Vulnerabilites related to oracle - sparc-opl_service_processor
cve-2015-3238
Vulnerability from cvelistv5
Published
2015-08-24 14:00
Modified
2024-08-06 05:39
Severity ?
Summary
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T05:39:32.046Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "FEDORA-2015-10830",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html",
               },
               {
                  name: "RHSA-2015:1640",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html",
               },
               {
                  name: "[oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2015/06/25/13",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551",
               },
               {
                  name: "GLSA-201605-05",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201605-05",
               },
               {
                  name: "USN-2935-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2935-2",
               },
               {
                  name: "USN-2935-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2935-3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
               },
               {
                  name: "USN-2935-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2935-1",
               },
               {
                  name: "FEDORA-2015-10848",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html",
               },
               {
                  name: "75428",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/75428",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-06-25T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-01T15:57:02",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "FEDORA-2015-10830",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html",
            },
            {
               name: "RHSA-2015:1640",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html",
            },
            {
               name: "[oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2015/06/25/13",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551",
            },
            {
               name: "GLSA-201605-05",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201605-05",
            },
            {
               name: "USN-2935-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2935-2",
            },
            {
               name: "USN-2935-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2935-3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
            },
            {
               name: "USN-2935-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2935-1",
            },
            {
               name: "FEDORA-2015-10848",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html",
            },
            {
               name: "75428",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/75428",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2015-3238",
      datePublished: "2015-08-24T14:00:00",
      dateReserved: "2015-04-10T00:00:00",
      dateUpdated: "2024-08-06T05:39:32.046Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-4000
Vulnerability from cvelistv5
Published
2015-05-21 00:00
Modified
2024-08-06 06:04
Severity ?
Summary
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143880121627664&w=2vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1243.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.htmlvendor-advisory
http://www.securitytracker.com/id/1033208vdb-entry
http://www.securitytracker.com/id/1032637vdb-entry
http://marc.info/?l=bugtraq&m=144050121701297&w=2vendor-advisory
http://www.debian.org/security/2016/dsa-3688vendor-advisory
http://www.debian.org/security/2015/dsa-3287vendor-advisory
http://marc.info/?l=bugtraq&m=144493176821532&w=2vendor-advisory
http://www.securitytracker.com/id/1032865vdb-entry
http://marc.info/?l=bugtraq&m=143557934009303&w=2vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlvendor-advisory
http://www.securitytracker.com/id/1034728vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.htmlvendor-advisory
http://www.securitytracker.com/id/1032656vdb-entry
http://rhn.redhat.com/errata/RHSA-2016-2056.htmlvendor-advisory
http://openwall.com/lists/oss-security/2015/05/20/8mailing-list
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143628304012255&w=2vendor-advisory
http://marc.info/?l=bugtraq&m=144060576831314&w=2vendor-advisory
http://www.securitytracker.com/id/1032475vdb-entry
http://www.securitytracker.com/id/1032960vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.htmlvendor-advisory
http://www.securitytracker.com/id/1032653vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.htmlvendor-advisory
http://www.securitytracker.com/id/1033385vdb-entry
https://security.gentoo.org/glsa/201512-10vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1229.htmlvendor-advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.htmlvendor-advisory
http://www.securitytracker.com/id/1032864vdb-entry
http://www.securitytracker.com/id/1032910vdb-entry
http://www.securitytracker.com/id/1032645vdb-entry
http://www.ubuntu.com/usn/USN-2706-1vendor-advisory
https://security.gentoo.org/glsa/201701-46vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1526.htmlvendor-advisory
http://www.securitytracker.com/id/1033760vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1485.htmlvendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1197.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=144104533800819&w=2vendor-advisory
http://www.securitytracker.com/id/1032699vdb-entry
http://www.securitytracker.com/id/1032476vdb-entry
http://www.securitytracker.com/id/1032649vdb-entry
http://marc.info/?l=bugtraq&m=144043644216842&w=2vendor-advisory
http://marc.info/?l=bugtraq&m=143637549705650&w=2vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1544.htmlvendor-advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlvendor-advisory
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196vendor-advisory
http://www.securitytracker.com/id/1032688vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlvendor-advisory
http://www.securitytracker.com/id/1032652vdb-entry
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.htmlvendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1185.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143558092609708&w=2vendor-advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.htmlvendor-advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=144069189622016&w=2vendor-advisory
http://www.securitytracker.com/id/1032648vdb-entry
http://www.securitytracker.com/id/1032759vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1228.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=144060606031437&w=2vendor-advisory
http://www.debian.org/security/2015/dsa-3316vendor-advisory
http://www.securitytracker.com/id/1033209vdb-entry
http://www.securitytracker.com/id/1032871vdb-entry
http://www.debian.org/security/2015/dsa-3324vendor-advisory
http://www.securitytracker.com/id/1032655vdb-entry
http://www.securitytracker.com/id/1033210vdb-entry
http://marc.info/?l=bugtraq&m=144061542602287&w=2vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=145409266329539&w=2vendor-advisory
http://www.ubuntu.com/usn/USN-2673-1vendor-advisory
http://www.securitytracker.com/id/1034884vdb-entry
http://marc.info/?l=bugtraq&m=143506486712441&w=2vendor-advisory
https://security.gentoo.org/glsa/201603-11vendor-advisory
http://www.securitytracker.com/id/1033064vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.htmlvendor-advisory
http://www.securitytracker.com/id/1032778vdb-entry
http://www.securitytracker.com/id/1032474vdb-entry
http://marc.info/?l=bugtraq&m=144493176821532&w=2vendor-advisory
http://marc.info/?l=bugtraq&m=144102017024820&w=2vendor-advisory
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.htmlvendor-advisory
http://www.securitytracker.com/id/1032784vdb-entry
http://www.securitytracker.com/id/1032777vdb-entry
http://www.securitytracker.com/id/1033416vdb-entry
http://www.securitytracker.com/id/1033991vdb-entry
http://www.securitytracker.com/id/1032647vdb-entry
http://www.securitytracker.com/id/1032654vdb-entry
http://www.securitytracker.com/id/1033341vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1486.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.htmlvendor-advisory
http://www.securitytracker.com/id/1033433vdb-entry
http://www.ubuntu.com/usn/USN-2696-1vendor-advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlvendor-advisory
http://www.securitytracker.com/id/1032702vdb-entry
http://www.debian.org/security/2015/dsa-3339vendor-advisory
http://www.securitytracker.com/id/1032727vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1242.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.htmlvendor-advisory
https://security.gentoo.org/glsa/201506-02vendor-advisory
http://www.securityfocus.com/bid/91787vdb-entry
http://rhn.redhat.com/errata/RHSA-2016-1624.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlvendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1488.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.htmlvendor-advisory
http://www.securitytracker.com/id/1033430vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.htmlvendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1241.htmlvendor-advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143880121627664&w=2vendor-advisory
http://rhn.redhat.com/errata/RHSA-2015-1230.htmlvendor-advisory
http://www.securityfocus.com/bid/74733vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.htmlvendor-advisory
http://www.securitytracker.com/id/1032651vdb-entry
http://www.securitytracker.com/id/1033065vdb-entry
http://www.ubuntu.com/usn/USN-2656-1vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.htmlvendor-advisory
http://www.securitytracker.com/id/1033222vdb-entry
http://www.securitytracker.com/id/1036218vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143655800220052&w=2vendor-advisory
http://www.securitytracker.com/id/1040630vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlvendor-advisory
http://www.securitytracker.com/id/1034087vdb-entry
http://www.securitytracker.com/id/1033513vdb-entry
http://www.securitytracker.com/id/1032884vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1604.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.htmlvendor-advisory
http://www.securitytracker.com/id/1032932vdb-entry
http://www.securitytracker.com/id/1033891vdb-entry
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.htmlvendor-advisory
http://www.securitytracker.com/id/1032783vdb-entry
http://www.securitytracker.com/id/1032856vdb-entry
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.ascvendor-advisory
http://www.debian.org/security/2015/dsa-3300vendor-advisory
http://www.ubuntu.com/usn/USN-2656-2vendor-advisory
http://www.securitytracker.com/id/1033067vdb-entry
http://www.securitytracker.com/id/1033019vdb-entry
http://rhn.redhat.com/errata/RHSA-2015-1072.htmlvendor-advisory
http://www.securitytracker.com/id/1032650vdb-entry
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
https://www.oracle.com/security-alerts/cpujan2021.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
http://www-01.ibm.com/support/docview.wss?uid=swg21962739
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
http://support.apple.com/kb/HT204941
http://www-304.ibm.com/support/docview.wss?uid=swg21962816
http://www-01.ibm.com/support/docview.wss?uid=swg21959812
https://www-304.ibm.com/support/docview.wss?uid=swg21959745
https://weakdh.org/imperfect-forward-secrecy.pdf
http://www-304.ibm.com/support/docview.wss?uid=swg21959132
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
http://www-01.ibm.com/support/docview.wss?uid=swg21959539
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
http://www-01.ibm.com/support/docview.wss?uid=swg21959325
https://openssl.org/news/secadv/20150611.txt
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
http://www-304.ibm.com/support/docview.wss?uid=swg21967893
http://www-304.ibm.com/support/docview.wss?uid=swg21958984
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www-01.ibm.com/support/docview.wss?uid=swg21959517
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www-01.ibm.com/support/docview.wss?uid=swg21959195
http://www-01.ibm.com/support/docview.wss?uid=swg21961717
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
http://www-304.ibm.com/support/docview.wss?uid=swg21960194
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
http://www-01.ibm.com/support/docview.wss?uid=swg21959453
https://security.netapp.com/advisory/ntap-20150619-0001/
http://www-01.ibm.com/support/docview.wss?uid=swg21959111
http://www-304.ibm.com/support/docview.wss?uid=swg21960418
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
https://www.suse.com/security/cve/CVE-2015-4000.html
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
http://support.citrix.com/article/CTX201114
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
http://www-304.ibm.com/support/docview.wss?uid=swg21960380
http://support.apple.com/kb/HT204942
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
http://www-01.ibm.com/support/docview.wss?uid=swg21959530
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www-01.ibm.com/support/docview.wss?uid=swg21960191
http://www-01.ibm.com/support/docview.wss?uid=swg21959636
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://puppet.com/security/cve/CVE-2015-4000
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
https://support.citrix.com/article/CTX216642
https://weakdh.org/
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
http://www-01.ibm.com/support/docview.wss?uid=swg21959481
https://bto.bluecoat.com/security-advisory/sa98
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
http://www-01.ibm.com/support/docview.wss?uid=swg21962455
https://www.openssl.org/news/secadv_20150611.txt
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T06:04:02.725Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2015:1184",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
               },
               {
                  name: "SUSE-SU-2015:1177",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html",
               },
               {
                  name: "SSRT102180",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
               },
               {
                  name: "RHSA-2015:1243",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html",
               },
               {
                  name: "openSUSE-SU-2015:1229",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html",
               },
               {
                  name: "1033208",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033208",
               },
               {
                  name: "1032637",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032637",
               },
               {
                  name: "HPSBGN03404",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144050121701297&w=2",
               },
               {
                  name: "DSA-3688",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3688",
               },
               {
                  name: "DSA-3287",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3287",
               },
               {
                  name: "HPSBUX03512",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
               },
               {
                  name: "1032865",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032865",
               },
               {
                  name: "HPSBGN03351",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143557934009303&w=2",
               },
               {
                  name: "SUSE-SU-2015:1268",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html",
               },
               {
                  name: "SUSE-SU-2015:1150",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
               },
               {
                  name: "1034728",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034728",
               },
               {
                  name: "SUSE-SU-2015:1183",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
               },
               {
                  name: "1032656",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032656",
               },
               {
                  name: "RHSA-2016:2056",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
               },
               {
                  name: "[oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2015/05/20/8",
               },
               {
                  name: "openSUSE-SU-2015:1684",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
               },
               {
                  name: "HPSBGN03361",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143628304012255&w=2",
               },
               {
                  name: "HPSBGN03399",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2",
               },
               {
                  name: "1032475",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032475",
               },
               {
                  name: "1032960",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032960",
               },
               {
                  name: "openSUSE-SU-2016:0255",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html",
               },
               {
                  name: "1032653",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032653",
               },
               {
                  name: "SUSE-SU-2016:0224",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html",
               },
               {
                  name: "1033385",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033385",
               },
               {
                  name: "GLSA-201512-10",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201512-10",
               },
               {
                  name: "RHSA-2015:1229",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html",
               },
               {
                  name: "openSUSE-SU-2016:0483",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html",
               },
               {
                  name: "1032864",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032864",
               },
               {
                  name: "1032910",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032910",
               },
               {
                  name: "1032645",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032645",
               },
               {
                  name: "USN-2706-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2706-1",
               },
               {
                  name: "GLSA-201701-46",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201701-46",
               },
               {
                  name: "RHSA-2015:1526",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html",
               },
               {
                  name: "1033760",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033760",
               },
               {
                  name: "RHSA-2015:1485",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1485.html",
               },
               {
                  name: "RHSA-2015:1197",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
               },
               {
                  name: "HPSBMU03401",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2",
               },
               {
                  name: "1032699",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032699",
               },
               {
                  name: "1032476",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032476",
               },
               {
                  name: "1032649",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032649",
               },
               {
                  name: "HPSBMU03345",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2",
               },
               {
                  name: "HPSBUX03363",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143637549705650&w=2",
               },
               {
                  name: "RHSA-2015:1544",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1544.html",
               },
               {
                  name: "FEDORA-2015-9130",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html",
               },
               {
                  name: "SUSE-SU-2015:1182",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
               },
               {
                  name: "SSRT102112",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196",
               },
               {
                  name: "1032688",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032688",
               },
               {
                  name: "SUSE-SU-2015:1143",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
               },
               {
                  name: "1032652",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032652",
               },
               {
                  name: "FEDORA-2015-9048",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html",
               },
               {
                  name: "RHSA-2015:1185",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1185.html",
               },
               {
                  name: "HPSBGN03362",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143558092609708&w=2",
               },
               {
                  name: "APPLE-SA-2015-06-30-2",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
               },
               {
                  name: "openSUSE-SU-2015:1289",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html",
               },
               {
                  name: "FEDORA-2015-9161",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html",
               },
               {
                  name: "HPSBGN03402",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2",
               },
               {
                  name: "1032648",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032648",
               },
               {
                  name: "1032759",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032759",
               },
               {
                  name: "RHSA-2015:1228",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html",
               },
               {
                  name: "HPSBGN03405",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2",
               },
               {
                  name: "DSA-3316",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3316",
               },
               {
                  name: "1033209",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033209",
               },
               {
                  name: "1032871",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032871",
               },
               {
                  name: "DSA-3324",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3324",
               },
               {
                  name: "1032655",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032655",
               },
               {
                  name: "1033210",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033210",
               },
               {
                  name: "HPSBGN03411",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144061542602287&w=2",
               },
               {
                  name: "openSUSE-SU-2015:1277",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
               },
               {
                  name: "HPSBGN03533",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=145409266329539&w=2",
               },
               {
                  name: "USN-2673-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2673-1",
               },
               {
                  name: "1034884",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034884",
               },
               {
                  name: "HPSBMU03356",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143506486712441&w=2",
               },
               {
                  name: "GLSA-201603-11",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201603-11",
               },
               {
                  name: "1033064",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033064",
               },
               {
                  name: "SUSE-SU-2015:1181",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
               },
               {
                  name: "1032778",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032778",
               },
               {
                  name: "1032474",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032474",
               },
               {
                  name: "SSRT102254",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
               },
               {
                  name: "HPSBGN03407",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2",
               },
               {
                  name: "openSUSE-SU-2015:1209",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html",
               },
               {
                  name: "1032784",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032784",
               },
               {
                  name: "1032777",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032777",
               },
               {
                  name: "1033416",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033416",
               },
               {
                  name: "1033991",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033991",
               },
               {
                  name: "1032647",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032647",
               },
               {
                  name: "1032654",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032654",
               },
               {
                  name: "1033341",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033341",
               },
               {
                  name: "RHSA-2015:1486",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1486.html",
               },
               {
                  name: "SUSE-SU-2015:1663",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html",
               },
               {
                  name: "1033433",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033433",
               },
               {
                  name: "USN-2696-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2696-1",
               },
               {
                  name: "APPLE-SA-2015-06-30-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
               },
               {
                  name: "1032702",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032702",
               },
               {
                  name: "DSA-3339",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3339",
               },
               {
                  name: "1032727",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032727",
               },
               {
                  name: "RHSA-2015:1242",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html",
               },
               {
                  name: "SUSE-SU-2015:1269",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html",
               },
               {
                  name: "GLSA-201506-02",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201506-02",
               },
               {
                  name: "91787",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91787",
               },
               {
                  name: "RHSA-2016:1624",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html",
               },
               {
                  name: "openSUSE-SU-2015:1266",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html",
               },
               {
                  name: "RHSA-2015:1488",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1488.html",
               },
               {
                  name: "SUSE-SU-2015:1319",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html",
               },
               {
                  name: "SUSE-SU-2015:1320",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html",
               },
               {
                  name: "1033430",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033430",
               },
               {
                  name: "openSUSE-SU-2015:1288",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html",
               },
               {
                  name: "RHSA-2015:1241",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html",
               },
               {
                  name: "openSUSE-SU-2016:0478",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html",
               },
               {
                  name: "SUSE-SU-2015:1581",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html",
               },
               {
                  name: "HPSBUX03388",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
               },
               {
                  name: "RHSA-2015:1230",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html",
               },
               {
                  name: "74733",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/74733",
               },
               {
                  name: "openSUSE-SU-2016:0261",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html",
               },
               {
                  name: "1032651",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032651",
               },
               {
                  name: "1033065",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033065",
               },
               {
                  name: "USN-2656-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2656-1",
               },
               {
                  name: "SUSE-SU-2015:1185",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
               },
               {
                  name: "1033222",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033222",
               },
               {
                  name: "1036218",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036218",
               },
               {
                  name: "SUSE-SU-2015:1449",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html",
               },
               {
                  name: "HPSBGN03373",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143655800220052&w=2",
               },
               {
                  name: "1040630",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1040630",
               },
               {
                  name: "openSUSE-SU-2015:1139",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
               },
               {
                  name: "1034087",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034087",
               },
               {
                  name: "1033513",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033513",
               },
               {
                  name: "1032884",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032884",
               },
               {
                  name: "RHSA-2015:1604",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1604.html",
               },
               {
                  name: "SUSE-SU-2016:0262",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html",
               },
               {
                  name: "1032932",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032932",
               },
               {
                  name: "1033891",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033891",
               },
               {
                  name: "openSUSE-SU-2016:0226",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html",
               },
               {
                  name: "1032783",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032783",
               },
               {
                  name: "1032856",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032856",
               },
               {
                  name: "NetBSD-SA2015-008",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
               },
               {
                  name: "DSA-3300",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3300",
               },
               {
                  name: "USN-2656-2",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2656-2",
               },
               {
                  name: "1033067",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033067",
               },
               {
                  name: "1033019",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033019",
               },
               {
                  name: "RHSA-2015:1072",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1072.html",
               },
               {
                  name: "1032650",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032650",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962739",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT204941",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21962816",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959812",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www-304.ibm.com/support/docview.wss?uid=swg21959745",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://weakdh.org/imperfect-forward-secrecy.pdf",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21959132",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959539",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959325",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://openssl.org/news/secadv/20150611.txt",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21967893",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21958984",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959517",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959195",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21961717",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959453",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20150619-0001/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959111",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960418",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.suse.com/security/cve/CVE-2015-4000.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://support.citrix.com/article/CTX201114",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960380",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT204942",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959530",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21960191",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959636",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://puppet.com/security/cve/CVE-2015-4000",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.citrix.com/article/CTX216642",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://weakdh.org/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959481",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bto.bluecoat.com/security-advisory/sa98",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962455",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/news/secadv_20150611.txt",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-12-13T00:00:00",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2015:1184",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
            },
            {
               name: "SUSE-SU-2015:1177",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html",
            },
            {
               name: "SSRT102180",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
            },
            {
               name: "RHSA-2015:1243",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html",
            },
            {
               name: "openSUSE-SU-2015:1229",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html",
            },
            {
               name: "1033208",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033208",
            },
            {
               name: "1032637",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032637",
            },
            {
               name: "HPSBGN03404",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144050121701297&w=2",
            },
            {
               name: "DSA-3688",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2016/dsa-3688",
            },
            {
               name: "DSA-3287",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3287",
            },
            {
               name: "HPSBUX03512",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
            },
            {
               name: "1032865",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032865",
            },
            {
               name: "HPSBGN03351",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143557934009303&w=2",
            },
            {
               name: "SUSE-SU-2015:1268",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html",
            },
            {
               name: "SUSE-SU-2015:1150",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
            },
            {
               name: "1034728",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1034728",
            },
            {
               name: "SUSE-SU-2015:1183",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
            },
            {
               name: "1032656",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032656",
            },
            {
               name: "RHSA-2016:2056",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
            },
            {
               name: "[oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice",
               tags: [
                  "mailing-list",
               ],
               url: "http://openwall.com/lists/oss-security/2015/05/20/8",
            },
            {
               name: "openSUSE-SU-2015:1684",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
            },
            {
               name: "HPSBGN03361",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143628304012255&w=2",
            },
            {
               name: "HPSBGN03399",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2",
            },
            {
               name: "1032475",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032475",
            },
            {
               name: "1032960",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032960",
            },
            {
               name: "openSUSE-SU-2016:0255",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html",
            },
            {
               name: "1032653",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032653",
            },
            {
               name: "SUSE-SU-2016:0224",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html",
            },
            {
               name: "1033385",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033385",
            },
            {
               name: "GLSA-201512-10",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201512-10",
            },
            {
               name: "RHSA-2015:1229",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html",
            },
            {
               name: "openSUSE-SU-2016:0483",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html",
            },
            {
               name: "1032864",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032864",
            },
            {
               name: "1032910",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032910",
            },
            {
               name: "1032645",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032645",
            },
            {
               name: "USN-2706-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2706-1",
            },
            {
               name: "GLSA-201701-46",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201701-46",
            },
            {
               name: "RHSA-2015:1526",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html",
            },
            {
               name: "1033760",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033760",
            },
            {
               name: "RHSA-2015:1485",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1485.html",
            },
            {
               name: "RHSA-2015:1197",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
            },
            {
               name: "HPSBMU03401",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2",
            },
            {
               name: "1032699",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032699",
            },
            {
               name: "1032476",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032476",
            },
            {
               name: "1032649",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032649",
            },
            {
               name: "HPSBMU03345",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2",
            },
            {
               name: "HPSBUX03363",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143637549705650&w=2",
            },
            {
               name: "RHSA-2015:1544",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1544.html",
            },
            {
               name: "FEDORA-2015-9130",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html",
            },
            {
               name: "SUSE-SU-2015:1182",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
            },
            {
               name: "SSRT102112",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196",
            },
            {
               name: "1032688",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032688",
            },
            {
               name: "SUSE-SU-2015:1143",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
            },
            {
               name: "1032652",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032652",
            },
            {
               name: "FEDORA-2015-9048",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html",
            },
            {
               name: "RHSA-2015:1185",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1185.html",
            },
            {
               name: "HPSBGN03362",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143558092609708&w=2",
            },
            {
               name: "APPLE-SA-2015-06-30-2",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
            },
            {
               name: "openSUSE-SU-2015:1289",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html",
            },
            {
               name: "FEDORA-2015-9161",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html",
            },
            {
               name: "HPSBGN03402",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2",
            },
            {
               name: "1032648",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032648",
            },
            {
               name: "1032759",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032759",
            },
            {
               name: "RHSA-2015:1228",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html",
            },
            {
               name: "HPSBGN03405",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2",
            },
            {
               name: "DSA-3316",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3316",
            },
            {
               name: "1033209",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033209",
            },
            {
               name: "1032871",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032871",
            },
            {
               name: "DSA-3324",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3324",
            },
            {
               name: "1032655",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032655",
            },
            {
               name: "1033210",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033210",
            },
            {
               name: "HPSBGN03411",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144061542602287&w=2",
            },
            {
               name: "openSUSE-SU-2015:1277",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
            },
            {
               name: "HPSBGN03533",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=145409266329539&w=2",
            },
            {
               name: "USN-2673-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2673-1",
            },
            {
               name: "1034884",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1034884",
            },
            {
               name: "HPSBMU03356",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143506486712441&w=2",
            },
            {
               name: "GLSA-201603-11",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201603-11",
            },
            {
               name: "1033064",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033064",
            },
            {
               name: "SUSE-SU-2015:1181",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
            },
            {
               name: "1032778",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032778",
            },
            {
               name: "1032474",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032474",
            },
            {
               name: "SSRT102254",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
            },
            {
               name: "HPSBGN03407",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2",
            },
            {
               name: "openSUSE-SU-2015:1209",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html",
            },
            {
               name: "1032784",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032784",
            },
            {
               name: "1032777",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032777",
            },
            {
               name: "1033416",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033416",
            },
            {
               name: "1033991",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033991",
            },
            {
               name: "1032647",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032647",
            },
            {
               name: "1032654",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032654",
            },
            {
               name: "1033341",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033341",
            },
            {
               name: "RHSA-2015:1486",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1486.html",
            },
            {
               name: "SUSE-SU-2015:1663",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html",
            },
            {
               name: "1033433",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033433",
            },
            {
               name: "USN-2696-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2696-1",
            },
            {
               name: "APPLE-SA-2015-06-30-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
            },
            {
               name: "1032702",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032702",
            },
            {
               name: "DSA-3339",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3339",
            },
            {
               name: "1032727",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032727",
            },
            {
               name: "RHSA-2015:1242",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html",
            },
            {
               name: "SUSE-SU-2015:1269",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html",
            },
            {
               name: "GLSA-201506-02",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201506-02",
            },
            {
               name: "91787",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/91787",
            },
            {
               name: "RHSA-2016:1624",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html",
            },
            {
               name: "openSUSE-SU-2015:1266",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html",
            },
            {
               name: "RHSA-2015:1488",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1488.html",
            },
            {
               name: "SUSE-SU-2015:1319",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html",
            },
            {
               name: "SUSE-SU-2015:1320",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html",
            },
            {
               name: "1033430",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033430",
            },
            {
               name: "openSUSE-SU-2015:1288",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html",
            },
            {
               name: "RHSA-2015:1241",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html",
            },
            {
               name: "openSUSE-SU-2016:0478",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html",
            },
            {
               name: "SUSE-SU-2015:1581",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html",
            },
            {
               name: "HPSBUX03388",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
            },
            {
               name: "RHSA-2015:1230",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html",
            },
            {
               name: "74733",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/74733",
            },
            {
               name: "openSUSE-SU-2016:0261",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html",
            },
            {
               name: "1032651",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032651",
            },
            {
               name: "1033065",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033065",
            },
            {
               name: "USN-2656-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2656-1",
            },
            {
               name: "SUSE-SU-2015:1185",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
            },
            {
               name: "1033222",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033222",
            },
            {
               name: "1036218",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1036218",
            },
            {
               name: "SUSE-SU-2015:1449",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html",
            },
            {
               name: "HPSBGN03373",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143655800220052&w=2",
            },
            {
               name: "1040630",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1040630",
            },
            {
               name: "openSUSE-SU-2015:1139",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
            },
            {
               name: "1034087",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1034087",
            },
            {
               name: "1033513",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033513",
            },
            {
               name: "1032884",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032884",
            },
            {
               name: "RHSA-2015:1604",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1604.html",
            },
            {
               name: "SUSE-SU-2016:0262",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html",
            },
            {
               name: "1032932",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032932",
            },
            {
               name: "1033891",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033891",
            },
            {
               name: "openSUSE-SU-2016:0226",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html",
            },
            {
               name: "1032783",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032783",
            },
            {
               name: "1032856",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032856",
            },
            {
               name: "NetBSD-SA2015-008",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
            },
            {
               name: "DSA-3300",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3300",
            },
            {
               name: "USN-2656-2",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2656-2",
            },
            {
               name: "1033067",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033067",
            },
            {
               name: "1033019",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1033019",
            },
            {
               name: "RHSA-2015:1072",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1072.html",
            },
            {
               name: "1032650",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032650",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962739",
            },
            {
               url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
            },
            {
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
            },
            {
               url: "http://support.apple.com/kb/HT204941",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21962816",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959812",
            },
            {
               url: "https://www-304.ibm.com/support/docview.wss?uid=swg21959745",
            },
            {
               url: "https://weakdh.org/imperfect-forward-secrecy.pdf",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21959132",
            },
            {
               url: "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959539",
            },
            {
               url: "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959325",
            },
            {
               url: "https://openssl.org/news/secadv/20150611.txt",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
            },
            {
               url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778",
            },
            {
               url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21967893",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21958984",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959517",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959195",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21961717",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
            },
            {
               url: "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959453",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20150619-0001/",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959111",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960418",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
            },
            {
               url: "https://www.suse.com/security/cve/CVE-2015-4000.html",
            },
            {
               url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722",
            },
            {
               url: "http://support.citrix.com/article/CTX201114",
            },
            {
               url: "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery",
            },
            {
               url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960380",
            },
            {
               url: "http://support.apple.com/kb/HT204942",
            },
            {
               url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083",
            },
            {
               url: "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc",
            },
            {
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959530",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21960191",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959636",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
            },
            {
               url: "https://puppet.com/security/cve/CVE-2015-4000",
            },
            {
               url: "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html",
            },
            {
               url: "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
            },
            {
               url: "https://support.citrix.com/article/CTX216642",
            },
            {
               url: "https://weakdh.org/",
            },
            {
               url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959481",
            },
            {
               url: "https://bto.bluecoat.com/security-advisory/sa98",
            },
            {
               url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554",
            },
            {
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962455",
            },
            {
               url: "https://www.openssl.org/news/secadv_20150611.txt",
            },
            {
               url: "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2015-4000",
      datePublished: "2015-05-21T00:00:00",
      dateReserved: "2015-05-15T00:00:00",
      dateUpdated: "2024-08-06T06:04:02.725Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-1789
Vulnerability from cvelistv5
Published
2015-06-12 00:00
Modified
2024-08-06 04:54
Severity ?
Summary
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
References
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlvendor-advisory
http://marc.info/?l=bugtraq&m=143880121627664&w=2vendor-advisory
http://www.debian.org/security/2015/dsa-3287vendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlvendor-advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.htmlvendor-advisory
https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11
http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
http://marc.info/?l=bugtraq&m=144050155601375&w=2vendor-advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
https://openssl.org/news/secadv/20150611.txt
http://rhn.redhat.com/errata/RHSA-2015-1115.htmlvendor-advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://rhn.redhat.com/errata/RHSA-2015-1197.htmlvendor-advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlvendor-advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlvendor-advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.htmlvendor-advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.securitytracker.com/id/1032564vdb-entry
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.htmlvendor-advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-opensslvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.htmlvendor-advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.htmlvendor-advisory
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlvendor-advisory
http://www.ubuntu.com/usn/USN-2639-1vendor-advisory
http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
https://security.gentoo.org/glsa/201506-02vendor-advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securityfocus.com/bid/91787vdb-entry
http://marc.info/?l=bugtraq&m=143880121627664&w=2vendor-advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.htmlvendor-advisory
http://www.securityfocus.com/bid/75156vdb-entry
https://support.apple.com/kb/HT205031
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
https://support.citrix.com/article/CTX216642
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.htmlvendor-advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlvendor-advisory
https://bto.bluecoat.com/security-advisory/sa98
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.ascvendor-advisory
https://www.openssl.org/news/secadv_20150611.txt
http://marc.info/?l=bugtraq&m=143654156615516&w=2vendor-advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T04:54:16.129Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2015:1184",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
               },
               {
                  name: "SSRT102180",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
               },
               {
                  name: "DSA-3287",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3287",
               },
               {
                  name: "SUSE-SU-2015:1150",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
               },
               {
                  name: "SUSE-SU-2015:1183",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
               },
               {
                  name: "HPSBMU03409",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://openssl.org/news/secadv/20150611.txt",
               },
               {
                  name: "RHSA-2015:1115",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
               },
               {
                  name: "RHSA-2015:1197",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
               },
               {
                  name: "SUSE-SU-2015:1182",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
               },
               {
                  name: "SUSE-SU-2015:1143",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
               },
               {
                  name: "openSUSE-SU-2016:0640",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
               },
               {
                  name: "1032564",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032564",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
               },
               {
                  name: "FEDORA-2015-10108",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
               },
               {
                  name: "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
               },
               {
                  name: "openSUSE-SU-2015:1277",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
               },
               {
                  name: "SUSE-SU-2015:1181",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
               },
               {
                  name: "APPLE-SA-2015-08-13-2",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
               },
               {
                  name: "USN-2639-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2639-1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
               },
               {
                  name: "GLSA-201506-02",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201506-02",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
               },
               {
                  name: "91787",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91787",
               },
               {
                  name: "HPSBUX03388",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
               },
               {
                  name: "FEDORA-2015-10047",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
               },
               {
                  name: "75156",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/75156",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT205031",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.citrix.com/article/CTX216642",
               },
               {
                  name: "SUSE-SU-2015:1185",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
               },
               {
                  name: "openSUSE-SU-2015:1139",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bto.bluecoat.com/security-advisory/sa98",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
               },
               {
                  name: "NetBSD-SA2015-008",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/news/secadv_20150611.txt",
               },
               {
                  name: "HPSBGN03371",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=143654156615516&w=2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-06-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-12-13T00:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "SUSE-SU-2015:1184",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
            },
            {
               name: "SSRT102180",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
            },
            {
               name: "DSA-3287",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2015/dsa-3287",
            },
            {
               name: "SUSE-SU-2015:1150",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
            },
            {
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
            },
            {
               name: "SUSE-SU-2015:1183",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
            },
            {
               url: "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11",
            },
            {
               url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
            },
            {
               name: "HPSBMU03409",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
            },
            {
               url: "https://openssl.org/news/secadv/20150611.txt",
            },
            {
               name: "RHSA-2015:1115",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
            },
            {
               name: "RHSA-2015:1197",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
            },
            {
               name: "SUSE-SU-2015:1182",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
            },
            {
               name: "SUSE-SU-2015:1143",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
            },
            {
               name: "openSUSE-SU-2016:0640",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
            },
            {
               name: "1032564",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1032564",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
            },
            {
               url: "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
            },
            {
               name: "FEDORA-2015-10108",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
            },
            {
               name: "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
            },
            {
               name: "openSUSE-SU-2015:1277",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
            },
            {
               name: "SUSE-SU-2015:1181",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
            },
            {
               name: "APPLE-SA-2015-08-13-2",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
            },
            {
               name: "USN-2639-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2639-1",
            },
            {
               url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
            },
            {
               name: "GLSA-201506-02",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201506-02",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
            },
            {
               name: "91787",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/91787",
            },
            {
               name: "HPSBUX03388",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
            },
            {
               name: "FEDORA-2015-10047",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
            },
            {
               name: "75156",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/75156",
            },
            {
               url: "https://support.apple.com/kb/HT205031",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            },
            {
               url: "https://support.citrix.com/article/CTX216642",
            },
            {
               name: "SUSE-SU-2015:1185",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
            },
            {
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
            },
            {
               name: "openSUSE-SU-2015:1139",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
            },
            {
               url: "https://bto.bluecoat.com/security-advisory/sa98",
            },
            {
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
            },
            {
               name: "NetBSD-SA2015-008",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
            },
            {
               url: "https://www.openssl.org/news/secadv_20150611.txt",
            },
            {
               name: "HPSBGN03371",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://marc.info/?l=bugtraq&m=143654156615516&w=2",
            },
            {
               url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2015-1789",
      datePublished: "2015-06-12T00:00:00",
      dateReserved: "2015-02-17T00:00:00",
      dateUpdated: "2024-08-06T04:54:16.129Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2015-05-21 00:59
Modified
2025-04-12 10:46
Summary
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
cve@mitre.orghttp://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.ascThird Party Advisory
cve@mitre.orghttp://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgeryThird Party Advisory
cve@mitre.orghttp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.ascMailing List, Third Party Advisory
cve@mitre.orghttp://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402Third Party Advisory
cve@mitre.orghttp://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778Third Party Advisory
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681Third Party Advisory
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727Third Party Advisory
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2015-07/msg00016.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2015-10/msg00011.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2016-02/msg00094.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2016-02/msg00097.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143506486712441&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143557934009303&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143558092609708&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143628304012255&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143637549705650&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143655800220052&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143880121627664&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=143880121627664&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144043644216842&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144050121701297&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144060576831314&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144060606031437&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144061542602287&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144069189622016&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144102017024820&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144104533800819&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144493176821532&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=144493176821532&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://marc.info/?l=bugtraq&m=145409266329539&w=2Mailing List, Third Party Advisory
cve@mitre.orghttp://openwall.com/lists/oss-security/2015/05/20/8Mailing List, Third Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1072.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1185.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1197.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1228.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1229.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1230.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1241.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1242.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1243.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1485.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1486.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1488.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1526.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1544.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2015-1604.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2016-1624.htmlThird Party Advisory
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2016-2056.htmlThird Party Advisory
cve@mitre.orghttp://support.apple.com/kb/HT204941Third Party Advisory
cve@mitre.orghttp://support.apple.com/kb/HT204942Third Party Advisory
cve@mitre.orghttp://support.citrix.com/article/CTX201114Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959111Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959195Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959325Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959453Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959481Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959517Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959530Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959539Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959636Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21959812Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21960191Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21961717Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21962455Third Party Advisory
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21962739Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21958984Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21959132Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21960041Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21960194Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21960380Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21960418Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21962816Third Party Advisory
cve@mitre.orghttp://www-304.ibm.com/support/docview.wss?uid=swg21967893Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3287Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3300Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3316Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3324Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2015/dsa-3339Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2016/dsa-3688Third Party Advisory
cve@mitre.orghttp://www.fortiguard.com/advisory/2015-05-20-logjam-attackThird Party Advisory
cve@mitre.orghttp://www.mozilla.org/security/announce/2015/mfsa2015-70.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlThird Party Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/74733Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032474Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032475Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032476Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032637Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032645Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032647Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032648Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032649Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032650Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032651Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032652Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032653Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032654Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032655Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032656Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032688Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032699Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032702Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032727Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032759Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032777Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032778Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032783Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032784Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032856Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032864Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032865Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032871Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032884Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032910Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032932Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1032960Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033019Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033064Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033065Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033067Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033208Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033209Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033210Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033222Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033341Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033385Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033416Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033430Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033433Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033513Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033760Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033891Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1033991Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1034087Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1034728Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1034884Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1036218Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1040630Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htmThird Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2656-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2656-2Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2673-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2696-1Third Party Advisory
cve@mitre.orghttp://www.ubuntu.com/usn/USN-2706-1Third Party Advisory
cve@mitre.orghttps://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/Third Party Advisory
cve@mitre.orghttps://bto.bluecoat.com/security-advisory/sa98Third Party Advisory
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=1138554Issue Tracking, Third Party Advisory
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfThird Party Advisory
cve@mitre.orghttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notesThird Party Advisory
cve@mitre.orghttps://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929Third Party Advisory
cve@mitre.orghttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789Third Party Advisory
cve@mitre.orghttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527Third Party Advisory
cve@mitre.orghttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655Third Party Advisory
cve@mitre.orghttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763Third Party Advisory
cve@mitre.orghttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722Third Party Advisory
cve@mitre.orghttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083Third Party Advisory
cve@mitre.orghttps://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesThird Party Advisory
cve@mitre.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10122Third Party Advisory
cve@mitre.orghttps://openssl.org/news/secadv/20150611.txtVendor Advisory
cve@mitre.orghttps://puppet.com/security/cve/CVE-2015-4000Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201506-02Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201512-10Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201603-11Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201701-46Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20150619-0001/Third Party Advisory
cve@mitre.orghttps://support.citrix.com/article/CTX216642Third Party Advisory
cve@mitre.orghttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_usThird Party Advisory
cve@mitre.orghttps://weakdh.org/Third Party Advisory
cve@mitre.orghttps://weakdh.org/imperfect-forward-secrecy.pdfThird Party Advisory
cve@mitre.orghttps://www-304.ibm.com/support/docview.wss?uid=swg21959745Third Party Advisory
cve@mitre.orghttps://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403Third Party Advisory
cve@mitre.orghttps://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/Vendor Advisory
cve@mitre.orghttps://www.openssl.org/news/secadv_20150611.txtVendor Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
cve@mitre.orghttps://www.suse.com/security/cve/CVE-2015-4000.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgeryThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.ascMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143506486712441&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143557934009303&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143558092609708&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143628304012255&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143637549705650&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143655800220052&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143880121627664&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143880121627664&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144043644216842&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144050121701297&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144060576831314&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144060606031437&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144061542602287&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144069189622016&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144102017024820&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144104533800819&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144493176821532&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144493176821532&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=145409266329539&w=2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2015/05/20/8Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1072.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1185.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1197.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1228.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1229.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1230.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1241.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1242.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1243.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1485.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1486.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1488.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1526.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1544.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1604.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1624.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2056.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT204941Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT204942Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX201114Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959111Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959195Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959325Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959453Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959481Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959517Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959530Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959539Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959636Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959812Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21960191Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21961717Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21962455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21962739Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21958984Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21959132Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21960041Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21960194Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21960380Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21960418Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21962816Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-304.ibm.com/support/docview.wss?uid=swg21967893Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3287Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3300Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3316Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3324Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3339Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3688Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.fortiguard.com/advisory/2015-05-20-logjam-attackThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2015/mfsa2015-70.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/74733Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032474Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032475Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032476Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032637Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032645Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032647Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032648Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032649Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032650Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032651Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032652Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032653Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032654Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032655Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032656Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032688Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032699Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032702Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032727Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032759Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032777Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032778Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032783Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032784Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032856Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032864Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032865Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032871Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032884Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032910Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032932Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032960Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033019Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033064Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033065Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033067Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033208Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033209Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033210Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033222Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033341Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033385Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033416Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033430Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033433Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033513Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033760Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033891Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033991Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034087Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034728Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034884Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036218Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040630Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htmThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2656-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2656-2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2673-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2696-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2706-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa98Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1138554Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notesThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+FixesThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10122Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://openssl.org/news/secadv/20150611.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://puppet.com/security/cve/CVE-2015-4000Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201506-02Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201512-10Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201603-11Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201701-46Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20150619-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX216642Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_usThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://weakdh.org/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://weakdh.org/imperfect-forward-secrecy.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www-304.ibm.com/support/docview.wss?uid=swg21959745Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20150611.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.suse.com/security/cve/CVE-2015-4000.htmlThird Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F16DD0-B15A-4B29-B68A-D6ABA0BF9623",
                     versionEndIncluding: "1.0.1m",
                     versionStartIncluding: "1.0.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "86B99FE0-EFEF-4C34-9790-A14504D701C5",
                     versionEndIncluding: "1.0.2a",
                     versionStartIncluding: "1.0.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "49A63F39-30BE-443F-AF10-6245587D3359",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4D0AB50-9195-4B1B-BB76-00F0A34C9389",
                     versionEndIncluding: "1.0.1m",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
                     matchCriteriaId: "B64BBA96-FB3C-46AC-9A29-50EE02714FE9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*",
                     matchCriteriaId: "EB672C2E-8ABF-40CD-97DA-28D939DE4C63",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "228C7B8D-18EE-444A-8067-6C222844FB8C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
                     matchCriteriaId: "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
                     matchCriteriaId: "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
                     matchCriteriaId: "18FB6138-2B3D-4C4B-8647-3D1646165641",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
                     matchCriteriaId: "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
                     matchCriteriaId: "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
                     matchCriteriaId: "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
                     matchCriteriaId: "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
                     matchCriteriaId: "17B87292-EDBB-4D5A-8874-7405F040FAA6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
                     matchCriteriaId: "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
                     matchCriteriaId: "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
                     matchCriteriaId: "D5BAC17C-EF31-4E94-9020-47B781AD94B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
                     versionEndIncluding: "8.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "68566BD8-D5DD-4747-9C9A-59154400EBFA",
                     versionEndIncluding: "10.10.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6809678-475F-4703-BC9E-31EC8CAD3A24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
                     versionEndIncluding: "1121",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFDA34B4-65B4-41A5-AC22-667C8D8FF4B7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39B565E1-C2F1-44FC-A517-E3130332B17C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C37BA825-679F-4257-9F2B-CE2318B75396",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97D4FFCF-5309-43B6-9FD5-680C6D535A7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4545786D-3129-4D92-B218-F4A92428ED48",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B692B58-6FB8-455F-86C0-35E0F216A736",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA389FFB-2289-4BFB-90A1-0E7EC42FFCEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA79F816-D26E-4A0D-8CD8-994EBB42C822",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C87BCC3-0315-4B3C-BFCD-1E218B475251",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C00748D-ECFC-4ACA-964B-92330FE7B0EE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E50128DD-9997-49E6-A47E-6A0B7959B3AA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.",
      },
      {
         lang: "es",
         value: "El protocolo TLS 1.2 y anteriores, cuando una suite de cifrado DHE_EXPORT está habilitada en un servidor pero no en un cliente, no transporta una elección DHE_EXPORT, lo que permite a atacantes man-in-the-middle realizar ataques de degradación del cifrado mediante la rescritura de un ClientHello con DHE remplazado por DHE_EXPORT y posteriormente la rescritura de un ServerHello con DHE_EXPORT remplazado por DHE, también conocido como el problema 'Logjam'.",
      },
   ],
   id: "CVE-2015-4000",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 3.7,
               baseSeverity: "LOW",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2015-05-21T00:59:00.087",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143506486712441&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143557934009303&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143558092609708&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143628304012255&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143637549705650&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143655800220052&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144050121701297&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144061542602287&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=145409266329539&w=2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://openwall.com/lists/oss-security/2015/05/20/8",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1072.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1185.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1485.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1486.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1488.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1544.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1604.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT204941",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT204942",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.citrix.com/article/CTX201114",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959111",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959195",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959325",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959453",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959481",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959517",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959530",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959539",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959636",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959812",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21960191",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21961717",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962455",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962739",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21958984",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21959132",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960380",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960418",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21962816",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21967893",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3287",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3300",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3316",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3324",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3339",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3688",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/74733",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/91787",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032474",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032475",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032476",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032637",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032645",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032647",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032648",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032649",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032650",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032651",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032652",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032653",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032654",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032655",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032656",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032688",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032699",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032702",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032727",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032759",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032777",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032778",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032783",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032784",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032856",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032864",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032865",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032871",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032884",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032910",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032932",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032960",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033019",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033064",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033065",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033067",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033208",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033209",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033210",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033222",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033341",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033385",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033416",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033430",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033433",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033513",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033760",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033891",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033991",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034087",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034728",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034884",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1036218",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040630",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2656-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2656-2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2673-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2696-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2706-1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://bto.bluecoat.com/security-advisory/sa98",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://openssl.org/news/secadv/20150611.txt",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://puppet.com/security/cve/CVE-2015-4000",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201506-02",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201512-10",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201603-11",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201701-46",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20150619-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.citrix.com/article/CTX216642",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://weakdh.org/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://weakdh.org/imperfect-forward-secrecy.pdf",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www-304.ibm.com/support/docview.wss?uid=swg21959745",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv_20150611.txt",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.suse.com/security/cve/CVE-2015-4000.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143506486712441&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143557934009303&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143558092609708&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143628304012255&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143637549705650&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143655800220052&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144043644216842&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144050121701297&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144060576831314&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144060606031437&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144061542602287&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144069189622016&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144102017024820&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144104533800819&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=144493176821532&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://marc.info/?l=bugtraq&m=145409266329539&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://openwall.com/lists/oss-security/2015/05/20/8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1072.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1185.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1228.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1229.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1230.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1241.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1242.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1243.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1485.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1486.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1488.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1526.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1544.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1604.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2016-1624.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT204941",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.apple.com/kb/HT204942",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://support.citrix.com/article/CTX201114",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959111",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959195",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959325",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959453",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959481",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959517",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959530",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959539",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959636",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21959812",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21960191",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21961717",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21962739",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21958984",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21959132",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960380",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21960418",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21962816",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www-304.ibm.com/support/docview.wss?uid=swg21967893",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3287",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3300",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3316",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3324",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2015/dsa-3339",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3688",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/74733",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/91787",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032474",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032475",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032476",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032637",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032645",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032647",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032648",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032649",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032650",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032651",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032652",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032653",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032654",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032655",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032656",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032688",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032699",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032702",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032727",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032759",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032777",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032778",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032783",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032784",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032856",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032864",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032865",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032871",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032884",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032910",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032932",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032960",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033019",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033064",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033065",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033067",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033208",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033209",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033210",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033222",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033341",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033385",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033416",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033430",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033433",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033513",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033760",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033891",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033991",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034087",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034728",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034884",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1036218",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040630",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2656-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2656-2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2673-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2696-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.ubuntu.com/usn/USN-2706-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://bto.bluecoat.com/security-advisory/sa98",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://openssl.org/news/secadv/20150611.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://puppet.com/security/cve/CVE-2015-4000",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201506-02",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201512-10",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201603-11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201701-46",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20150619-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.citrix.com/article/CTX216642",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://weakdh.org/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://weakdh.org/imperfect-forward-secrecy.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www-304.ibm.com/support/docview.wss?uid=swg21959745",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv_20150611.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.suse.com/security/cve/CVE-2015-4000.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-310",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-06-12 19:59
Modified
2025-04-12 10:46
Summary
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.
References
secalert@redhat.comhttp://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
secalert@redhat.comhttp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143654156615516&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143880121627664&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143880121627664&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=144050155601375&w=2
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1115.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1197.html
secalert@redhat.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
secalert@redhat.comhttp://www.debian.org/security/2015/dsa-3287
secalert@redhat.comhttp://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
secalert@redhat.comhttp://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
secalert@redhat.comhttp://www.securityfocus.com/bid/75156
secalert@redhat.comhttp://www.securityfocus.com/bid/91787
secalert@redhat.comhttp://www.securitytracker.com/id/1032564
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2639-1
secalert@redhat.comhttps://bto.bluecoat.com/security-advisory/sa98
secalert@redhat.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
secalert@redhat.comhttps://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
secalert@redhat.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10122
secalert@redhat.comhttps://openssl.org/news/secadv/20150611.txt
secalert@redhat.comhttps://security.gentoo.org/glsa/201506-02
secalert@redhat.comhttps://support.apple.com/kb/HT205031
secalert@redhat.comhttps://support.citrix.com/article/CTX216642
secalert@redhat.comhttps://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11
secalert@redhat.comhttps://www.openssl.org/news/secadv_20150611.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
af854a3a-2127-422b-91ae-364da2661108http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143654156615516&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143880121627664&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143880121627664&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144050155601375&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1115.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1197.html
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3287
af854a3a-2127-422b-91ae-364da2661108http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
af854a3a-2127-422b-91ae-364da2661108http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75156
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91787
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032564
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2639-1
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa98
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10122
af854a3a-2127-422b-91ae-364da2661108https://openssl.org/news/secadv/20150611.txt
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201506-02
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT205031
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX216642
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20150611.txtVendor Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F73A6A3-0F0C-461D-AA7A-940A9DBBFE92",
                     versionEndIncluding: "0.9.8zf",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
                     matchCriteriaId: "3A2075BD-6102-4B0F-839A-836E9585F43B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
                     matchCriteriaId: "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
                     matchCriteriaId: "F02E634E-1E3D-4E44-BADA-76F92483A732",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
                     matchCriteriaId: "FCC2B07A-49EF-411F-8A4D-89435E22B043",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
                     matchCriteriaId: "7E9480D6-3B6A-4C41-B8C1-C3F945040772",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
                     matchCriteriaId: "10FF0A06-DA61-4250-B083-67E55E362677",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A6BA453-C150-4159-B80B-5465EFF83F11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
                     matchCriteriaId: "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
                     matchCriteriaId: "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
                     matchCriteriaId: "08355B10-E004-4BE6-A5AE-4D428810580B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
                     matchCriteriaId: "738BCFDC-1C49-4774-95AE-E099F707DEF9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
                     matchCriteriaId: "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
                     matchCriteriaId: "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
                     matchCriteriaId: "132B9217-B0E0-4E3E-9096-162AA28E158E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
                     matchCriteriaId: "7619F9A0-9054-4217-93D1-3EA64876C5B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D82C405-17E2-4DF1-8DF5-315BD5A41595",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C96806F-4718-4BD3-9102-55A26AA86498",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A16CD99-AF7F-4931-AD2E-77727BA18FBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*",
                     matchCriteriaId: "88440697-754A-47A7-BF83-4D0EB68FFB10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD51F0FC-F426-4AE5-B3B9-B813C580EBAE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*",
                     matchCriteriaId: "38721148-F24A-4339-8282-BC2DD9553512",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*",
                     matchCriteriaId: "21F16D65-8A46-4AC7-8970-73AB700035FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*",
                     matchCriteriaId: "92F393FF-7E6F-4671-BFBF-060162E12659",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*",
                     matchCriteriaId: "E1B85A09-CF8D-409D-966E-168F9959F6F6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
                     matchCriteriaId: "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
                     matchCriteriaId: "A74A79A7-4FAF-4C81-8622-050008B96AE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
                     matchCriteriaId: "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
                     matchCriteriaId: "E884B241-F9C3-44F8-A420-DE65F5F3D660",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F0C6812-F455-49CF-B29B-9AC00306DA43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
                     matchCriteriaId: "3703E445-17C0-4C85-A496-A35641C0C8DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
                     matchCriteriaId: "ABEC1927-F469-4B9E-B544-DA6CF90F0B34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE2188F9-FAF8-4A0C-BB49-E95BDBC119BF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*",
                     matchCriteriaId: "18797BEE-417D-4959-9AAD-C5A7C051B524",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*",
                     matchCriteriaId: "60F946FD-F564-49DA-B043-5943308BA9EE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
                     versionEndIncluding: "1121",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback.",
      },
      {
         lang: "es",
         value: "La función X509_cmp_time en crypto/x509/x509_vfy.c en OpenSSL anterior a 0.9.8zg, 1.0.0 anterior a 1.0.0s, 1.0.1 anterior a 1.0.1n, y 1.0.2 anterior a 1.0.2b permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de un campo de longitud manipulado en datos ASN1_TIME, tal y como fue demostrado mediante un ataque sobre un servidor que soporta la autenticación de clientes con una rellamada de verificación personalizada.",
      },
   ],
   id: "CVE-2015-1789",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2015-06-12T19:59:02.507",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
      },
      {
         source: "secalert@redhat.com",
         url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
      },
      {
         source: "secalert@redhat.com",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
      },
      {
         source: "secalert@redhat.com",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://marc.info/?l=bugtraq&m=143654156615516&w=2",
      },
      {
         source: "secalert@redhat.com",
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "secalert@redhat.com",
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "secalert@redhat.com",
         url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
      },
      {
         source: "secalert@redhat.com",
         url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.debian.org/security/2015/dsa-3287",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securityfocus.com/bid/75156",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securityfocus.com/bid/91787",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securitytracker.com/id/1032564",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.ubuntu.com/usn/USN-2639-1",
      },
      {
         source: "secalert@redhat.com",
         url: "https://bto.bluecoat.com/security-advisory/sa98",
      },
      {
         source: "secalert@redhat.com",
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
      },
      {
         source: "secalert@redhat.com",
         url: "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
      },
      {
         source: "secalert@redhat.com",
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
      },
      {
         source: "secalert@redhat.com",
         url: "https://openssl.org/news/secadv/20150611.txt",
      },
      {
         source: "secalert@redhat.com",
         url: "https://security.gentoo.org/glsa/201506-02",
      },
      {
         source: "secalert@redhat.com",
         url: "https://support.apple.com/kb/HT205031",
      },
      {
         source: "secalert@redhat.com",
         url: "https://support.citrix.com/article/CTX216642",
      },
      {
         source: "secalert@redhat.com",
         url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv_20150611.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://marc.info/?l=bugtraq&m=143654156615516&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.debian.org/security/2015/dsa-3287",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/75156",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/91787",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1032564",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-2639-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bto.bluecoat.com/security-advisory/sa98",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://github.com/openssl/openssl/commit/f48b83b4fb7d6689584cf25f61ca63a4891f5b11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://openssl.org/news/secadv/20150611.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.gentoo.org/glsa/201506-02",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.apple.com/kb/HT205031",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.citrix.com/article/CTX216642",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv_20150611.txt",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-08-24 14:59
Modified
2025-04-12 10:46
Summary
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-1640.htmlVendor Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2015/06/25/13
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
secalert@redhat.comhttp://www.securityfocus.com/bid/75428
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2935-1
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2935-2
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2935-3
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1228571
secalert@redhat.comhttps://security.gentoo.org/glsa/201605-05
secalert@redhat.comhttps://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551Exploit
secalert@redhat.comhttps://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/Exploit
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-1640.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/06/25/13
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75428
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2935-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2935-2
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2935-3
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1228571
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201605-05
af854a3a-2127-422b-91ae-364da2661108https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551Exploit
af854a3a-2127-422b-91ae-364da2661108https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/Exploit
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "97736CA5-0370-4CA9-B5D4-E157B3E699F5",
                     versionEndIncluding: "1.1.8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
                     versionEndIncluding: "1121",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad en la función _unix_run_helper_binary en el módulo pam_unix en Linux-PAM (también conocido como pam) en versiones anteriores a 1.2.1, cuando no es posible acceder directamente a las contraseñas, permite a usuarios locales enumerar los nombres de usuario o causar una denegación de servicio (colgado) a través de una contraseña larga.",
      },
   ],
   id: "CVE-2015-3238",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 2.5,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2015-08-24T14:59:04.010",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.openwall.com/lists/oss-security/2015/06/25/13",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securityfocus.com/bid/75428",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.ubuntu.com/usn/USN-2935-1",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.ubuntu.com/usn/USN-2935-2",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.ubuntu.com/usn/USN-2935-3",
      },
      {
         source: "secalert@redhat.com",
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571",
      },
      {
         source: "secalert@redhat.com",
         url: "https://security.gentoo.org/glsa/201605-05",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
         ],
         url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
         ],
         url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.openwall.com/lists/oss-security/2015/06/25/13",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/75428",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-2935-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-2935-2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-2935-3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.gentoo.org/glsa/201605-05",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
         ],
         url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
         ],
         url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-200",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}