94816376D30", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.", }, { lang: "es", value: "El servicio HTTPSTK en el paquete novell-nrm anterior a la versión 2.0.2-297.305.302.3 de Novell Open Enterprise Server 2 (OES 2) Linux, y OES 11 Linux Gold y SP1, no realiza las llamadas SSL_free and SSL_shutdown intencionadas para el cierre de una conexión TCP, lo que permite a atacantes remotos provocar una denegación de servicio (caída del servicio) mediante el establecimiento de varias conexiones TCP al puerto 8009.", }, ], id: "CVE-2013-3707", lastModified: "2024-11-21T01:54:09.543", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-12-01T17:55:05.147", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7014063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.novell.com/support/kb/doc.php?id=7014063", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-08-05 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 9 | |
| novell | linux_desktop | 9 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| suse | suse_linux | 9.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "A2740DD2-7F0C-47DE-9174-FD8BF0106D22", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", matchCriteriaId: "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", matchCriteriaId: "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", matchCriteriaId: "CFABFCE5-4F86-4AE8-9849-BC360AC72098", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", matchCriteriaId: "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", matchCriteriaId: "A7D073E9-E535-4B36-BEF2-8499536E37DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).", }, { lang: "es", value: "Vulnerabilidad desconocida en el kernel de Linux 2.6.x y 2.4.x permite que usuarios locales provoquen una denegación de servicio (\"stack fault exception\") mediante métodos desconocidos.", }, ], id: "CVE-2005-1767", lastModified: "2024-11-20T23:58:05.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-08-05T04:00:00.000", references: [ { source: "secalert@redhat.com", url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/17002", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18056", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18059", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/18977", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-921", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/14467", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/usn-187-1", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "secalert@redhat.com", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { source: "secalert@redhat.com", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/17002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/18977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-921", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.novell.com/linux/security/advisories/2005_44_kernel.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2005-663.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/usn-187-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/1878", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11101", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-11-13 11:30
Modified
2024-11-21 00:53
Severity ?
Summary
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 4.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 7.10 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| fedoraproject | fedora | 8 | |
| fedoraproject | fedora | 9 | |
| suse | linux_enterprise_debuginfo | 10 | |
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | - | |
| opensuse | opensuse | 10.2 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| suse | linux_enterprise_desktop | 10 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_software_development_kit | 10 | |
| suse | linux_enterprise_software_development_kit | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "151CBE7B-E10C-423C-9EE8-5A564FD7A168", versionEndExcluding: "2.0.0.18", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", matchCriteriaId: "63B71385-5551-4021-A899-C995B3EBA68F", versionEndExcluding: "3.0.4", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", matchCriteriaId: "D8CF8688-28E3-408B-9167-0C36DB2765FA", versionEndExcluding: "1.1.13", versionStartIncluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FF4559-33AE-4F51-A99D-810AD31545C5", versionEndExcluding: "2.0.0.18", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", matchCriteriaId: "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", matchCriteriaId: "823BF8BE-2309-4F67-A5E2-EAD98F723468", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", matchCriteriaId: "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", matchCriteriaId: "4747CC68-FAF4-482F-929A-9DA6C24CB663", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*", matchCriteriaId: "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*", matchCriteriaId: "743CBBB1-C140-4FEF-B40E-FAE4511B1140", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*", matchCriteriaId: "3E135846-8959-4D7E-A8E6-07F0EC15F010", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", matchCriteriaId: "C5C0C136-E406-4628-994A-682E8E729B50", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", matchCriteriaId: "24818450-FDA1-429A-AC17-68F44F584217", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:10:-:*:*:*:*:*:*", matchCriteriaId: "4C1B3637-1CDC-47FE-B19C-95FCEB833450", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "29184B59-5756-48DB-930C-69D5CD628548", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*", matchCriteriaId: "33EB57D5-DE8D-417C-8C00-AD331D61181C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*", matchCriteriaId: "D3BEE9CB-F0AF-44B1-B454-1AE2F04D7299", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.", }, { lang: "es", value: "nsFrameManager en Firefox v3.x antes de la v3.0.4, Firefox v2.x antes de la v2.0.0.18, Thunderbird 2.x antes de la v2.0.0.18, y SeaMonkey v1.x antes de la v1.1.13 permite a atacantes remotos producir una denegación de servicio (caída) y una posible ejecución de código a su elección modificación de las propiedades de un elemento de entrada de fichero mientras se inicia, cuando se esta utilizando el método blur para acceder a no ha sido inicializada.", }, ], id: "CVE-2008-5021", lastModified: "2024-11-21T00:53:05.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2008-11-13T11:30:01.377", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32684", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32693", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32694", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32695", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32713", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32714", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32715", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32721", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32778", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32798", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32845", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32853", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33433", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33434", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/34501", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-667-1", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32281", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1021186", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { source: "secalert@redhat.com", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32684", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32693", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32695", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32713", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32778", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32798", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/32853", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33433", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/33434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://secunia.com/advisories/34501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://ubuntu.com/usn/usn-667-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1671", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1696", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.debian.org/security/2009/dsa-1697", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.mozilla.org/security/announce/2008/mfsa2008-55.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0976.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0977.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.redhat.com/support/errata/RHSA-2008-0978.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32281", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1021186", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/3146", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0977", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.mozilla.org/show_bug.cgi?id=460002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9642", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-11-27 00:30
Modified
2024-11-21 00:52
Severity ?
Summary
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | linux_desktop | 9 | |
| novell | open_enterprise_server | - | |
| opensuse | opensuse | 10.2 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| suse | linux_enterprise_server | 8 | |
| suse | linux_enterprise_server | 9 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_desktop | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | suse_linux_enterprise_server | 10 | |
| suse | yast2-backup | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:novell:linux_desktop:9:*:*:*:*:*:*:*", matchCriteriaId: "5595E484-647C-4F85-94AB-5A4D55CD766B", vulnerable: false, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*", matchCriteriaId: "C5C0C136-E406-4628-994A-682E8E729B50", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", matchCriteriaId: "24818450-FDA1-429A-AC17-68F44F584217", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", matchCriteriaId: "C35B68DF-1440-4587-8458-9C5F4D1E43F3", vulnerable: false, }, { criteria: "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", matchCriteriaId: "1B42AB65-443B-4655-BAEA-4EB4A43D9509", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*", matchCriteriaId: "FA1E7EFF-1CCA-473B-8D5C-30D59C26DC70", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", matchCriteriaId: "4CD2D897-E321-4CED-92E0-11A98B52053C", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp1:*:*:*:*:*:*", matchCriteriaId: "44320836-E2DE-4A1C-9820-AFFA087FF7FB", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", matchCriteriaId: "14DF1463-F23F-465F-8A35-D550A7438CB6", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp1:*:*:*:*:*:*", matchCriteriaId: "15E235E9-EC31-4F3F-80F7-981C720FF353", vulnerable: false, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp2:*:*:*:*:*:*", matchCriteriaId: "02E6A767-B9A5-4054-BE70-286E0A464248", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:yast2-backup:*:*:*:*:*:*:*:*", matchCriteriaId: "4668731B-1AF7-48A2-A0BA-9A056E85A559", versionEndIncluding: "2.16.6", versionStartIncluding: "2.14.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.", }, { lang: "es", value: "yast2-backup de 2.14.2 a 2.16.6 en SUSE Linux y Novell Linux permite a usuarios locales obtener privilegios a través de metacaracteres de consola en nombres de archivos usados por el proceso de copia de respaldo.", }, ], id: "CVE-2008-4636", lastModified: "2024-11-21T00:52:09.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-11-27T00:30:00.280", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://osvdb.org/50284", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/32832", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32464", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://osvdb.org/50284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/32832", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/32464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/46879", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-01-23 15:59
Modified
2024-11-21 03:27
Severity ?
Summary
Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | open_enterprise_server | 2.0 | |
| novell | open_enterprise_server | 2015 | |
| novell | open_enterprise_server | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:open_enterprise_server:2.0:*:*:*:*:linux_kernel:*:*", matchCriteriaId: "82A92EAA-F64B-4DFE-8471-151ACE7A84EC", vulnerable: true, }, { criteria: "cpe:2.3:a:novell:open_enterprise_server:2015:*:*:*:*:linux_kernel:*:*", matchCriteriaId: "F7B0F432-2442-48D7-941C-EA5BF417D891", vulnerable: true, }, { criteria: "cpe:2.3:o:novell:open_enterprise_server:11.0:*:*:*:*:linux_kernel:*:*", matchCriteriaId: "2510A39F-B565-4060-8B20-3A3A9EB510A1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).", }, { lang: "es", value: "Remote Manager en Open Enterprise Server (OES) permite a atacantes remotos no autenticados leer cualquier archivo arbitrario, a través de una URL especialmente manipulada, que permite un salto de directorio completo y una divulgación total de información. Esta vulnerabilidad esta presente en todas las versiones de OES para linux, it applies to OES2015 SP1 en versiones anteriores a Maintenance Update 11080, OES2015 en versiones anteriores a Maintenance Update 11079, OES11 SP3 en versiones anteriores a Maintenance Update 11078, OES11 SP2 en versiones anteriores a Maintenance Update 11077).", }, ], id: "CVE-2017-5182", lastModified: "2024-11-21T03:27:13.067", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-23T15:59:00.137", references: [ { source: "security@opentext.com", url: "http://www.securityfocus.com/bid/95743", }, { source: "security@opentext.com", url: "http://www.securitytracker.com/id/1037689", }, { source: "security@opentext.com", url: "https://www.novell.com/support/kb/doc.php?id=7018503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/95743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037689", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.novell.com/support/kb/doc.php?id=7018503", }, ], sourceIdentifier: "security@opentext.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }