Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
283 vulnerabilities by FUJITSU
JVNDB-2026-000036
Vulnerability from jvndb - Published: 2026-03-09 14:57 - Updated:2026-03-09 16:23
Severity
Summary
Improper file access permission settings in multiple Digital Arts products
Details
Multiple products provided by Digital Arts Inc. contains the following vulnerability.
- Incorrect default permissions (CWE-276) - CVE-2026-28267
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000036.html",
"dc:date": "2026-03-09T16:23+09:00",
"dcterms:issued": "2026-03-09T14:57+09:00",
"dcterms:modified": "2026-03-09T16:23+09:00",
"description": "Multiple products provided by Digital Arts Inc. contains the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/276.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eIncorrect default permissions (CWE-276) - CVE-2026-28267\u003c/li\u003e\u003c/ul\u003eKazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000036.html",
"sec:cpe": [
{
"#text": "cpe:/a:daj:digitalarts%40cloud_agent",
"@product": "DigitalArts@Cloud Agent",
"@vendor": "Digital Arts Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:daj:i-filter_browser_%26_cloud_multiagent",
"@product": "i-FILTER Browser \u0026 Cloud MultiAgent for Windows",
"@vendor": "Digital Arts Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:daj:i-filter_installer",
"@product": "i-filter",
"@vendor": "Digital Arts Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fujitsu:i-filter_browser%26cloud_multiagent_for_windows",
"@product": "i-FILTER Browser \u0026 Cloud MultiAgent for Windows",
"@vendor": "FUJITSU",
"@version": "2.2"
},
{
"#text": "cpe:/a:misc:inventit",
"@product": "MobiConnect i-FILTER Browser Option",
"@vendor": "Inventit Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:optim:optimal_biz_web_filtering_powered_by_i-filter_windows",
"@product": "Optimal Biz Web Filtering Powered by i-FILTER (Windows version)",
"@vendor": "OPTiM Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-000036",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN17307628/index.html",
"@id": "JVN#17307628",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-28267",
"@id": "CVE-2026-28267",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Improper file access permission settings in multiple Digital Arts products"
}
JVNDB-2026-005259
Vulnerability from jvndb - Published: 2026-03-02 11:46 - Updated:2026-03-02 11:46
Severity
Summary
Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys)
Details
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-005259.html",
"dc:date": "2026-03-02T11:46+09:00",
"dcterms:issued": "2026-03-02T11:46+09:00",
"dcterms:modified": "2026-03-02T11:46+09:00",
"description": "Fujitsu BIOS Driver (fbiosdrv.sys) provided by Fujitsu Limited contains the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/787.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://www.cve.org/CVERecord?id=CVE-2025-65001\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eOut-of-bounds Write (CWE-787) - CVE-2025-65001\u003c/li\u003e\u003c/ul\u003eFujitsu Limited reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-005259.html",
"sec:cpe": {
"#text": "cpe:/h:fujitsu:fbiosdrv.sys",
"@product": "Fujitsu BIOS Driver (fbiosdrv.sys)",
"@vendor": "FUJITSU",
"@version": "2.2"
},
"sec:cvss": {
"@score": "8.2",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-005259",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU96854657/index.html",
"@id": "JVNVU#96854657",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-65001",
"@id": "CVE-2025-65001",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/787.html",
"@id": "CWE-787",
"@title": "Out-of-bounds Write(CWE-787)"
}
],
"title": "Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys)"
}
CVE-2025-65001 (GCVE-0-2025-65001)
Vulnerability from nvd – Published: 2025-11-12 00:00 – Updated: 2026-02-25 05:24
VLAI
Summary
Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fujitsu | fbiosdrv.sys |
Affected:
0 , < 2.5.0.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:49:21.946419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:50:02.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-02-25T05:24:11.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://ydinkin.substack.com/p/200-kernel-bugs-in-30-days"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "fbiosdrv.sys",
"vendor": "Fujitsu",
"versions": [
{
"lessThan": "2.5.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T17:45:19.044Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-FCCL-2025-072319-Security-Notice.pdf"
},
{
"url": "https://hexaplex.ai"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65001",
"datePublished": "2025-11-12T00:00:00.000Z",
"dateReserved": "2025-11-12T00:00:00.000Z",
"dateUpdated": "2026-02-25T05:24:11.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-65002 (GCVE-0-2025-65002)
Vulnerability from nvd – Published: 2025-11-12 00:00 – Updated: 2025-11-18 14:32
VLAI
Summary
Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fujitsu / Fsas Technologies | iRMC |
Affected:
S6 on M5 , < 1.37S
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:50:28.005054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T14:32:28.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iRMC",
"vendor": "Fujitsu / Fsas Technologies",
"versions": [
{
"lessThan": "1.37S",
"status": "affected",
"version": "S6 on M5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T13:26:05.547Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-ISS-2025-082610-Security-Notice.pdf"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65002",
"datePublished": "2025-11-12T00:00:00.000Z",
"dateReserved": "2025-11-12T00:00:00.000Z",
"dateUpdated": "2025-11-18T14:32:28.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8105 (GCVE-0-2024-8105)
Vulnerability from nvd – Published: 2024-08-26 19:15 – Updated: 2025-08-25 21:48
VLAI
Title
Insecure Platform Key (PK) used in UEFI system firmware signature
Summary
A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.
Severity
6.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://uefi.org/specs/UEFI/2.9_A/32_Secure_Boot_… | producttechnical-description |
| https://www.binarly.io/advisories/brly-2024-005 | technical-description |
| https://kb.cert.org/vuls/id/455367 | third-party-advisory |
| https://github.com/binarly-io/Vulnerability-REsea… | technical-descriptionsignature |
| https://www.supermicro.com/en/support/security_PK… | vendor-advisory |
| https://www.intel.com/content/www/us/en/security-… | vendor-advisory |
| https://security.ts.fujitsu.com/ProductSecurity/c… | vendor-advisory |
| https://www.gigabyte.com/us/Support/Security/2205 | vendor-advisory |
| https://www.kb.cert.org/vuls/id/455367 |
Impacted products
743 products
| Vendor | Product | Version | |
|---|---|---|---|
| Acer | vz2694g |
Affected:
d61d0e09d008bfb29bc32532b1b94fcc4ee2af5e8372c6d38722a4e73ecc71d6 , < 0
(sha256sum)
|
|
| Acer | aspire s 27 |
Affected:
2bd2bfaf79a72eaca45e544e5c6a5bb842b292bdc229b8975b3101a4013e0d5f
|
|
| Acer | aspire s32-1856 |
Affected:
29837e239487cc83818a7f40f9280d9692a50376487899edd603494b0f30e4c5
|
|
| Acer | aspire xc-1710 |
Affected:
cdaa406bda1a58fbe9933622dec218a26f79871d42f0d3576fbf878e51a16201
|
|
| Acer | c24-1655 |
Affected:
399f68dc94a6c42030efcd57fd034ff721f860b7b5d447779e7a6a6c99aba34f
|
|
| Acer | aspire c22-1600 |
Affected:
d938d08543d35d4249a51057c1d9c62bb1f6440af19913c5feffcea47dd3de95
|
|
| Acer | c24-962 |
Affected:
3d525f96f63995c51ab1bcd2c50ebb71661ffeca9f78f97cc97e851d0e2bbbdd
|
|
| Acer | altos r680 f4 |
Affected:
a2679a9595a104d70bddc024dbc4f65f0dc9d906f30a0d1ae6b996b14246a6c2
|
|
| Acer | altos r680s f4 |
Affected:
e5fdaabf11b236c5c7b040d674936e84db746a180ab9999317e16dcb77aeeba4
|
|
| Aopen | iAPLx-DE(TAA30 TEST) |
Affected:
94c6f84946db100b505af8a308f69ef6cddc2e310b50641a6e2e63bc9aed54e0
|
|
| Aopen | iKBLMUx-DER(Volta Charging) |
Affected:
fcd339e12730f057e41ad41228f9612d4954f2d0dbcfeef37e14dcdaf2866e05
|
|
| Dell | inspiron-15-3510-laptop |
Affected:
7fbfd8b03d178e074572dff764f28af98c87c7556ce3837ccb8dfe993efa1940
|
|
| Dell | alienware-x17-r2-laptop |
Affected:
65f5939878deede2e1b24a6412ba025b78f45b1562e9d365d97e1c76a32a1832
|
|
| Dell | alienware-m17-r4-laptop |
Affected:
f75b595b9ce5e1e25a5d64e54edffdf696251b4f4e860c0d3a03a183631f090e
|
|
| Dell | alienware-x14-r1-laptop |
Affected:
620848eeadb74a572d6400672aecca35f46dfdc7b5152bb028fbcbf74ea7bccd
|
|
| Dell | alienware-aurora-r15-amd-desktop |
Affected:
6348442334e85e8374884ea848685771053a7cf274ccb77559c710b5a00f61e9
|
|
| Dell | alienware-m17-r3-laptop |
Affected:
413a04c12bde19f1f97d9d334ed57197f0405f9f10ab7154d2b71e5471577c97
|
|
| Dell | alienware-area51m-r2-laptop |
Affected:
253743e7a39d0b709122c5329799f4c4608536eeb632218e7f0cbe1f6e8b5db8
|
|
| Dell | alienware-x15-r1-laptop |
Affected:
4fc54067f263791aed2fa4b57b226ea15c4eb0f55b3797e002bb62aa936bdd8c
|
|
| Dell | inspiron-15-3521-laptop |
Affected:
e2242e4aa3a284fcbbcf2f38a10bec24408f1eff74bb307e699ea46f483359f2
|
|
| Dell | alienware-aurora-r11-desktop |
Affected:
8f79d9de33f5f131226a78ccb10bb16218a5be51b2105cc32e38ceb0c8c30e9a
|
|
| Dell | inspiron-15-3502-laptop |
Affected:
62c02a9b5a4d4328ac41c3e3aa7757e64e6c5cd52b9e047333ad18e60d17fcb6
|
|
| Dell | alienware-aurora-r13-desktop |
Affected:
dc5912033c5ca14475f2d59ca47f25c8840f362f0c8553d13bb06a8e47c42abf
|
|
| Dell | xps-8950-desktop |
Affected:
6982be0bd8e1aed1251fe5300eec2b515b7cab70e761cfb72074f5d658d092d9
|
|
| Dell | alienware-aurora-r15-desktop |
Affected:
7e310dca802db0f7a22d39bb2d7d5b79c7e9df8e5698f0e691942ec334ce5794
|
|
| Dell | alienware-aurora-r14-desktop |
Affected:
26a447a94e96fa8d9c590888cae490750c32d5af95faece3595f21efc41c1f2c
|
|
| Dell | alienware-aurora-r16-desktop |
Affected:
06a9dffc8fb3edafd1b6377cf38879860a0ae3c87f97258e09d189d291f64ead
|
|
| Dell | xps-8960-desktop |
Affected:
0dcd7494f4926fb04b56e9713f0b62eff3a345b626fa2adaf47636bf0bb4c3eb
|
|
| Dell | alienware-m15-r2-laptop |
Affected:
69da86e9cf24c49496529f3041604a6bb1c0c0ab86c192239d31d3a9b92467cd
|
|
| Dell | inspiron-17-3782-laptop |
Affected:
602a23f43b11817ad5439579969753866a54b836f34dfe19342e5188cf088d85
|
|
| Dell | alienware-15-r4 |
Affected:
608e410d1c0475dac58b1e8f36b477aa8d9e9f28d30ec89d44b550e36bbbaf47
|
|
| Dell | inspiron-5680-gaming-desktop |
Affected:
f1075841f54237735c1135ebf92baeab9c0c3f8b051229f898520f5b0f265353
|
|
| Dell | alienware-17-laptop |
Affected:
d4ed519bd5e5ba2f027d00635494d485f19f3080d8baf6d711b190323294e216
|
|
| Dell | alienware-13-laptop |
Affected:
cb25317443d65ba126174c8b7547c7d2f6c0288f859e2063436eb7b350d9bf62
|
|
| Dell | inspiron-3472-desktop |
Affected:
02877ae1ee43c787fa980d6e897e14546ac193100395bbcc6bc26fdf3077e860
|
|
| Dell | alienware-17-r3 |
Affected:
003130dabf11c8b5df286d9584b3174faa9529cd6149513d13c7ce85d63d97b0
|
|
| Dell | alienware-13-r2 |
Affected:
e6819bd24e063807336994f36e1b7cafbbec46c2679a365dde1b54b720a049e4
|
|
| Dell | vostro-24-5460-aio |
Affected:
d54e560849c716d0ded4b25d9aacc746f77174cc6d3eeb3a50424eaf337c92aa
|
|
| Dell | inspiron-20-3059-aio |
Affected:
4b4fd4cc68e48cfbacaf1279ff42ce6e9d37aa7706efffb2a0bb84fbda2aabd2
|
|
| Dell | inspiron-24-5459-aio |
Affected:
2c6a0bd7b3a91b9e1b309bde7d405812a42abe40001ce661252d81e7cd009650
|
|
| Dell | inspiron-22-3263-desktop-aio |
Affected:
13deddbbdccb6e5411317e96bdb045e28c0dcbb7e86ed5f32e5d24b4b54a5657
|
|
| Dell | inspiron-3250-small-desktop |
Affected:
95446bcddec63d36a9f5554815892c104febb73c676a075d789e4b7c69979fa6
|
|
| Dell | inspiron-24-3464-aio |
Affected:
3ffd081959db4684563f0044cca9ac16d5467a42d40913f503bad8d171bf1c99
|
|
| Dell | inspiron-3662-desktop |
Affected:
5a02b9214bb7ca03030323835a85efd84d369ff02a6baf9193083e2b22e8d0c3
|
|
| Dell | alienware-13 |
Affected:
fe9e2b75babda09ba22a3e99494198e125188d9345bda2b961f10e98e6c2b784
|
|
| Dell | inspiron-one-23-2330-aio |
Affected:
374f19a62abe5b7c195038ebc945528046478ba7fac2b7b429edfaa47122e6e6
|
|
| Dell | alienware-17-r2 |
Affected:
e94ccb36573d53127cfdf1f6d617c31ba8562fbdd4b43e48fe1fd52325315756
|
|
| Dell | poweredge-c5230 |
Affected:
52dbddaf0c9803e7f9dd389519b829515abe97dc0fbd9b979230de28880f595d
|
|
| Dell | alienware-alpha |
Affected:
f1d2c02737ba96e93892f38c161b3f35fbca79a4302e439e8405d3434ed88fdb
|
|
| Dell | inspiron-15-5552-laptop |
Affected:
73e72a45f92daa7ef76dcf82e6d13113cd9acbd2250d78d2e02232535f83fbc5
|
|
| Dell | inspiron-3646-small-desktop |
Affected:
081c82a0748297ca5841b1772330fb6e776c678d425789a66e3072fb73d072d7
|
|
| Dell | inspiron-24-3455-aio |
Affected:
2fd0f72190810fa5c4a2a3f57a7bce51dd0baa47584b59b7cba4752a92c66ee5
|
|
| Dell | vostro-20-3052-aio |
Affected:
c4574a6a5e1e6b4f3b4a3317b51d75c3764395775f900b9ede99dca5e76849f2
|
|
| Dell | vostro-3252-small-desktop |
Affected:
9cc04e65928cf4852d0ae16d55808b42542387ae389ebbd3e42f888638909932
|
|
| Dell | inspiron-3655-desktop |
Affected:
31a7af2885146a94a82ce214a26e4dcdcfa36969aa47a7a1eaf3725fa6a2198d
|
|
| Dell | inspiron-22-3265-desktop-aio |
Affected:
7c0c8fab8b15d6de59936a3921f85d9e79f710c6c6db6459804b679d82760e26
|
|
| Dell | inspiron-17-5755-laptop |
Affected:
19967c4eebd851b31936c8cab20f86008c7f065cf93217f6cc82350521cc640f
|
|
| Dell | inspiron-3656-desktop |
Affected:
a0e12007dd08b6d9a22fcc6548d0562ea3a966b2030ea9d00c739971e02b6c9a
|
|
| Dell | vostro-20-3015-aio |
Affected:
05b03dab647098c957cadd2a66ebb1401dc5dae51f267351c0d076c239d5856b
|
|
| Formelife | Studio Sys UPD |
Affected:
a451ed9d6359fd109f495c75bab2678285265a72be64b3e5d0d5447a0e167cd5
|
|
| Gigabyte | E152-ZE1 (rev. A00) |
Affected:
a9638651a2475403924f124552dc199689a45d2e2e59e3dea2b223667dfb63de
|
|
| Fujitsu | AU47 M1 |
Affected:
d3715136d50fc486ef59fb4aee1d7f06552fdf98423809939538fe905a1aa0b3
|
|
| Fujitsu | PRIMERGY TX100 S3p |
Affected:
bfadb1d20541d4c39857e7b295b7ad20ce81d393f014eae27565bc173c1880c0
|
|
| Fujitsu | PRIMERGY CX270 S2 |
Affected:
e44c2088ee54191192cc690787d74d8ddbfe3fc97c58fb2c42cf8a952784c94f
|
|
| Fujitsu | PRIMERGY CX420 S1 Chassis |
Affected:
c27a0e267f18a89c8ba8aadd37786ef8fe18162b60b45fc209bf992b570837af
|
|
| Fujitsu | PRIMERGY RX100 S7p |
Affected:
e71744d4e18cbee18a1fe381a8a83350487baa6cfbf3729d999f85d7b650610a
|
|
| Fujitsu | PRIMERGY TX120 S3p |
Affected:
51a9197d05b1aad84546d9469b2c400bd7536eea62b2760a308e5bf84e71d74b
|
|
| Gigabyte | G152-Z12 |
Affected:
ad457250d51a0638880d9cf1df9dd029ab34b36265eda73c5459d8d0460ba3de
|
|
| Gigabyte | G242-Z11 |
Affected:
2ab6af312a78886a13144814ce766a771604755f8dd303381658026304415280
|
|
| Gigabyte | G242-Z12 |
Affected:
eef3fd99672410b85e6342c5757723d0d3ccecef9805237955baa20780de8b4f
|
|
| Gigabyte | G262-ZR0 |
Affected:
f21b8f836105cdb4051d8bb29302dcf86836b640bf048b24f3c76e930b513b32
|
|
| Gigabyte | G292-Z20 (rev. A00) |
Affected:
62bb737d55f4caa082b7ea2aa6f8a59c8efdaf9d5ac5b158cbfb32a6cead8164
|
|
| Gigabyte | G292-Z43 |
Affected:
1b6ff7d60400c7c21a5b28f947475e61abee187627c1ff12cddb25b1ce59ecb3
|
|
| Gigabyte | G292-Z45 |
Affected:
18def9ce5aa6551c1d7e77e9f53e34701f77b89d6b32d41ea050cc94d52941e1
|
|
| Gigabyte | G482-Z50 |
Affected:
b14d2e3fadc16c97684a4ae947798bb3a67372441dd7252568f71fc86e98ae9f
|
|
| Gigabyte | G492-Z52 |
Affected:
062e3100bfbe635c66feed863141f7a6f2bfcf0b887a5b3d7ae31fb610d17cac
|
|
| Gigabyte | H252-Z12 (rev. A02) |
Affected:
ac416150a9752dc20107bef240e73c6054af4992348003429bfd97a7373f4f27
|
|
| Gigabyte | H262-Z61 |
Affected:
340cc5c8f4468eb2d36b684dffbf139b4ac4504b5db3993c3c1b5145858c5131
|
|
| Gigabyte | H262-Z6B |
Affected:
0e761b6f3c7d3a1407addf499ff848c493a9d0b0197368cbe858bbc4fa5a4702
|
|
| Gigabyte | H282-ZC0 (rev. A00) |
Affected:
0b739af751913ea6ff42999069963dcf6a1bdd58a3de800ab721d9bdbd59bf0d
|
|
| Gigabyte | MZ32-AR0 (rev. 3.x) |
Affected:
a4102b19258804214beb838f61699a7623cc654341e6f60ad986dae805935c14
|
|
| Gigabyte | MZ72-HB0 (rev. 3.x/4.x) |
Affected:
e0a3837abd91821c4ad98687d2dc6456b7fcb05c8b672c48f242ffeabfa3e9b4
|
|
| Gigabyte | MZ72-HB2 (rev. 3.x) |
Affected:
7678e64f7728c059b228ddec74f0918f0544d5193f7b8efe0bf03e8f36c2f5c5
|
|
| Gigabyte | R162-Z10 |
Affected:
122baff0bf1243b945a7eaa9ca55303469d624d6150d4da136d697878177f1a8
|
|
| Gigabyte | R162-ZA2 |
Affected:
9d318d27111a3c5a2e3a6451103750d70dec9d6e9d048f7e98fcd60066b98aee
|
|
| Gigabyte | R182-Z90 (rev. A00/B00/AT0) |
Affected:
dbd77ee47e4bccbb2b8af2883765641e9d7c404937da2942637fa1b4b6d4d635
|
|
| Gigabyte | R262-ZA2 |
Affected:
c7f73261e85bdc43932e49254cb8654ed2ce0945379592cecb081d51e5834289
|
|
| Gigabyte | R282-Z97 (rev. A00) |
Affected:
076310804e591d1c2d4ab1d53cff0866c04a4189e03e6964b528b8a94faa7991
|
|
| Gigabyte | S252-ZC0 |
Affected:
8927ee41096d71b75bbef2672e22f640a22ae3588f4f44786fff92c70b861885
|
|
| Gigabyte | ME03-CE0 (rev. 1.0) |
Affected:
79700c28616b906f5534cf45d4582878a73f96eff24f1f894bd04b24c00eade8
|
|
| Gigabyte | ME03-PE0 (rev. 1.x) |
Affected:
ac5ec67cafd72fd7f497c3759b0dcf359de8b7db6941120c0c69d5f3eea4bcbc
|
|
| Gigabyte | ME33-AR0 (rev. 1.0) |
Affected:
8bdf9b526d2e9e65f23ded60745006c65678d184a258761666d3864432cc0cac
|
|
| Gigabyte | R143-EG0-AAC1 |
Affected:
630321979d80b22e20ca5fc713b2e3e1a8d9ec9ecaa6e2f814193ab8471636aa
|
|
| Gigabyte | R243-E30-AAC1 |
Affected:
ae9c0a6e84b0c2912eda99c2de4e95d45c0c8feb2a097e02832ae03c74796f50
|
|
| Gigabyte | G191-H44 |
Affected:
28068e88e5041161f4485f958f49060d6a865e4beb0b53bafc8f3c5e5e3923b9
|
|
| Gigabyte | G241-G40 (rev. 100) |
Affected:
912834981a1de06dcdd4f8cfd11e7db46ac691e5ef20616d76d859e889c303be
|
|
| Gigabyte | G291-2G0 (rev. 100) |
Affected:
0dbbb711ff0879479dc30b9a7116fb94f093e0225b74916f6b79edae90d8fb2a
|
|
| Gigabyte | G591-HS0 |
Affected:
bce2bb4589e9ba8bc8029514a887f3f3bb4ded3556bb5d77dc1a38bad564b435
|
|
| Gigabyte | H231-G20 (rev. 100/A00) |
Affected:
819cf98fc21e036b3ae7e6390ae09edcf6fc6c260b22bf6ede0852029ef2495b
|
|
| Gigabyte | H261-H61 (rev. 100) |
Affected:
190d03dff0cfed20b38ae3270c8bb197b024765963dff6b7730d96bfebcbb24c
|
|
| Gigabyte | H261-NO0 |
Affected:
7eab23785afd939c2abdf53e001e896c67216a6cc75b646d990fdf92ae226748
|
|
| Gigabyte | H281-PE0 |
Affected:
9f715f7b4128701de97332885c28547fe89ca4214de5af85623ab90670fdbbff
|
|
| Gigabyte | MD61-SC2 (rev. 1.x) |
Affected:
98c90d7d56e82fcf28b362fbf659c3dfd3f987de96d997defe2ef2e78f33cecf
|
|
| Gigabyte | MD71-HB0 (rev. 1.x) |
Affected:
82bbbdeed52e95c3f19ad09cc8fff5ea17f9f5341fbef5f88fba478c24e9fd66
|
|
| Gigabyte | MD71-HB1 (rev. 1.x) |
Affected:
c6957244c7417f2ea28889e02d23b63091b6049b82263872ec3a952765becf9c
|
|
| Gigabyte | MU71-SU0 (rev. 1.x) |
Affected:
67c4f4ad83e151ebe6e61092bec3153ec269e7be1945dbba0c61091a345a885e
|
|
| Gigabyte | R161-340 (rev. 100/200) |
Affected:
1bea20b7f9327d743487da2db53e5fb89ace6d22f56600b58918737418e716ee
|
|
| Gigabyte | R281-3C1 |
Affected:
aef16fc11c0f6ddca64581dc5b42b9d6e4ab66807ae7c5a30ccfd8f6774a2b18
|
|
| Gigabyte | R281-3C2 |
Affected:
5077c5d90bce52e6e22371dd64910f30aad69c42aaf9a144165682fffe23c3e0
|
|
| Gigabyte | T181-G20 (rev. 1.0) |
Affected:
c2b46f65550950fb75d45f5bff54bbed8d4877d803a9688739abd47909fc5f6e
|
|
| Gigabyte | MC13-LE0 (rev. 1.x/3.x) |
Affected:
a1f593c61f035734a87dddbe547a18a52d641785c40cfd320b0a0802be57a1e5
|
|
| Gigabyte | R123-C00 |
Affected:
ddce5a86b35fcf3fe494169bd1834b1f40f24b1a4938e5239bba011dfb981949
|
|
| Gigabyte | R133-C10 (rev. AAG1) |
Affected:
a09c15eaf24a7804b16fa6fc8e4d16c8ebbc850d070439b2c1ead835f4626dc0
|
|
| Gigabyte | G293-Z23 |
Affected:
36b879d3be098143f10fd76db48424f3c3470ffffbe2f828ec7462bd8ec73dcf
|
|
| Gigabyte | G293-Z42 (rev. IAP1) |
Affected:
b98e94dc0b78131fe59ca6a9c0a142037d412e2ce5fcdb9d0d6d10f102b1d5fe
|
|
| Gigabyte | G363-ZR0 |
Affected:
b2bdfb3a454065b92210cf8a11ef836b45b1db8679d31b45e65a71d1f5efdee8
|
|
| Gigabyte | G493-ZB4 (rev. AAP1) |
Affected:
930761233953091f36c6f92e069229f7dd6c86555c03315e1cf51f9fd349ac79
|
|
| Gigabyte | G593-ZD1 (rev. AAX1) |
Affected:
c564d83ca92af69a296c473cf748d2a6062883164794856c8be429a652e421fe
|
|
| Gigabyte | G593-ZD2 (rev. AAX1) |
Affected:
74e19d515a7d2d4644f026bd8ea3ee5035b1d325189d9ff2184892a62a7cddc2
|
|
| Gigabyte | G593-ZX1 (rev. AAX1) |
Affected:
637be0a8baa2b2a07788add89178c5ff71b837b0d7313d31252293e87a8c3734
|
|
| Gigabyte | H223-Z10 (rev. AAP1) |
Affected:
3d2868fe9d5c6ff7e0397d929f170cc6ff006c5d1b5f7bd99d937de8f93dbcd5
|
|
| Gigabyte | H233-Z80 |
Affected:
5bcc229773a51f96a3904ab181bc621231f881b88a9f59b9427555d9bc868045
|
|
| Gigabyte | H253-Z10 |
Affected:
4978fa8b487795206594ef340a6c846814e02e248aaf6d6d22e21e58c194fc00
|
|
| Gigabyte | H273-Z80 |
Affected:
7d216a628dc15d65ad64ee6535a8c190260c9616945108237dab43b3fb1ed549
|
|
| Gigabyte | MZ33-AR0 (rev. 1.x) |
Affected:
2c185f2a4900213d87796a8f1b7ba719d3506961c3587cc6b6c39ebae2067e93
|
|
| Gigabyte | MZ33-CP0 (rev. 1.x) |
Affected:
13b00bbbbe69eb17f726a086841770b17b9b5b02c903d165e5dcbc371b87e4d6
|
|
| Gigabyte | MZ73-LM0 (rev. 2.x) |
Affected:
140cae90bff7b80c41f0fc69c6439ec9ef3e7b54e408a29dcb9b41bcdf07bb3d
|
|
| Gigabyte | MZ73-LM1 (rev. 1.x) |
Affected:
36d2df2564747908c8f8b28df00ea5504783b9308fc76899d0a5ac1b57f43361
|
|
| Gigabyte | R163-Z35 (rev. AAC1) |
Affected:
6e276e4fdfd0ddecdf0c1df49718595d0c4bcb28850897215b88fa01c239b62d
|
|
| Gigabyte | R183-Z90 (rev. LAD1) |
Affected:
9bb0e8c4030538d2b820b333ffa1b211a7930953f30bc9ba206eb26adfa45741
|
|
| Gigabyte | R183-Z93 (rev. AAV1) |
Affected:
44c75c03ddbd8689b7a5df96689d730f002367d428da0982bf089c8f6909a75e
|
|
| Gigabyte | R263-Z35 (rev. AAF1) |
Affected:
4f59fb01703b0e6cd5140683e9eb6d98c452b3acb64ab642004276daf49e1ace
|
|
| Gigabyte | R283-Z93 |
Affected:
59c838f97265422664d3508ad13e370351e9f482983d942dd7fbf33bbbf00587
|
|
| Gigabyte | R283-Z97 |
Affected:
42329f479e5572eadd01b94fa8f3f3ae16b7fb4452ac2111f886855e4f52597b
|
|
| Gigabyte | R283-ZF0 (rev. IAL1) |
Affected:
3b999a0a4b3a7336597e7373e3317dd29b91f5510fdfcc8323988d1edab6c23a
|
|
| Gigabyte | TO25-Z12 (rev. AA01) |
Affected:
920c4d1c705e8b80e94b19f2c690d1fa4f25f0f6954db6209ed5118d7927fc32
|
|
| Gigabyte | H223-V10 |
Affected:
c9387dfa08afff4cd1f875331c6eb24ac6758d608976603c7398c039dde35890
|
|
| Gigabyte | H263-V60 |
Affected:
76f7ae620a91ff5e8590a2f22f59018e613aeb12b626b886d6ce2f5e4276fce9
|
|
| Gigabyte | H263-V11 |
Affected:
57be6485a091b1f60afa9a2af34cff051e293d03696c04ba578f97ac38a34d4f
|
|
| Gigabyte | H263-V60 (rev. AAW1) |
Affected:
2221d582286ebe04101fc5bd7e353e3f8826c86f948defeb8ac265b8c7ceb8d9
|
|
| Gigabyte | E162-220 |
Affected:
0c8eb9d218ca1706bd15989efc2915e792918b52cdcac38a4845913631f6cccd
|
|
| Gigabyte | G262-IR0 |
Affected:
ebf41cbd3da1701755a788922944f1ec7e13aa8396a03611cef2e3940da4cc20
|
|
| Gigabyte | G292-280 |
Affected:
5caad5c1ff5d9518017d64a2dc8cb2a83e294520ba6460c0a1b14212688f39a4
|
|
| Gigabyte | G492-ID0 (rev. 100) |
Affected:
c2902ae30064150ea9236e92b819a2cf96c47ad73f0439233471b89bb04cc13a
|
|
| Gigabyte | H252-3C0 (rev. 100) |
Affected:
436d56f15a1373c341638cc0edd950866bd519e0cb1e0de07ab7df2c59fba5d1
|
|
| Gigabyte | H262-PC0 (rev. 100) |
Affected:
83eeeab2bc322fa12b1ab2be69ba64ade98d999f8e1118ba1d6957c45b52a6c7
|
|
| Gigabyte | H262-PC1 (rev. 100) |
Affected:
083289beeb6b2d85285084059994d0ae833833cc7284428b6eea303099d99090
|
|
| Gigabyte | H262-PC2 |
Affected:
db38dafec56ac3bb8948390f699fddf5a3f3f2b33d0a696d41c803c059a5b940
|
|
| Gigabyte | MD72-HB0 (rev. 1.x/2.0) |
Affected:
eff883c442f1805faa24a44e645413d9c9d3d95e6e0bb5c227124f7eac8187b6
|
|
| Gigabyte | MD72-HB1 (rev. 1.x) |
Affected:
43eacbb8f8ffe499f4d0715cf6f798cd81351474abce0e410ecfeed7071740e3
|
|
| Gigabyte | MD72-HB2 (rev. 1.x) |
Affected:
ede862fa7c647cdd18ab5b2cc90aeec53c35e7f2a9e8d3cc9bd4f1f4e7837b30
|
|
| Gigabyte | MD72-HB3 (rev. 1.x) |
Affected:
5ffc9128e64f5a30a78f594923301a6110a8a97c236665f4d4ca7ea28d8a8d21
|
|
| Gigabyte | MU72-SU0 (rev. 1.x/2.x) |
Affected:
776719490d81637a1604081fa3e9ea7fc975020cbb45103bbe4efc70ed69c6e6
|
|
| Gigabyte | MU92-TU0 (rev. 1.x) |
Affected:
d6c0481e584911e1758040140b89593d1839956ef379a6d45d5ac37d0666b866
|
|
| Gigabyte | MU92-TU1 (rev. 1.x/2.x) |
Affected:
80073632c479a5522a64e14cd9bdb4cb12c3b86eb8eee5c36f63c40c96865334
|
|
| Gigabyte | R182-34A |
Affected:
da898f000b47ebe799f88868276a9f9a0744ae283480c70b4506f17218696a52
|
|
| Gigabyte | R182-NA0 |
Affected:
0b851b25b7dfd2d50e710016c21c06a5aab78fcd64597ca631669b7e6344db6d
|
|
| Gigabyte | R182-NC0 |
Affected:
75adec4e87cb200578f3899c3bd7435bbdadcc4941e5edcb5a3fe3055a8ad190
|
|
| Gigabyte | R282-G30 |
Affected:
ee788077e078691ba0f587f2f9f044667b3463f794d8f38fa0c96e8b68550703
|
|
| Gigabyte | G493-ZB1 (rev. AAP1) |
Affected:
64c336027bad7ec398c64d31ec444c47ec0d0b60eaf89202547967cc1b21fed3
|
|
| Gigabyte | MZ33-AR0 (rev. 1.0) |
Affected:
4270e08e2fca65beb36f8adaf338c4b94d248a98eb3d205d0fcf6a1cd2d6ca6e
|
|
| Gigabyte | MZ73-LM0 (rev. 2.0) |
Affected:
29ed1fb8fd445c86fb30ef02e78db0b5be5213ece5edebf5f9702daaa94f5ed2
|
|
| Gigabyte | MZ73-LM1 (rev. 1.0) |
Affected:
5be6bd89d0e644714c6c98502efcb6e5b90fbdf3101f82cd821d04d2fb11e60f
|
|
| Gigabyte | R263-Z34 (rev. AAH1) |
Affected:
00089e4dbac3fcc36ba347ac7d7f9067722601a9a55c2360bf9cae439a52c010
|
|
| Gigabyte | R263-Z35 (rev. AAL1) |
Affected:
ea3e4c728b066bf6827adb0497ec6e32ab66c546c4ca89fca8f3113c3d74e950
|
|
| Gigabyte | GA-H110M-DS2 (rev. 1.0/1.1/1.2) |
Affected:
5e55411efbcff6e593a2de57f46b6040324f35c1ed14f902333a71b6cea38930
|
|
| Gigabyte | E251-U70 (rev. 100) |
Affected:
6c404dfcb9550bf9080bb679ccfba607c96b149772c345ddeab0f881fdd16f8b
|
|
| Gigabyte | G293-Z40 |
Affected:
84c011953dcd5981156d4d5488c82f53ee73cc839d3359004d491b0f1fbf2808
|
|
| Gigabyte | G493-ZB0 (rev. AAP1) |
Affected:
c4dca3104af399295b160bd3ad7d01d38f9dc86e7143dceae68403480d7c19cc
|
|
| Gigabyte | R283-Z94 |
Affected:
47da1b96a4296aa07edf9e4f54df7dc663e8c8134477ee8718319667073a5d7f
|
|
| Gigabyte | R283-ZF0 (rev. AAL1) |
Affected:
0f77013fe1a7795b311828614ab371df89c88dd7ddd165d17130422289838731
|
|
| Gigabyte | MX34-BS0 (rev. 1.x) |
Affected:
c5b7f646ddc82ab730c91e13b52d86d9fa3c28d0b0cd1569fcf0a9b77509d7c4
|
|
| Gigabyte | R123-X00 (rev. AA01) |
Affected:
876f82d1e8632fff9b24a04be60fb1486a1e4eefb8b20183580874680fc06150
|
|
| Gigabyte | R162-ZA1 |
Affected:
8567d8f2fd8a32c33c81aae33ef21e34f818159199f0beed6c10dd6e2283351f
|
|
| Gigabyte | G242-Z10 |
Affected:
c7e9eff716b9e7000c89692637c58014ee0be37d7ddd39a0c2ae4ecba82e38fe
|
|
| Gigabyte | MC12-LE0 (rev. 1.x) |
Affected:
8e37407821e4af774debc51d6dd492c11fe6652ebfd25febae7a603a7ef69822
|
|
| Gigabyte | MW34-SP0 (rev. 1.0) |
Affected:
add3e41160a5effcd5a6dbfcda45072059e02f5a6fa39042fdbf36ae8193067f
|
|
| Gigabyte | E133-C10 |
Affected:
2d5900b5a13292df17073793a00393ea8e60a645104ebf8d95c5407674421c76
|
|
| Gigabyte | E163-Z30 |
Affected:
1ecbdd2c9fdb6e9bc4f2e48b5b3e1651977a39eddc6480cc4888462636648f38
|
|
| Gigabyte | MC62-G41 (rev. 1.0) |
Affected:
dc4153ee0a3333ab789383cef8b0d9760b9f416138a093cd3357370261babf4e
|
|
| Gigabyte | MX33-BS0 (rev. 1.x) |
Affected:
a0e138096681313a3923eefa3bd3480e6416c73d627d3888b36ce7bb6b2b989f
|
|
| Gigabyte | MC13-LE0 (rev. 1.x) |
Affected:
b9f880e1df8c0a237dd9cf607e19287817eb75f59057e8df89ade763ca7b6812
|
|
| Gigabyte | R263-Z33 (rev. AAL1) |
Affected:
d18f17a61f21b0b96542a3efd2a543cf87b434d86055e48aaac951f09c53e0e3
|
|
| Gigabyte | R133-X13 (rev. AAB1) |
Affected:
3e3fbdde80c01e9755408922f67ad04834a61cb5e519ab010b151b68772a9784
|
|
| Gigabyte | B760M D2HX LITE SI (rev. 1.0) |
Affected:
641b9c056a8fecdc3a572db60e00f0b0fed7722fe9cf377bc4b6ee9208423107
|
|
| Gigabyte | GB-BER7-7840 |
Affected:
f63845840d8dabf49f4a1137c4b1558257748fc26812bd693de92ed0257362ec
|
|
| Gigabyte | R163-Z32 (rev. AAG1) |
Affected:
7fd571d3ff56fa697a130f06d98ae3d2568e4e3d5848cc0966f4e00617801cf2
|
|
| Gigabyte | MD72-HB2 (rev. 1.x/2.x) |
Affected:
e01af875c3100fa3d72d014aaf93417317a1a4a4e69c4a28c216c73dfa5e041f
|
|
| Gigabyte | GA-H310MSTX-HD3 |
Affected:
094ba53bd3f96434153ed4c426a2c9f8b62ccab2b7ff60932061f9fa84a9309e
|
|
| Gigabyte | GA-H310TN-CM |
Affected:
9f5d955a2b3e33b9ba93e98d56a3ce4c997c4234161a4637aa88eda81cfc743a
|
|
| Gigabyte | GA-H310TN-R2 (rev. 1.0) |
Affected:
5ad827acb383f51e80cfd4605f8b02186b680f61ba0129e6c054af896dbe6d48
|
|
| Gigabyte | H310N |
Affected:
de983965452c5d6bdbf7e4137ef30782337efded699beb2db1cb1cfab2a9cdb9
|
|
| Gigabyte | R143-E30 (rev. AAB1) |
Affected:
a0ed7595a6c1b6e26d1e930ca3a8c1c0dd619db049ef112fa653b8bf9b026bda
|
|
| Gigabyte | TO25-Z11 |
Affected:
c70331be155ee7c048b0296e15de195158c1215b1ddb31fb842018467c5857d1
|
|
| Gigabyte | G293-S46 (rev. AAM1) |
Affected:
4151a030854ddba555d497a9d2626723d662a9c81e86b39e4e2c02c209ebabbc
|
|
| Gigabyte | R163-S35 (rev. AAH1) |
Affected:
f8c33896586db20586273c8378d4fd18e49a4db7b6ac15333eb67536536c40da
|
|
| Gigabyte | R283-S94 |
Affected:
70ed5ca85b768ef6f9bb36baa9596d07fb259c775b457464c138a7494f7340a2
|
|
| Gigabyte | TO25-S11 (rev. AA01) |
Affected:
9ad9beef2a8253dc72e6bdd37d76bd54fcae482fbd3308904d87dfaa4df281e2
|
|
| Gigabyte | G482-Z54 |
Affected:
f446b6d7d932602558e4abdbea9a9b826a12d27c535ca6c2d0bafa5e34ec3864
|
|
| Gigabyte | R183-S90 (rev. LAD1) |
Affected:
9cee49e6b444421c55798f7ce7bf7a1eebc6d6f75319c2bcb39bd11b4075c71a
|
|
| Gigabyte | MX34-BS0 (rev. 1.0) |
Affected:
5380cc7bc3d652f0d0316dd3225fb45f1bb054e9c568b9c8e8bf9591306cdbaf
|
|
| Gigabyte | G293-S45 |
Affected:
77b27203150cbb0b885df35e361b1a193163316e3f315be4e7967312b097aedd
|
|
| Gigabyte | R163-S30 (rev. AAB1) |
Affected:
e0c5fec105a86f8b7ffa77bd983d3ed0b54cbc65542e0ffdb9aae29cfc2ddd8e
|
|
| Gigabyte | R133-X11 (rev. AAG1) |
Affected:
e8f28f55ed2fb648c7237e216e5c377da45e9f6d6a746605515002aaf502ae4c
|
|
| Gigabyte | E283-Z91 (rev. AAV1) |
Affected:
1fee6620306388e1d23dba7889b858bd56a091cf04ee68db32639e14d9b87a14
|
|
| Gigabyte | R143-EG0 (rev. AAC1) |
Affected:
672102a1648ac9839230ff8c818edc737b01fbe92250ae0db8ae2441b257f5d7
|
|
| Gigabyte | GB-BEi3-1220 (rev. 1.0) |
Affected:
39ea2372c5af03dacf3a4112895e5bb59489497c23828e38acd4b4fec35df970
|
|
| Gigabyte | GB-BEi5-1240 (rev. 1.0) |
Affected:
2d34f17d147062c8aa223fd2e528b8c10c0879e8ee2d6064607f45e93908a935
|
|
| Gigabyte | GB-BEi7-1260 (rev. 1.0) |
Affected:
dc45a2e1fd0112f5deac4678b7b093d4e233256af8e492104658c38a5ad426da
|
|
| Gigabyte | E283-S90 (rev. AAD1) |
Affected:
059d906408ac5c7daa81504d9e9057023d7686c9383faa48ef6f195d4b32d997
|
|
| Gigabyte | G493-SB0 |
Affected:
394bf746dc6183441ea4d034769683c92eb999195fe6ab6e1fbf10c4cd1aed32
|
|
| Gigabyte | H263-S62 |
Affected:
d733c74eeca529ae54b842ea757213532781db14b38c9222f4eb34be5ac7e1b8
|
|
| Gigabyte | R163-SG0 (rev. AAC1) |
Affected:
35ec23b26774c9030a1deca1b66837805aa7bedd6518d5be506681f2296b5e17
|
|
| Gigabyte | S453-S70 |
Affected:
9fb2a464f53ad26c1bab90ee2437c0c265ef6d0faf419af58baca323c6156b7a
|
|
| Gigabyte | E163-S30 (rev. AAB1) |
Affected:
a7ac0837b77d7a91edb4e5fbfde127eafe1601e858a6312af9e555646de46480
|
|
| Gigabyte | G293-Z20 |
Affected:
abe7715141d75d5817b2456105d037d116c441796c7a373dbf3307412e111bf5
|
|
| Gigabyte | TO15-Z40 |
Affected:
b0766c740aceae7f71543bfb22d3c757640e714e52f32a17a3d42f9d16d39383
|
|
| Gigabyte | E133-C10 (rev. AAA1) |
Affected:
2af044c4474abc534ec6da84e1e6415386421dbc897ed2946efe131840de8161
|
|
| Gigabyte | R271-Z00 (rev. B00) |
Affected:
dcff49fc24b1b8cf02fce97a15b0bc8bb19c6979df21136007c677ac3b9023c7
|
|
| Gigabyte | ME03-PE0 (rev. 1.0) |
Affected:
2bf55cd3046c8fb548063466ea9eb0802c4401f3c04a13f9ef693fe7c23570ef
|
|
| Gigabyte | GA-H110M-DS2 (rev. 1.3) |
Affected:
8448a4dad1df740fb0882eb8533c40a2227e385f9f2f07a546c1d2e6020b7cbf
|
|
| Gigabyte | GA-H110M-H |
Affected:
0dc9159572d38d754e168d1290219dc558cc72e67e8fa72727ddd43a5ad187e7
|
|
| Gigabyte | E152-ZE0 |
Affected:
83d24271a7b1b9bba7070c128edcc8b4d6a5e7c96caa920baf5c014efbf6775d
|
|
| Gigabyte | R282-Z93 (rev. A00) |
Affected:
255ffd2b1161bb8a53626ad3920c40eb5f0f63cb1d5710969abf31797f8771de
|
|
| Gigabyte | R162-ZA0 (rev. A00) |
Affected:
85f9cdc44ed670c411f0892b769e91567f9a81bcdeb92861fcf6e2ffc7773f9c
|
|
| Gigabyte | S453-Z30 |
Affected:
92c197c09f8aaa2e20427f649cacd1484ef7a345040f54eeb3135745b6f671dd
|
|
| Gigabyte | G262-ZO0 |
Affected:
efc056c3caa782e178b7ade2333316ef39a0a6e17157c68a61927b3a045061e9
|
|
| Gigabyte | H262-Z6A |
Affected:
2ac696517ae7da9f3efe81af66b89b5f7b24beb6e09aca06e61e454915070a3b
|
|
| Gigabyte | MZ72-HB0 (rev. 3.0/4.0) |
Affected:
2ad038a3b127e95df1fc8fa61bafb96a113fe0093d9ecee66db9ece973c5a257
|
|
| Gigabyte | MZ72-HB2 (rev. 3.0) |
Affected:
225cea866d8c5843d32d6edc97764b69b05707e47c9537e6e6e7f4ac06775816
|
|
| Gigabyte | G152-Z12 (rev. 200) |
Affected:
e7969888310f2eceb73544fd8108eda95c1a3ea62ff57da93c643bc55b898f50
|
|
| Gigabyte | G292-Z40 |
Affected:
d31512a9a475071b6e14a03aed7c5286aa0c622925d7a840bdee7158a7d9583c
|
|
| Gigabyte | H242-Z10 (rev. A00) |
Affected:
1096dfa8e4e5f5d2410eacac73c51bd1b946bc4d2f110a44e8c33f53d0182eb5
|
|
| Gigabyte | R152-Z30 |
Affected:
5297e4a26fd8ed927abcb2438a5ac2a4e35e770d06d272ed77b3d847bebb11fb
|
|
| Gigabyte | GB-BSi3-6100 (rev. 1.0) |
Affected:
e81cd2760e4d5090b1d0da86309ba993256d88a4abb8065ce83266bcf4f0ca34
|
|
| Gigabyte | E283-Z90 |
Affected:
40d4956a427564b83b0c1a86f1c32510feeeb5282eccfb211bd29f0a0a7767c4
|
|
| Gigabyte | R163-Z30 (rev. AAB1) |
Affected:
58a47d7e153b03ce005686aac24bfe31f405a7cc4670b826ccc775a839de7ee1
|
|
| Gigabyte | G262-IR0 (rev. 100) |
Affected:
43dd7e97fc6fd1fc0ac1ef601c00eed9ec9b5d5325243fb8c6f0ae3517fce89b
|
|
| Gigabyte | G292-280 (rev. 100) |
Affected:
5b7eee5f852ce1424dfd476d8713650e528fa359f19e551b7adb9b6a12ad467e
|
|
| Gigabyte | G492-H80 |
Affected:
e79fefca976e762f76a8ce36494928dc2ba039de02b69659a87b5245cb27ac2f
|
|
| Gigabyte | H262-NO0 |
Affected:
d04141fdfff53843c10ef247e885ad9fb62ffc58c89580718ecd2b102a590f30
|
|
| Gigabyte | H262-NO1 |
Affected:
ca65772cdd5fef0d287957d5a6e308fa1126b9b40a2cd701e1190e852ce0bfd2
|
|
| Gigabyte | R182-340 (rev. 100) |
Affected:
ade7666d9e200c0929260025880128674b63349911f1d03857a42cf753f10b80
|
|
| Gigabyte | G291-280 |
Affected:
6917b15d532856e0c0f7cbfc3501f4d5c273616046d94695e01ce07303f6011f
|
|
| Gigabyte | G481-H80 (rev. 100) |
Affected:
53a8edb12be4b79c231d3f950e20343f20f3727a6544504259639fa6506f2457
|
|
| Gigabyte | H231-H60 (rev. 100/A00) |
Affected:
56289ef76755acc7f4e843b3ee0f29ec8f063f113f640b157d095d18a866d874
|
|
| Gigabyte | R181-2A0 (rev. 100) |
Affected:
01c95a23c9bfeff78ab2b6d77ca33e6a967cf624d1afb5fad393776c79a25920
|
|
| Gigabyte | S251-3O0 (rev. 100) |
Affected:
303797b38020f7b91381f887954f819112509c4b855ebd75c7a31dd227acf1cc
|
|
| Gigabyte | S451-3R0 |
Affected:
c9a2e7d55dcf6e3f7537515d2c6cb0e36770a5fbea7a01dafe4a90359ade90eb
|
|
| Gigabyte | WRX80-SU8-IPMI (rev. 1.0) |
Affected:
249510667c5c37bd25d731655d7dbf18c5fc2d8d377c0c2326810cda6d9c0f46
|
|
| Gigabyte | R292-4S0 |
Affected:
1dcce1bfce8c75c3fdf8a307ba7f6d0231504095e1c4e6bf2166a4cf75df29cc
|
|
| Gigabyte | R283-Z93 (rev. AAF1) |
Affected:
dcb8c9ec0cdddcf94852ac34e952a349af1ca970d825dc239075286875a9257d
|
|
| Gigabyte | GB-BNE3HG4-950 (rev. 1.0) |
Affected:
ed3834eedb770cbb44be9357c5b05d9800ec9577ba3eb6faa3c47460d78814ee
|
|
| Gigabyte | R161-R12 |
Affected:
523e9d1bf5710144e36f9535141955dcf9a3d075fff092f6b4d1e12ee2eda562
|
|
| Gigabyte | GB-BXBT-2807 |
Affected:
16f990d85b5a42e9b762a08f69614b0c6e3f5c1236364ca38efe92a5dd729bb4
|
|
| Gigabyte | MB12-CE0 (rev. 100) |
Affected:
bcf637c0c5be2018d76681b66661d1e6f061c2e1366124f4ef8754c074f8a95c
|
|
| Gigabyte | R263-Z30 (rev. AAC1) |
Affected:
92780ca87316f207f58c61f65bc8f702fbb2881688d9819dbe8ebbbbed6e1f67
|
|
| Gigabyte | TO23-H60 |
Affected:
955038954a0d1463be658fe518b6006f9fde166b67e9007f3befb9cfa62e5da9
|
|
| Gigabyte | GB-BRR7-4700 |
Affected:
a462c1a73072f541b6719e4cdee351d44a7cb3593dabbc6809b5b387d909eee5
|
|
| Gigabyte | GB-BRR7-4800 |
Affected:
424e8b46bd3feec4aae4ec33eae1ca8658526eeb66e121adb244d3c322dd005d
|
|
| Gigabyte | GB-BRR3-4300 (rev. 1.0) |
Affected:
5cc12fd686928c97fa7fbfda17250579adc4e7bd11e46e88650de5ebca6ed03c
|
|
| Gigabyte | GB-BRR5-4500 (rev. 1.0) |
Affected:
6ea44803e9b188161126374021e9d845136edd676d33fc80e5f9348b8d577a87
|
|
| Gigabyte | W771-Z00 (rev. 100) |
Affected:
d07d7094aa0dbdb896f8d3dceb093ea8c1d72ee0009472ece73190d2071aee6e
|
|
| Gigabyte | MB51-PS0 (rev. 1.0) |
Affected:
372c9a6f86f60d7cef6ae2d2ee7ca0d55df998ba0a47468668c6758b3d3db725
|
|
| Gigabyte | X299 UD4 Pro (rev. 1.0) |
Affected:
ca8a556421eb318b0e5901085e97c448f1646a1636e34ec6e4d76f4a3d61f601
|
|
| Gigabyte | G492-ZD2 (rev. A00) |
Affected:
c8ab653dc8a40406c0a8a4d71b56059a2f9b7c7ab9e883290acd071941c7bc25
|
|
| Gigabyte | MW22-SE0 (rev. 1.0) |
Affected:
d369b68d0c38afedcbb0eeb82f2d06d486e9c0ce212ebe3b0d9f8dfcdbbbf5b0
|
|
| Gigabyte | MX32-4L0 (rev. 1.0) |
Affected:
78ce8406e3b09a3450d41ba11c1dae91456f25c796441dabb52c7b7e261b3a69
|
|
| Gigabyte | MW32-SP0 (rev. 1.0) |
Affected:
0cd64d233ea4db6db2a90962d2888f4e5b967fbb24fa944ccbbfc2c02d5a358a
|
|
| Gigabyte | MX32-BS0 (rev. 1.0) |
Affected:
40234a98894a9855db1a921ffe9d272caa1e5702dcdd14afc82f6a91753fd460
|
|
| Gigabyte | GB-BER3-5300 |
Affected:
a3ab1a934f5806b5472f13257771924e3fcbaed289b2d6a860ec2fbbfd2d0c11
|
|
| Gigabyte | GB-BER3-5400 |
Affected:
06879fa2383284b0222247992f7d359bf5d0ddcebfdcd5b42a20ee5f46a8473f
|
|
| Gigabyte | GB-BER5-5500 (rev. 1.0) |
Affected:
68f88269c87ecb16f9b7d9269005ce505a3498b9e3440054742481a2254d5aea
|
|
| Gigabyte | GB-BER5-5600 |
Affected:
d98134626baccb58d0d97613efeae6d504b112a4f8d8849e2599ceecf55f7fad
|
|
| Gigabyte | GB-BER7-5700 |
Affected:
ec439231fb2d3491a63b173bda078a128bf02b19262b3549f3a799992442d9e7
|
|
| Gigabyte | GB-BER7-5800 |
Affected:
7704838038c24fa47fadd54f19c5911fa39823ecfb5f451db59271112a07e777
|
|
| Gigabyte | GB-BMCE-4500C |
Affected:
43cce322b194b9be7bedb247098e8b691878f238b14199cfba11af4422b3464d
|
|
| Gigabyte | GB-BMCE-5105 |
Affected:
c412ba0cc85278e93f349b9fae6011982f23f8f3a7b6539a36d90b551ae1006f
|
|
| Gigabyte | GB-BMPD-6005 |
Affected:
6f14b4087af44921d294462fb0d65259f18af0cc23b7ab1c5b87773b9c3c13e4
|
|
| Gigabyte | GB-BRi3-10110 (rev. 1.0) |
Affected:
d6626703c5940d244a87f2967f0c54f4a5a7b53597dd92a0b561f28a2f9a9161
|
|
| Gigabyte | GB-BRi7-10510 (rev. 1.0) |
Affected:
af98c4cea319d387751cb356a28390fa630a1b2f66920a3202b37e0acb861ade
|
|
| Gigabyte | MF51-ES1 (rev. 1.0) |
Affected:
dbe505cc1f3a4135628b7e22c7fddb99bf3ee1d46f82a84219e8cb0905c20ff2
|
|
| Gigabyte | MF51-ES0 (rev. 1.0) |
Affected:
d27437e85db58b607bc173e844b31dbfb8b949ea3c225e13377ae942572c4611
|
|
| Gigabyte | MF51-ES2 (rev. 1.0) |
Affected:
9bd110e7a5a1e1cdd77af3702309d98f748cdec6d25a5e76c04f63417e2e6a8d
|
|
| Gigabyte | G492-Z50 (rev. A00) |
Affected:
0b2bd8851706081fb9e310e5f4a7a97c3a0bb32eb7167a609e602ba6cec1ea89
|
|
| Gigabyte | GA-J1800M-D3P (rev. 1.x) |
Affected:
19c85b8fbc25322544c775c9fdcee793a563d51b32ede6b29c02248e0813f42b
|
|
| Gigabyte | GB-BSRE-1505 (rev. 1.0) |
Affected:
2f18902d7afbe8d900b6552c2d7a86760f05c4698c1018053b2fad97f6ab51f7
|
|
| Gigabyte | GB-BSi3-1115G4 (rev. 1.0) |
Affected:
6f6c034629c0d8df05227f4e7d85d02d8fa52d7fda0940fd4f80f62a23be06c8
|
|
| Gigabyte | GB-BSi5-1135G7 |
Affected:
baddfacc85e4aa97915493c4f66cde6002104bfc10ecfa3839c4fc6e32597953
|
|
| Gigabyte | GB-BSi7-1165G7 |
Affected:
b191f4293202c488ba673c288bb5edbaf506a9835a508ec38fa705797738c918
|
|
| Gigabyte | GA-H110M-S2PH |
Affected:
a5013d7b2208a6c2d1ea75bbef06711be676430321f4b275140049d6fd53f8df
|
|
| Gigabyte | GA-H110M-S2PV |
Affected:
60d70e509fc3f7c1da701e5195218f20e297c11d2dd4f0327ea4d25732c120d0
|
|
| Gigabyte | G292-Z20 (rev. 100) |
Affected:
e0ae28d4aca350a31f66402f4b0f46e05e4aaf77adfc813179a7df20c8f4b148
|
|
| Gigabyte | W331-Z00 (rev. 100) |
Affected:
4f7c60d69e3c374da221c2ab2d2393794965f2e0e1cf296f5a64d4d77299089e
|
|
| Gigabyte | X299 AORUS Gaming |
Affected:
c5534cc441ef64739b9609ed3160f296cefda8faaae992448baedb01e9310be7
|
|
| Gigabyte | X299 AORUS Gaming 3 |
Affected:
82f181dfcdb973537274d8fbf4ad83d60ba8b7315bf99def64780a8c29c6a843
|
|
| Gigabyte | X299 AORUS Gaming 3 Pro |
Affected:
810a53fa70ab5b27f2dbe92948b79638dc87fe6015f94c41501562a47805e28f
|
|
| Gigabyte | X299 AORUS Gaming 7 (rev. 1.0) |
Affected:
ee03798b5db2710360c33566b2e61b46bc664ff8a25b257bbfb620c332d70f2b
|
|
| Gigabyte | X299 AORUS Gaming 7 Pro (rev. 1.0) |
Affected:
6ca7152161d4d3a65a2d4fa707a3784811bbb7507332f1c82662456f5f76b5a5
|
|
| Gigabyte | X299 AORUS Gaming 9 (rev. 1.0) |
Affected:
14d6cfb20110768c3da503050dd9222a2514aecd0ca49f2c08e64bf6595b0cd2
|
|
| Gigabyte | X299 AORUS MASTER |
Affected:
326280954738ecffd23930791fec6dc0ba2b9774c85886b98d33723974c3427d
|
|
| Gigabyte | X299 AORUS Ultra Gaming (rev. 1.0) |
Affected:
91933d348054953096135089baa7b6ca61dc43e9fc25dff45c9fb4dbf9e8d606
|
|
| Gigabyte | X299 AORUS Ultra Gaming Pro (rev. 1.0) |
Affected:
22869435dede4b52f75a6b82266b67f8930857829185f97bd322c3a72a8899e1
|
|
| Gigabyte | X299 DESIGNARE EX (rev. 1.0) |
Affected:
0a1aa3edaeb6b389a08cded1ce036ea9178527389ca1549442a35f8b1b2bcdf6
|
|
| Gigabyte | X299 UD4 (rev. 1.0) |
Affected:
3716034ddd789a3e8e1c688a477e4735f228bc3acfa18b63e719d7cd1e8fedfb
|
|
| Gigabyte | X299 UD4 EX (rev. 1.0) |
Affected:
6fbe2e27bf4b4543e39c88a4702f487b15d02a47b04e006759cfb6432d82fa0b
|
|
| Gigabyte | X299-WU8 |
Affected:
d15d9bd6d7980d27bb56848643aecef336c8ff0a695e155071b7dafb1f75d08c
|
|
| Gigabyte | H261-Z60 |
Affected:
826f711b5accbc542c3e33d607f1dd10edfb3486772975f204aa2de43bdb52fb
|
|
| Gigabyte | MZ71-CE0 (rev. 3.x/4.x) |
Affected:
c0c4215e8207d397914a56edf50428f01ad3676c23630ef7b8c06cf36e45a7e1
|
|
| Gigabyte | G292-Z40 (rev. 100) |
Affected:
fcbed542b232be01a0ed2d52dcd3dddc101fafed3da9f3e3aa6b17b652e640f4
|
|
| Gigabyte | G182-C20 |
Affected:
e133210fdecf2d57cde25b0bc706437210318e37655eb22a97000bf27a02c177
|
|
| Gigabyte | R162-ZA0 (rev. 100) |
Affected:
03e23d40902c4e68730e74ddadcc716f46032774001e1b6bc606c5294d4bacf8
|
|
| Gigabyte | MZ72-HB0 (rev. 1.x) |
Affected:
390cd14f2be9ff14cdcc90a9e705cc017bb2535e66b93859eddc233425998937
|
|
| Gigabyte | G221-Z30 |
Affected:
8e8b934cc0bd3127262a9e52fac754d64abe27c09902a78acec81c0daf883f77
|
|
| Gigabyte | G291-Z20 (rev. A00) |
Affected:
8d49dfb69b420390cf13ff8f3a3b3ab88e5dcd46a182c4ac5be9868bc6278c35
|
|
| Gigabyte | MZ71-CE0 (rev. 1.x) |
Affected:
d3b797002d243cbed1182569ffc6b5e5f6243e59ee27bbabae7362fa80be6e91
|
|
| Gigabyte | R181-Z90 |
Affected:
24be564cb337350bd9cbf409cd95f29b760e1ff872f99b27379c40b533e9f2e6
|
|
| Gigabyte | R271-Z00 (rev. A00) |
Affected:
99f913a3f88561d7163bb1ed79380dd346897e577315eef71695aeb861e82579
|
|
| Gigabyte | T181-Z70 (rev. A00) |
Affected:
e42a49d2674808c57b781e8b3d78613a143ba9797d1a856ccd2a62302a49520e
|
|
| Gigabyte | GB-BRi7-10710 (rev. 1.0) |
Affected:
14c74b9b80e71d3302c13aea0dfea3560e1452a55c698c20e457c5b495154443
|
|
| Gigabyte | GB-BRi5-10210(E) |
Affected:
56430f2f4f9aef4e50f503dc8397fdb20b005bf38a8b9029c43e3eed56c39229
|
|
| Gigabyte | G492-ZD0 |
Affected:
bacd1c945c9ff1ecea3e29039ad8b742c6d040e5792bb45008c1b7f664fb36bb
|
|
| Gigabyte | G292-Z46 |
Affected:
31aa7ba19f6edb9472a3da22793803c265a0cb0b7cd7979db56251c37edcfe5f
|
|
| Gigabyte | R282-Z90 (rev. A00) |
Affected:
8cc6129ba23848fbd65b91a9b70999aad19d3b7a6d168066cbe4a0b759fc5a5c
|
|
| Gigabyte | R282-Z96 (rev. 100) |
Affected:
605db3a5cf91d915929488803446e5a51dda16d661e76840b707474d2df79069
|
|
| Gigabyte | G482-Z50 (rev. 100) |
Affected:
9b0c2aaaef88b38db18e4efd44b2582c8401f9a17f2c54d0e1f07d2c94a9a5f4
|
|
| Gigabyte | GA-H61M-S |
Affected:
5fb07e319cf6d523a488d879e7eeef3321e90fbee049efb642b34ad2a32611b8
|
|
| Gigabyte | G492-ZD0 (rev. 100) |
Affected:
25555956322c0eaecf58fd759ed9b0b7857f9dd149b02de55e2f5eedb291117b
|
|
| Gigabyte | W281-G40 |
Affected:
f7c504d3d3907aa4c7f70ca1fbe1fed7e73426eb987b9c5e2f6b31d42e801af1
|
|
| Gigabyte | MW51-HP0 (rev. 1.x) |
Affected:
1190d15905ff8656d2d0601c388df633b1646fd585de4fe871fdf93fc23d35a0
|
|
| Gigabyte | G482-Z53 |
Affected:
f5f61e3f93c7f6615cfdc26efce6a83b3188d697e2243643d08d10dfa9de8afb
|
|
| Gigabyte | G482-Z54 (rev. 100) |
Affected:
0fe0c762e396660fb30aeddcf5a5928af864eb44399271ed975913f36e46190e
|
|
| Gigabyte | GB-BXi5-4570R |
Affected:
3353c109a69e6fdd86adbec899e2669cce724bc35db33a86fb0bf1c81a508c2c
|
|
| Gigabyte | C621 AORUS XTREME (rev. 1.0) |
Affected:
7edc3eecb5d5ed515e06f8130d875fcae07cb0c7bfaa2e4cd8d86862e5ecc256
|
|
| Gigabyte | MJ11-EC0 (rev. 1.2) |
Affected:
3631995d059e336863527f1511894bdfc61361bc0691a430b3896fb94746aded
|
|
| Gigabyte | GA-E6010N (rev. 1.0) |
Affected:
c9c8f182cf3b058d12bddb039d8a3f3686d1c325c9b2719ec5fc8644e066274a
|
|
| Gigabyte | GB-BACE-3000 |
Affected:
2da499751e8a5446ac8445cee5b95f6bf75ded5c8ec6738eb67f5c4ac2081c32
|
|
| Gigabyte | G291-Z20 (rev. 100) |
Affected:
6d6107f0d094fab41eaf6073089de8a0b24bb7a66c5851f534a8f1d26812c3d2
|
|
| Gigabyte | H261-Z60 (rev. 100) |
Affected:
edd3eccfbbc2ef2ac40e723697f67a346fca062ddd6679c5ff8cfbb91d3b6afb
|
|
| Gigabyte | R181-Z90 (rev. 100) |
Affected:
575fc48c70ea9ee40f8016ea2328ebe790e7e556333a95b9b511be466047f668
|
|
| Gigabyte | H261-T60 (rev. 100) |
Affected:
6b636c9fc0ec84737f2238365e71c23e9227695cd5ad52bf40dbe8290920fb60
|
|
| Gigabyte | GB-BSi7HT-6500 |
Affected:
e9bc71596a97741893377b2c52a13b5b2ff0a7b6f985af40725e0755d2c537c8
|
|
| Gigabyte | C621-SD8 |
Affected:
d6ad23c1fab3f0a2babb23e7907385e25a06801c2edd50d108e5b08f923855a8
|
|
| Gigabyte | C621-SU8 (rev. 1.0) |
Affected:
b9017e90f6c47a9d9560cfd92206c4b2e624cd91cd7f0680fb75dd972ef9582d
|
|
| Gigabyte | GB-BSRE-1605 (rev. 1.0) |
Affected:
d72f64d5a25b9088f7fff456d3783c2fb0e7926cd4de6469c6c3f57690830907
|
|
| Gigabyte | GA-Z170X-Gaming G1 (rev. 1.0) |
Affected:
0455dd8b57341d5667d4c4dd71767321c3f72770f84db4e46f93d31e50b376a7
|
|
| Gigabyte | C621-WD12-IPMI (rev. 1.0) |
Affected:
0215ce75b3629651d0c64b0b241095b58f0af921cec3022c524d531c22f1385e
|
|
| Gigabyte | C621-WD12 |
Affected:
f528dbe55aba35bd4e5d55fe853afed41c54d78719765944a5ea74dbc062f4b5
|
|
| Gigabyte | GA-Z77X-D3H |
Affected:
cc7b733f36b027823b3f501864d74397d308f8bc169149cca5307855234a4527
|
|
| Gigabyte | GA-J1900N-D3V (rev. 1.x) |
Affected:
19b4ba1388707838d0de17b6f2e9ce01f70f728926ab7e2dcc0566f6dbce8e90
|
|
| Gigabyte | G211-H4G |
Affected:
9546a8c62b6d285172acc0ca17340040cd18ff76bfe5b9e7672824e948f7331f
|
|
| Gigabyte | MW21-SE0 (rev. 1.0) |
Affected:
60370916ce5edea7899125ad1b470d59cc04b0aeccea1ae5474f78ccf187e4ae
|
|
| Gigabyte | MW31-SP0 (rev. 1.0) |
Affected:
a89940e207a6fdd61170536d0d8fe66b4584c38a804c0df15d23c0cf30d49e35
|
|
| Gigabyte | R121-340 |
Affected:
d2565f697c692df559b665d0b97b3743c9de07c0ffa83b0fbb5b86aa821e8622
|
|
| Gigabyte | R121-X30 (rev. 100) |
Affected:
2ca3df4ff24732338397d64dc81509ea5a7c4b979ca3f2ee6c7446d690355c52
|
|
| Gigabyte | W131-X30 |
Affected:
7fb3aff9b87102cb3535bd80904b7252c40ba4f556d9f355a45fc9003cb29e9d
|
|
| Gigabyte | G292-Z42 (rev. 100) |
Affected:
09d1d8dff99b19615f14413d6ba20891819d481b12667452786510209344095e
|
|
| Gigabyte | G180-G00 (rev. 100) |
Affected:
e32576a5522533c1914ea8aed13f238022bf60eb6fb86ec5393bc8ee56cf5a06
|
|
| Gigabyte | G190-G30 |
Affected:
cbb6d5a01124074eda2161e53a5128e0d0d8eedaffa55b14c1dfdd6fbc5a067d
|
|
| Gigabyte | G190-H44 |
Affected:
bef72cba124fcef35a3ccd67b94707f20c2bfe2a4f4d89f3497affd72b8c2a73
|
|
| Gigabyte | G250-G50 (rev. 400) |
Affected:
9424cd10408253ab228dc2125524340f5ca53759e3ad4e996e7cf0320f41884f
|
|
| Gigabyte | G250-G51 (rev. 400) |
Affected:
c17b5d0b9140f95f5317619866739be362765e6165292cb183f539b6758f34b3
|
|
| Gigabyte | H230-R4C (rev. 100) |
Affected:
59a3fe40e2896be666fd2712f7e5176ab10ca9335b39bd04fa48867ee607c066
|
|
| Gigabyte | H23N-H60 |
Affected:
d4fc77114a472bf1902a66a35f51a11689446c8d0dc18000717a5f74ae6b3a2b
|
|
| Gigabyte | H23N-R4O |
Affected:
a5cda726ef82b73f9c764e39a64ceab32e4d6e238c3019e06d3b7f2218d68ea8
|
|
| Gigabyte | H270-F4G (rev. 100) |
Affected:
934742dd01634ef45d78c2a7f9f3e89a0db2cbc7baf994570cd8b64fa4491da0
|
|
| Gigabyte | H270-H70 (rev. 100) |
Affected:
499d17336ee9e6be59a733507c25f7b343933bd728f296f6ef08af611d0a8ae2
|
|
| Gigabyte | MD30-RS0 (rev. 1.0) |
Affected:
3b9ef069c1c67a9caa29f8eaa915605cd0bbf1edb735d92abf2c4e959ca4a726
|
|
| Gigabyte | MD60-SC0 (rev. 1.1) |
Affected:
473033483d404754621122afe34dc8f8f47432bde116cfdde03ac38fdf2fb054
|
|
| Gigabyte | MD60-SC1 (rev. 1.1) |
Affected:
7213c438e3f07e82dff82a5b6cdeb5f80e8b82ce6e12fc377732a8df2c527bfc
|
|
| Gigabyte | MD70-HB1 (rev. 1.2) |
Affected:
7540b3951f0ddc6c1c1f4eaf062525f55a1c6e862022e4a545530895510d772a
|
|
| Gigabyte | MD70-HB2 (rev. 1.0) |
Affected:
0db641b3a89e75061d6af75e41e365cab69a819f6880d4bd0a0f4ea7960fa17e
|
|
| Gigabyte | MD80-TM0 (rev. 1.0) |
Affected:
15f2bdadf43e6d3731df0693552d4aa4780ed958dcbe0ea4ef80bc27510cdc85
|
|
| Gigabyte | MD80-TM1 (rev. 1.0) |
Affected:
298d5755fa084d9268d09063222030993755cee31f9fe5429323b830c8c3f5cb
|
|
| Gigabyte | MU70-SU0 (rev. 1.0) |
Affected:
4b5caac23e6866a9bbfd7962a5557ddc9b0369cdce09b664910b35bd66e690cd
|
|
| Gigabyte | MW50-SV0 (rev. 1.0) |
Affected:
cde8f07d2e7d14233748df612e113ce348140090694b96c407053fe4e6e1690b
|
|
| Gigabyte | MW70-3S0 (rev. 1.0) |
Affected:
f8c314404f2801dc3b04cce95fa27a97f58459f9d70c8e3b03bbfd45bbaf5e40
|
|
| Gigabyte | R180-F28 (rev. 152) |
Affected:
5d3bf4c8452e70a4ee31e25cfd555694af3cf64eda965fade0b21e8a262a2c10
|
|
| Gigabyte | R260-R3C |
Affected:
e6bc9c983e21a0cfcb2d86a9dc88c28e5ba33387acdff81bccd6caf780e4619c
|
|
| Gigabyte | R270-R3C (rev. 143) |
Affected:
6b6d0ebe479ce082420f5412fc099860ab825450e58d96a6b33c5013ea061864
|
|
| Gigabyte | R280-G2O |
Affected:
efaf5f327a471776f0a75a2b8b7f963c8ab72190be7f606d51a0c04715dafe70
|
|
| Gigabyte | D120-C20 (rev. 230) |
Affected:
cef953fd8883203ef326a6b195a90328ae31ddc10736afa171b617a906fab77e
|
|
| Gigabyte | G150-B10 (rev. 111) |
Affected:
fe702d3ce5fdade4ab194ec43fcf6f0a070123ab547ae49b9cbaec33c474dfb0
|
|
| Gigabyte | G482-Z51 (rev. 100) |
Affected:
4dcab1a378bb4cc541f210917c563b95dd678e185b4d0dc8483b175cbf9097ad
|
|
| Gigabyte | MB10-DS0 (rev. 1.3) |
Affected:
3aa61cde7b1886fab7e60e077bdb39d0a94e3c451593d13e87306b88b4e56a80
|
|
| Gigabyte | MZAPLAI (rev. 1.0) |
Affected:
cd755796109542b3da08826c56951102e5034c76428138d1a6dd4f1ca29955a7
|
|
| Gigabyte | GB-BPCE-3350 (rev. 1.0) |
Affected:
b22a7a1693d8cb2deb608f8e3ab366f5eea0e6bdef6ddb03a86d599fb2efdd48
|
|
| Gigabyte | GB-BPCE-3350C (rev. 1.0) |
Affected:
a42535bbb37725951ac18b0fa9b5771454ce707bcdbeacb8120d0aa0eee0cf1b
|
|
| Gigabyte | GB-BPCE-3455 |
Affected:
03662e2e512cfe18afe431d968d60e944af5f7514f840754864ee4cd97990130
|
|
| Gigabyte | GB-BPCE-3455C |
Affected:
47b54ae65d44b227a3bab252fcd465df6e6d4875cf2511f1261f1c8e5b196e1a
|
|
| Gigabyte | GB-EACE-3450 |
Affected:
421dfe54ac2554e627762ea96f454f95f7232f3f238dc9f5d5fc96bbf284fbac
|
|
| Gigabyte | GB-EAPD-4200 |
Affected:
c6009503816a44e0d4fa7d0d74ac7418b6551e31e58bab97390711055449e52d
|
|
| Gigabyte | GA-IMB1900N |
Affected:
cb4e9aa8b2416ed2fb7593a3c93d5fed07d24d1f349761a1790deb97778a565c
|
|
| Gigabyte | GA-IMB1900TN (rev. 1.0) |
Affected:
93d6ae2ede6573f018ca1dccc5b686a0461a0d662a353511a0b420a10935267d
|
|
| Gigabyte | W42G-P08R |
Affected:
f0d6176199b56171ec12bd663025c664b2bf3f8b844bc90edc8dbc3cc062871d
|
|
| Gigabyte | MA10-ST0 (rev. 1.1) |
Affected:
00f354e79abadfb8b4aea11bb07c3ddc16f00b3055ec8c221ad4d69538bdeffd
|
|
| Gigabyte | MDH11HI (rev. 1.0) |
Affected:
2fdb64f2007196150cda167f3eb121cedba80d75d0b79def30c4d7155ea0b2a7
|
|
| Gigabyte | GB-GZ1DTi7-1070-NK (rev. 1.0) |
Affected:
0d274a7eb05cebe468e07b2e6692a11c90f222d18077b3d058fc02b464046265
|
|
| Gigabyte | S12-P04R (rev. 1.0) |
Affected:
25b628eb776a57d9fa45cffb00f8f3347cb9d7c2f3c33712348b85c3ecad2d4f
|
|
| Gigabyte | R272-Z30 (rev. 100) |
Affected:
fbf652a641fc3d847c148abb65130f7eece7a51a9c6607f1c403a8bbdde6ce48
|
|
| Gigabyte | GB-BNi7HG4-1050Ti (rev. 1.0) |
Affected:
a0c57eb7255f99412b62429f165eeb1f8a297c26a13eb6d7ddbee91e32dbce6c
|
|
| Gigabyte | GB-GZ1DTi5K (rev. 1.0) |
Affected:
f37453e390737ec297686b784da5aad11acbaf8375d377fac533caee996c1d66
|
|
| Gigabyte | R160-S34 |
Affected:
898a0ddce89b59e6993ea651b0a0d4b54752957b63274dda75160674fa0928f6
|
|
| Gigabyte | R181-T90 (rev. 100) |
Affected:
c02c66a7d393e7bd8cf757197bbc6bc22fd9f9b38a8a1068166eba97bc5b4a29
|
|
| Gigabyte | MDH11BM (rev. 1.0) |
Affected:
410a0aebc3826f029ee6a4cd0c5816eb0676fe99a0b112e8ce55e8b2f3b49e6d
|
|
| Gigabyte | MDH11JI (rev. 1.0) |
Affected:
05cb527ef122bbe9ebe54d4678686e6a21b961f16392841f5f0b0bc3882a184e
|
|
| Gigabyte | MDH11KI (rev. 1.0) |
Affected:
945d5b0e567bf5604ea9b12fc7f3f3bb12ccfb1935b9de78c9bc77241632fc9b
|
|
| Gigabyte | MDH11TI (rev. 1.0) |
Affected:
7796142d4d8a09c6f416d5b3cd452caa659cfca40992683d7f8af55cf4e6a7c8
|
|
| Gigabyte | MFH27AI (rev. 1.0) |
Affected:
4d3a05e1006e9d5a1045ea65277cc4fba148ab4533ccb1b6d52ffe54edc7fffc
|
|
| Gigabyte | J4105N H |
Affected:
3d1879acf606abac026703a7fe242feb538192ec6f01642ca33ba6d6de55a725
|
|
| Gigabyte | GA-N3160N-D2H |
Affected:
bc5aa15ece1e486f4b7d31c5ba6d45382204c115e556a6412d751e25703a4a7d
|
|
| Gigabyte | GB-BRi5-8250 |
Affected:
3584936b2dad0ff3ee3d6b167442d39dce8400e1016267462827ff20d15dcdf7
|
|
| Gigabyte | GA-SBC4100 (rev. 1.0) |
Affected:
873e676d25545b3d6e133a2c85cedd5a4627a11f67513e54e6a99e812e7618cc
|
|
| Gigabyte | GB-BRi7-8550 (rev. 1.0) |
Affected:
591b486bba979b64d20fc90bd63a5991b7df16b5aab1447de888e3d6090f1086
|
|
| Gigabyte | GB-BKi5A-7200 (rev. 1.0) |
Affected:
e13105b80056966dee303194e6eb7e2f622dccb80f5fc5780100197d43b871ea
|
|
| Gigabyte | GB-BKi7A-7500 |
Affected:
002c5c88a393a9da6b48c30d64bd702f6b50fef07c32f45b7c09f40fe2f3f2c0
|
|
| Gigabyte | GB-BNi5HG6-1060 |
Affected:
289cffe9f81f1e9a9cd087bc529701a9343084e499684caf4d34bfe8db15f3f7
|
|
| Gigabyte | GB-BNi7G4-1050Ti |
Affected:
9d8b09f7fdf906dff7d92049fa20921927f3cfebf564455eac78ce2518ad03a1
|
|
| Gigabyte | GB-BNi7HG6-1060 (rev. 1.0) |
Affected:
3835eeda7653120a02ce98ea98ba75ebce53ac1efabe3b81d0b6dcc9e611d1ac
|
|
| Gigabyte | GB-BKi3A-7100 (rev. 1.0) |
Affected:
c5697a205b0e85c8f31e3538135e32b72ca60d1652162c30007d94ad079096fe
|
|
| Gigabyte | GB-EKi3A-7100 |
Affected:
2f7481194b1e0a153551fbc9e68fef59f463882e3fc0238673ed6293715366c5
|
|
| Gigabyte | GB-EKi3M-7100 |
Affected:
c1cc2040975c62eabeae3df92e63b2c1a22c690a97edcea1576f83e975355db4
|
|
| Gigabyte | GB-BKi5HT-7200 (rev. 1.0) |
Affected:
47a969af17efdfe04690233319d36d12ff820901d0817ce17846281e7d5f49ea
|
|
| Gigabyte | GB-BKi5HT2-7200 (rev. 1.0) |
Affected:
0aa384720b8e5c0d09b9b0b14cf14a105e4b607681f778bcaa202412e666bdf1
|
|
| Gigabyte | GB-BKi7HT-7500 |
Affected:
f61c63e919c797c1faae135458e0db89f288a1d05402380823562f34452806be
|
|
| Gigabyte | GB-BKi7HT2-7500 (rev. 1.0) |
Affected:
cb0603d8ecac9baf7de500500990ad0a7e9068dfee69f296d62de549f69f9b1c
|
|
| Gigabyte | GB-BRi3-8130 |
Affected:
a74d2353acccf98743271fd296b2bf6f1e047cca1fcaccc2fd9095a7f72fba2d
|
|
| Gigabyte | iTXL-Q170A |
Affected:
fa7e7ca9fd48d608094d5f56ad6f0166db7be91862666abbb6fa631055b98f5c
|
|
| Gigabyte | GB-BSi7A-6600 (rev. 1.0) |
Affected:
6504f61ce57f6caae37cc7c56910267d18a1db46e6681178b6807f0e26ab966c
|
|
| Gigabyte | GB-BSi5HT-6200 (rev. 1.0) |
Affected:
e649eb460cc049ddac440fe93528336fa42bdd9cd7a284ad9a2481647b57e75a
|
|
| Gigabyte | GB-BNi7HG4-950 |
Affected:
b772a8c72de61e4821a04793a16c8dc8ff7b354fa2a0bff189d879df254c9f1e
|
|
| Gigabyte | GB-BNi7QG4-950 (rev. 1.0) |
Affected:
f4426a3de06ca8015af5798b631afe601a78a069be9e70fc818222d9b4f679cf
|
|
| Gigabyte | GA-J1800N-D2H (rev. 1.x) |
Affected:
ee21f7397347f3b42d5229b41f9d9a6b4be739419f6f2bef1c3eec8f5d3a17e2
|
|
| Gigabyte | GB-BACE-3150 |
Affected:
66ff6219a24fb3662b7b3d4fb1fb7937649dcf052cea4364d4c9b178735807f3
|
|
| Gigabyte | GB-BSi7H-6500-LA-IW (rev. 1.0) |
Affected:
9e23a81c581d5e6c351c2cac1a944ef5759271739f6150c3ef6857bfe401ae62
|
|
| Gigabyte | GA-IMB4100TN |
Affected:
5abc359c698cd90030a597105c4ef899e4ef56271b9e0f43c843408b9fb53d33
|
|
| Gigabyte | GA-N3160M-D3P |
Affected:
cf2df7d9f1ff5f087021f7b47cef6aa3efb47cbfd639f730512bc630e0c91f81
|
|
| Gigabyte | GB-BNi7G4-950 (rev. 1.0) |
Affected:
210688036c5ecadc5d764691d511e738ff32146bc69f26601fd45321c65b0c7d
|
|
| Gigabyte | GB-BSCE-3955 |
Affected:
327e84e3cfce4cb086435232d033a20ebcd4b95cd5aa4b85cb92206f44507170
|
|
| Gigabyte | GB-BSCEA-3955 |
Affected:
6e166fd67041801b0481c69bc271ae73e0657f1078442b5740b09f6774128e01
|
|
| Gigabyte | GB-BSi7A-6500 (rev. 1.0) |
Affected:
6662b3f0d921aaee11ecae2893271fe861524620b05540e255d1e364aa65abb6
|
|
| Gigabyte | GB-BNi5HG4-950 |
Affected:
030031c6c1b9422a56ed44f04efa2ec84fc8a2de254f24d14989934f613d12b8
|
|
| Gigabyte | GB-BSI3H-6100-ZA-IWUS (rev. 1.0) |
Affected:
6399b690346ae7ceda0f8dafbca5acd17ac4d796619568a51cc8e50f5b630b42
|
|
| Gigabyte | GB-BSi3A-6100 (rev. 1.0) |
Affected:
e7049738618fc298adb3099074b3419bcf553f0e54acd9ada2d611fe64925026
|
|
| Gigabyte | GB-BSi5-6200 (rev. 1.0) |
Affected:
044e3800c05a232d4a8821edc28aae7927474c8814a385f717010ef9b12a5622
|
|
| Gigabyte | GB-BSi5A-6200 |
Affected:
d86ef77e6d28671ef838b314840a4ff9237798c058244805b3b3bc01010db097
|
|
| Gigabyte | GB-BSi5A-6300 (rev. 1.0) |
Affected:
8ca806b8be055f9b5df84871c469279930b34b89de515068b1cb30bfa9c3cae0
|
|
| Gigabyte | GB-BSi5H-6200-B2-IW (rev. 1.0) |
Affected:
40f56a09ded19979902613399e9d6c84cee02b72b7114cabac53629fe2c068be
|
|
| Gigabyte | GB-BSi7-6500 |
Affected:
5cb60622a0063c6d261c5693fd423d7fa44d826e8250812f50c7b9a28921712c
|
|
| Gigabyte | GB-BACE-3150-FT-BW (rev. 1.0) |
Affected:
c754aa67ba523b595de11270897af05dc22907a4fce3f4880bb372b1e18d9164
|
|
| Gigabyte | GB-BACE-3000-FT-BW (rev. 1.0) |
Affected:
19a209b004631abf16b5f6abdbe22b3e9578e1f5ffc4bb94b6601fb612ae47f1
|
|
| Gigabyte | GA-7PXSL1 (rev. 1.0) |
Affected:
663977d4a882f59c8a8791d427ef4431ca63f89ed5683a4cb6d61006f1b1c8d5
|
|
| Gigabyte | GA-X99-Gaming 5 (rev. 1.0) |
Affected:
4260703c9695e6975438598d85f4046bd34a1f16f77fe797b22cb45b4428f83c
|
|
| Gigabyte | GA-X99-Gaming 5P |
Affected:
e5ddbae819b82a8237740cccc23cee00844fa79a15e18e6187854b29e7e81a2a
|
|
| Gigabyte | GA-X99-Gaming 7 WIFI (rev. 1.0) |
Affected:
b767595393d045e4adb4225856611b3a51848a17495666be273823220a0dd165
|
|
| Gigabyte | GA-X99-Gaming G1 WIFI (rev. 1.0) |
Affected:
d3e85abb0959e87075f3a91e0048163e92c1831edf3c70a4d85f6ebbe5d56cfd
|
|
| Gigabyte | GA-X99-Phoenix SLI |
Affected:
fe510a8d06c948ca3e699a51d8f60bc0411df8056124d5e4a993cd526da8a0a5
|
|
| Gigabyte | GA-X99-SOC Champion |
Affected:
a85cfd3acbec43f545c8586b63aa52622d9fd00303bf80ff3890012032699ea7
|
|
| Gigabyte | GA-X99-UD4 |
Affected:
95eddffa23bfc032d7d65b730d49a4d87bdaa93e349fd9e30dde6a450b9a9bff
|
|
| Gigabyte | GA-X99-UD5 WIFI |
Affected:
36b023bf42423988805835e5b7c48af57c0b487c7308cfaf5a7a0ff75e3ae8cc
|
|
| Gigabyte | GA-X99-UD7 WIFI |
Affected:
f93b61306682c563bb68ecb67dea64f9d5b86a8e1c7cfa7fb2b4ea02a15146e5
|
|
| Gigabyte | GA-X99-Ultra Gaming |
Affected:
90818dd14d621360badea1463f975a367952e2a0d43e7dc73401a7ab0a2d3a1f
|
|
| Gigabyte | GA-X99M-Gaming 5 (rev. 1.0) |
Affected:
e3b8e6db2e08d8cf93dcd44adf437d6a6fabfa7b309702b35f7ddd4c1790734c
|
|
| Gigabyte | GA-X99-Designare EX |
Affected:
71337bea704f642aad176d64c9f64fdcdb9f38f8107294a417c9bce7a104cdd4
|
|
| Gigabyte | GA-X99-SLI |
Affected:
0307e5ffce3a9981334d7eb19b13caeed61ab8074212943438b4a423b5d2a9b8
|
|
| Gigabyte | GA-X99-SOC Force |
Affected:
678f05bab483e1cb9cc2cd51415c920bb4307b31ff917dc46cc44c6c2083b5bb
|
|
| Gigabyte | GA-X99-UD3 |
Affected:
295417e80fba51a322a02a7e4c35ab04af54a48355711066339743e88e3922f1
|
|
| Gigabyte | GA-X99-UD3P (rev. 1.0) |
Affected:
51c5cd38074336d75c166ad86a2df881b53b4fed849b538e3281d1bcf0502094
|
|
| Gigabyte | GA-X99-UD4P (rev. 1.0) |
Affected:
27abdc6ac0e50d6d6ca0e937c0a7ab1efe8d2c53c46532b68f0cb1a5fb955517
|
|
| Gigabyte | GB-BACE-3160 |
Affected:
9cd9ea2490848b03659e0e7dd7871ac815c54080e5588a530afe35cfc1ed585e
|
|
| Gigabyte | GA-B150N-GSM |
Affected:
01b2fa505a7a377587ea64b20e1a1570eb7f6567a9204ec972ae478998236a0e
|
|
| Gigabyte | MVBAYAI (rev. 1.0) |
Affected:
86a0a4b3efcbc51e14a0a307a0efe343c7a7e3e2bae3a6e0502869f610034ead
|
|
| Gigabyte | MZBAYAC (rev. 1.0) |
Affected:
073a6246ab57b038afd9050e2dd017aefdde6dfad5d61b80bb2d5c3c71134b73
|
|
| Gigabyte | MZBAYAD (rev. 1.0) |
Affected:
be9c2feced70f810a5d08ec03dd8e7df75f9abd066a2ee30ad82136f355ceaf7
|
|
| Gigabyte | MZBAYAG (rev. 1.0) |
Affected:
305b23937168ebedc60ac6756010c07e4588c48e9fe4694fb935945dbf4be6ee
|
|
| Gigabyte | MZBAYAI (rev. 1.0) |
Affected:
4ab2b4adb933a22cc5b3b3739e315a68c9a9a3dca20b1ae7f27713c0279f6670
|
|
| Gigabyte | MZBAYVA (rev. 1.2) |
Affected:
f96a77ebf7806cc05507582f25810237aeaea30ef819dbe90ab2227f8a36ce8c
|
|
| Gigabyte | GA-H110M-S2H DDR3 |
Affected:
8bc76dc04271ff2014eaab3560bbe3177cc08eb3337f4f512c7d44b98a40d1d9
|
|
| Gigabyte | GA-H110M-HD2 (rev. 1.0) |
Affected:
713c6e95151ae02f075d0391a12e47fa2aaeed199379377bddc00590ceda1795
|
|
| Gigabyte | GA-H110N |
Affected:
b66a10f650f73f5497b22a2d45d9c0bf4df9a987668c4d617e62925c5c26c388
|
|
| Gigabyte | GA-H110-D3A (rev. 1.0) |
Affected:
447d66dd22c3af2bbdeea4b2a766cb3fa4442466d0c02d62647de9f3683cd6c2
|
|
| Gigabyte | GA-H110M-A |
Affected:
a04064b45ec7d0c5b6ae123d779095e23315e6ac1a150d4b3190909a2237603b
|
|
| Gigabyte | GA-H110M-S2H |
Affected:
b1276f7ad8788d3db650a672e6ce6785d5c3922d2bc5aae554ad1b48b62dec5d
|
|
| Gigabyte | GA-X150M-PLUS WS |
Affected:
3ba7690791f1adeaa12e45dc9adca1ee7f08c99bf5f1c51961c6975d1cd14770
|
|
| Gigabyte | GA-B150M-D3H (rev. 1.0) |
Affected:
efb150fe9825a88101d934fb5a9801f970f6e734e758344062d37152e8baa1af
|
|
| Gigabyte | GA-H110-D3 |
Affected:
f5f374f38948ddbde29b9673cd70ce05e27af9f3be23a7bc086f37f35a68ede4
|
|
| Gigabyte | GA-H110M-D3H R2 (rev. 1.0) |
Affected:
ec7f01320c848a88e89d3db821f462448f62e5ae65fb4fd02dc3a5602ad1eac0
|
|
| Gigabyte | GA-H110M-DS2V (rev. 1.0) |
Affected:
577535df524a000747a1e15828af3de0cfe6865b0b20170d024974d6b5b81160
|
|
| Gigabyte | GA-H110M-Gaming 3 (rev. 1.0) |
Affected:
901396591f3682b308f9cfa279cf1a7f8d4cc6622a9ca799e6b5e1d5bf769f2e
|
|
| Gigabyte | GA-H110M-S2 (rev. 1.x) |
Affected:
6a24bb276e5c9b05ac4cca0da01e1b381245a0d217efb5190543de6ec41b2505
|
|
| Gigabyte | GA-H110M-WW |
Affected:
b565acd86a3f4e294d606bf6c0e42eedc4b7361f4adf7c31ee4a806b54767cfb
|
|
| Gigabyte | GA-P110-D3 |
Affected:
c544cd0b03384834b08b784ec0339e2b91a129ee56e7f4881101a10af567e6a2
|
|
| Gigabyte | GA-H110M-DS2V DDR3 (rev. 1.0) |
Affected:
8b02d988ee00fe78039974032b856c56e741a4594744b4f6376cbe1df8271226
|
|
| Gigabyte | MZBSWAI (rev. 1.0) |
Affected:
41bbe9daa5808a1c5b9836a654d6c6d312ed7034c304f963af28d13eaad84340
|
|
| Gigabyte | GA-H110M-M.2 |
Affected:
18216a9c0fedbfa3a8c8cb3380845ff086beaec130296234d58d02d24fe051a2
|
|
| Gigabyte | GA-H110M-S2PT |
Affected:
210d858cd9ce7dbb1b76277fd580e1c71214d1f7ceff46788efda64e817fa95e
|
|
| Gigabyte | GA-H110M-S2V |
Affected:
c80df47ed107f7ea4eca4e15a55fce37f1578b985ed45131b8c67dce9ac2bdad
|
|
| Gigabyte | GA-H110MSTX-HD3 (rev. 1.0) |
Affected:
55099b8c517078f75299dc02afe1f09167bcd7760c0f46546cf4f8274b54c465
|
|
| Gigabyte | GA-H110TN (rev. 1.0) |
Affected:
f5fa2136e6ebb55d5aa3c0bcee64bcf4506a7854ca10fb5a43b8141ff4bf1275
|
|
| Gigabyte | GA-X150-PLUS WS (rev. 1.0) |
Affected:
0bd8853cb934be142b7edb2ef31a2031fb348a6ecea1db37e466dce25bf7fd6a
|
|
| Gigabyte | GA-J1800M-D2P |
Affected:
a08c05bf56e1c4e4d180d69266bbcb244e7e2f85259d86c05bfcf5593cfa33f9
|
|
| Gigabyte | GA-J1800M-D2P-IN (rev. 1.1) |
Affected:
98372c6dea313b0660ae2f1b1c80a8a5d7e93ce07010621392faca75818c0fe6
|
|
| Gigabyte | GA-J1800N-D2P (rev. 1.0) |
Affected:
af4026ab4defc142e75d57ae35e7ef4492fac8ab6c0cc55c6de47f3e21f5ac24
|
|
| Gigabyte | GA-J1800N-D2PH (rev. 1.1) |
Affected:
b2977acab6438edeb2af8a4e3d0c353fd89e9b2d47082b528c3c23fbddbdcbe3
|
|
| Gigabyte | GA-J1800N-H |
Affected:
464be29c2ee1a3f706063374be13365d0a296776aed73fd0c8506f1cdddb568a
|
|
| Gigabyte | GA-J1900M-D2P (rev. 1.1) |
Affected:
f89741fdf7f21d8670407a4b8038e75319d73486009e08a795632e94fa27df82
|
|
| Gigabyte | GA-J1900M-D3P |
Affected:
5641071fccfc0169979343e131d614caa71a2b334ffa45d1ee10817ccef73d8a
|
|
| Gigabyte | GA-J1900N-D2H |
Affected:
ed85051f384bd7694f0a86322c705f819cc18a0ced71d4e3c3946b37d4f3abe7
|
|
| Gigabyte | GA-6LASL (rev. 1.0) |
Affected:
2c0e4341f91bcedf78c301778d52492fa304380cdd15bdda725910cc6709e033
|
|
| Gigabyte | GA-6LISL (rev. 1.1) |
Affected:
9a8e636b33372a34e9719b8b20d2073bc56f549b64e5af83fe617187a51b97c1
|
|
| Gigabyte | GA-X99P-SLI |
Affected:
fa52c6150c49a84699bec9739b84f5a2c073f4f69b1bc84028f3b2cb15b2167f
|
|
| Gigabyte | G1.Sniper B7 |
Affected:
92311971e888a24238c48086febf47b2d0820856e514dd6308575291b6de4e48
|
|
| Gigabyte | G1.Sniper M7 (rev. 1.0) |
Affected:
6051ccb31aaab7240147a1fdf9b8f444c7ee4bde73ffb4baca63b02bc77dea81
|
|
| Gigabyte | G1.Sniper Z170 (rev. 1.0) |
Affected:
3df7b53ef2284dd2f3385aaa589f87f2e3fadc93d2755e28781452a273d999ec
|
|
| Gigabyte | GA-B150-HD3 (rev. 1.0) |
Affected:
878450f31de9dd84201895e81547ada2085ec94608d7fb6bdf84d73dc3b98538
|
|
| Gigabyte | GA-B150-HD3 DDR3 |
Affected:
d1d3adca998106090f4b2f08d6c50769e88e944ed640518d23f8865102c2ec0d
|
|
| Gigabyte | GA-B150-HD3P |
Affected:
4cec11820244f485baa7f61d50e60a514b0c5aedb87d1a26cd6b6fb153fdf9ef
|
|
| Gigabyte | GA-B150M-D2V |
Affected:
fdedaff9a18229027689f23bef37cd8424e248412137bbf710fb6163eac6ac43
|
|
| Gigabyte | GA-B150M-D2V DDR3 (rev. 1.0) |
Affected:
da480d23fe57a6003e41f8c88e2aacbade99186f0b62ba4561663b346e9f96e9
|
|
| Gigabyte | GA-B150M-D3H DDR3 |
Affected:
5fd1eb03f29343e1ba70dce50264a7143129fe60bde396f6e3715330623db8de
|
|
| Gigabyte | GA-B150M-D3V |
Affected:
f2da89fe72acf6892b139fd4f7a047c30eea75cf5c572da6f901511658ae1522
|
|
| Gigabyte | GA-B150M-DS3H (rev. 1.0) |
Affected:
b3148d78c2efd368e986a43b19e209f2ad4817e8a4ef41bb79c57ec7b9dc09f3
|
|
| Gigabyte | GA-B150M-DS3H DDR3 |
Affected:
086d80a421ed4cc907120e6c96117c3b69b9edaf2ef6951fde7d3dbe6ea4c878
|
|
| Gigabyte | GA-B150M-DS3P |
Affected:
e69ba3bdca3335f01b749abb84c702f6f926eab3e4d6ca70dd5ab84c3aee24a2
|
|
| Gigabyte | GA-B150M-Gaming (rev. 1.0) |
Affected:
639cd1a8d45af689d2fe1aea44b62d2110146b314f39be8a5d472e412842e61c
|
|
| Gigabyte | GA-B150M-HD3 |
Affected:
94a5124370c2d66b38a568b3d8be4a98dd8d2e25313b68506f7753c4d60be97e
|
|
| Gigabyte | GA-B150M-HD3 DDR3 |
Affected:
825b4bc9bf807631611cd33434d1455bca3d412b9a03463fdd1092c54d5ebbfd
|
|
| Gigabyte | GA-B150N Phoenix (rev. 1.0) |
Affected:
12886ede3cef3c93c4602ff26519a04c9143e903b103006ca3805c3df2744c8c
|
|
| Gigabyte | GA-B150N Phoenix-WIFI (rev. 1.0) |
Affected:
330f761ad2d43d72a4a09776d76bdffdfdd88d4ddf6002e0056e2826828372ab
|
|
| Gigabyte | GA-H110M-D3H (rev. 1.0) |
Affected:
fddafb4af375516cb2f72c9308852c88738a66d57af9deb08e9a10f1dc983499
|
|
| Gigabyte | GA-H110M-D3H R2 TPM (rev. 1.0) |
Affected:
4ecd2f653fab0c6dc0ed24c68a8f04c454cf8dea68b58d149e9d79758aac2c54
|
|
| Gigabyte | GA-H110M-DS2 DDR3 (rev. 1.0) |
Affected:
f71a5cfc0646d85af2847e6816752e81f3b4d2a3ea5fa94516aed9464eaa4024
|
|
| Gigabyte | GA-H110M-H DDR3 |
Affected:
a402dd098614ebc89fe70642661c52da9ed9ba0b21627cff4868defc97db0274
|
|
| Gigabyte | GA-H110M-HD3 DDR3 |
Affected:
2e24220caffd6ba7c7e1835f12740073a9e3a826a1ffb9bca210756c224eb99a
|
|
| Gigabyte | GA-H110M-S2 DDR3 |
Affected:
7802bf1fde1f8771ff7165acab0474471598a46df398d7db84adf911d2d37260
|
|
| Gigabyte | GA-H110M-S2HP (rev. 1.0) |
Affected:
4b0a77259b2af63a9704b094688237ff3c29fac1c011a373a0f2537a8a543d1a
|
|
| Gigabyte | GA-H110M-S2PH DDR3 |
Affected:
b73d5f184db4524883fae5f01e681f52371964740bd6fa957998ab4d65537732
|
|
| Gigabyte | GA-H110M-S2PV DDR3 |
Affected:
ebd6b43db01ccccaffc4a08182e03cf6633d5371aa69c82f7300141277fe7d7d
|
|
| Gigabyte | GA-H110M-S2V DDR3 (rev. 1.0) |
Affected:
756777ea660defef2629b8802bcbdd29b61020fa8ae8cb07045a7d5f991f3508
|
|
| Gigabyte | GA-H110TN-E |
Affected:
879f28f51c3b235744352f0808b6267258131f2594f3ff85a6938401e73eb9da
|
|
| Gigabyte | GA-H110TN-M |
Affected:
50f77912004b73bade539e1c3983a7ab78984b8590a64d3e030ade4352c49eb0
|
|
| Gigabyte | GA-H170-D3H (rev. 1.0) |
Affected:
e4a209b19361c13d7a18fa41d8a257a22f6c806bd62f04dd24cd77abd7d3134f
|
|
| Gigabyte | GA-H170-D3HP (rev. 1.0) |
Affected:
2e1be66c511bc8367a2b1ab41a3ca60cfe46648bcab2d5f1f5bdf5df14de1c05
|
|
| Gigabyte | GA-H170-Designare (rev. 1.0) |
Affected:
6ea3c21e1aadbadfc2e9ac0860d94eb87e6590ab37f98326e00b9615a13a6208
|
|
| Gigabyte | GA-H170-Gaming 3 |
Affected:
2cb69c081c6413077fd076d7230ff816931ae65bbead2f94f0b12d33e1861c9e
|
|
| Gigabyte | GA-H170-Gaming 3 DDR3 (rev. 1.0) |
Affected:
eacba20ef05b116d70c6344a54486bb7c23a131d7c897f5399b9a084a5bd5205
|
|
| Gigabyte | GA-H170-HD3 |
Affected:
38643b383b7d51cc53298693e108cc293779dc43f254b2e2b17f66a80f9e4175
|
|
| Gigabyte | GA-H170-HD3 DDR3 |
Affected:
b3cb86dfc649346ea7ed4c8ff117ca91b59435b9baa9bdd8e6f2bde1dc1b1124
|
|
| Gigabyte | GA-H170M-D3H |
Affected:
60a230b0a5722bfbb364b6d64ae3e1b1cccb6161bbd6f8cc034977f4d283b4f7
|
|
| Gigabyte | GA-H170M-D3H DDR3 |
Affected:
1c6801b8a7920939facfa379b6141016651601971156e426db947ca40b6f1708
|
|
| Gigabyte | GA-H170M-DS3H |
Affected:
b9ea15324d90a1b750cfcbf964321370a56b116b44a0cbee2035cf11ffcc0ef8
|
|
| Gigabyte | GA-H170M-HD3 DDR3 |
Affected:
78bff3425a6b42b846508850f03a040c22c43566947ac1d039b431fb80a31451
|
|
| Gigabyte | GA-H170N-WIFI |
Affected:
03299dee42886b0856629da99bce9cedee322b80bfbb89aa6943913d2da15e03
|
|
| Gigabyte | GA-Z170-D3H |
Affected:
523817566d04fde3f7fc0215b4c4758243319affa5c1819e4f041c290a36970f
|
|
| Gigabyte | GA-Z170-Gaming K3 (rev. 1.0) |
Affected:
db4668c191b9266a2afbf974c348885a9d10a3e1750d1e100418aaa896a5a103
|
|
| Gigabyte | GA-Z170-HD3 (rev. 1.0) |
Affected:
bf0aac3f13b0d68c6a255735eaed4000c7e5f09748818746b4a1038f0be34f78
|
|
| Gigabyte | GA-Z170-HD3 DDR3 (rev. 1.0) |
Affected:
bceea4f950f07347b40c579223456984c0515a2cc94c4cedbbea3c17e1c459eb
|
|
| Gigabyte | GA-Z170-HD3P |
Affected:
20607b0f670b297b45523730d2204e46603cb3c65f47e6cf8293b07b7b1178ec
|
|
| Gigabyte | GA-Z170M-D3H (rev. 1.0) |
Affected:
a34cb81eac53b0800c2c02d2984c0960c0d68a22707869befd4af3996be42e7c
|
|
| Gigabyte | GA-Z170M-D3H DDR3 (rev. 1.0) |
Affected:
fc0eb68179f1363c19896c7cc043021a57cd45a3492187829b329474c361722a
|
|
| Gigabyte | GA-Z170MX-Gaming 5 |
Affected:
b87e20d143fef2fc32233444070130834ce5dbbffe06409cb537e59c911f49cf
|
|
| Gigabyte | GA-Z170N-Gaming 5 (rev. 1.0) |
Affected:
209045f2bba172fb91679d4319cfe548c24921f1e28dd9f887e3a78bce515e7c
|
|
| Gigabyte | GA-Z170N-WIFI |
Affected:
d67b82421d81df8f3d64966609e3c963be6d0dbd87df531ba5f3ef0bd61e5353
|
|
| Gigabyte | GA-Z170X-Designare |
Affected:
c061fffcfd8d7e38afb97fb434afc78d39d22bf9b02884c7c1b04487cbb7dea7
|
|
| Gigabyte | GA-Z170X-Gaming 3 (rev. 1.0) |
Affected:
7b1cb9593c0c1890a7f1e922777c206012f2f1ded7b3339d66fa49efaca44c74
|
|
| Gigabyte | GA-Z170X-Gaming 5 (rev. 1.0) |
Affected:
438bf66c9433bfe1ba92452f5f7eb1d46cbdf9af9ab3c3d1d4354e902fb0f257
|
|
| Gigabyte | GA-Z170X-Gaming 6 |
Affected:
25917f5dcd5f5a4c2daaa9fc0cdf991b365e226856202b4e5e987d406e6af95b
|
|
| Gigabyte | GA-Z170X-Gaming 7 |
Affected:
75468e84df86d3133927f5c08028dfb6dce55168c99ec9fde08397f5ab0865ce
|
|
| Gigabyte | GA-Z170X-Gaming GT |
Affected:
2d40ec6b83d08a885cb576844e609105e15fdc4e48181dbc861e2bce0b657b59
|
|
| Gigabyte | GA-Z170X-SOC FORCE |
Affected:
5c25f790a4eb79b4ad3c4ceae05329c0878337257a6e31c276ff7aa5c18accc4
|
|
| Gigabyte | GA-Z170X-UD3 (rev. 1.0) |
Affected:
d6389e5f47ee85c43b2d9aebef2e0c8a9f06856fabb148496a8acf251cdb3c1c
|
|
| Gigabyte | GA-Z170X-UD3 Ultra (rev. 1.0) |
Affected:
a01bb5e701b3b847766d027e7b9bed8e7bb05403ca0160734bc73c93fb77b6fc
|
|
| Gigabyte | GA-Z170X-UD5 |
Affected:
260811f239a5a92f4a894f52c5b7218faa75c5765e3db17a4ee33530bbfc1295
|
|
| Gigabyte | GA-Z170X-UD5 TH (rev. 1.0) |
Affected:
ad921f429c443cd2a73ba3373fb6407a81b4b8d53b3fd5cbea07ca847ddc75c9
|
|
| Gigabyte | GA-Z170X-Ultra Gaming (rev. 1.0) |
Affected:
464643065d45eeb1c2566dcce90bd868313319547c91d46e3cea78126109d374
|
|
| Gigabyte | GA-Z170XP-SLI |
Affected:
32d8482434dfaae6405eca2bf724939194c8740da638c9e3e8b760489b2a1128
|
|
| Gigabyte | GB-BXBT-1900 |
Affected:
6b0b62e4ea23df186b7bbf0fff342ec107596e1fd249721eea75375982054535
|
|
| Gigabyte | GA-N3160N-D3V (rev. 1.0) |
Affected:
e03efb41e61ac04cb14a63c5ee5a71d3deeddb29426e38eab1c68946d60e26a7
|
|
| Gigabyte | J4005N D2P |
Affected:
bae6e219e1ed8e8164382c4f05db847386c5f2908fb2fa453066aed4531310b4
|
|
| Gigabyte | GB-BACE-3010 (rev. 1.0) |
Affected:
aecee44ca1c8bd43d65abeafcd5f0085e1165d42baa953808d566005189746a9
|
|
| Gigabyte | GA-N3050M-D3P (rev. 1.0) |
Affected:
2d4c55cc53de9adaaacd9e70527becc4de1cb0b39a605791601fefcd0156ced4
|
|
| Gigabyte | GA-N3050N-D2P (rev. 1.0) |
Affected:
c717a5d6b61b22bd458dbb497dc5abad9e30fedb668810e558a46f994a656435
|
|
| Gigabyte | GA-N3050N-D3H (rev. 1.0) |
Affected:
63cd7d4698c89b720c73125900f4cba4b8b1c2b962064280a93dc9ce2a0e9549
|
|
| Gigabyte | GA-N3150M-D3P |
Affected:
1c4cf96a2ce5bae121b0594c2b41664510cffcdfc4001072f2275964c20fe12e
|
|
| Gigabyte | GA-N3150N-D2H (rev. 1.0) |
Affected:
4685e5a58d4cf84102460110a5fad72931b1b46eb9f71650811832f80580bc0c
|
|
| Gigabyte | GA-N3150N-D3V (rev. 1.0) |
Affected:
b0474259effceedf7aedde543afa096fdcca74d9865eac223b6a91b4ed922310
|
|
| Gigabyte | GA-N3160TN (rev. 1.0) |
Affected:
5f53230a65454b8805179f246ac3c8b36bd274ae0051d900cd04890e7b765555
|
|
| Gigabyte | GA-B150M-D3V DDR3 |
Affected:
8ba0474e2bdeb945adf9a819854cde336f3cca848e1ac41e381aaf03d397c7d0
|
|
| Gigabyte | GA-X150-PRO ECC |
Affected:
c6ed04464891a4cdc3a25ba34d3cd44599bd118ed953c68c8b63f11be2dc83d3
|
|
| Gigabyte | GA-X150M-PRO ECC (rev. 1.0) |
Affected:
764d56cd4e5b88fa97313d5eef173bb426aa27aef5d81794eaf5b9c1fdf38375
|
|
| Gigabyte | GA-X170-EXTREME ECC |
Affected:
35f6ab275afa77bb30a5672f32b196d8c76208e48500d7f381e05f8f12e400e6
|
|
| Gigabyte | GA-H170TN |
Affected:
bbb58a67574c989b095f38c9fe031cadd5a709235d6e0bfc9a206f98fd5318f0
|
|
| Gigabyte | GA-9SISL (rev. 1.2) |
Affected:
493437a68a7a7b46b645d46660e17c3b6599eee86cd06f592683e56963cf9a8c
|
|
| Gigabyte | GA-B75M-S (rev. 1.0) |
Affected:
554e7be483afb47c81760179da5199ebe2f59a97b7146e50ed42f35728df9c5f
|
|
| Gigabyte | GA-Z68MX-UD2H-B3 |
Affected:
5bbd2f88bf68b66e974356e0e49f63b83fdeea8d148da445e24073d8012c0c3a
|
|
| Gigabyte | GA-Z68X-UD3P-B3 |
Affected:
b7981e34bc8994973c48a18ac01d6b075f092de47d35fc62fffdc503ecf081ed
|
|
| Gigabyte | EL-30 (rev. 1.0) |
Affected:
485b963baebaf9e0d0d3f0438da8fc3a5e74cac6fc7781e732df5ad0a3be3eec
|
|
| Gigabyte | GA-H61M-S2PV (rev. 2.3) |
Affected:
9e2baeb611484b3c3460fbabe2b48ad91111e9a0cd7d1f189ab2d0438a69b3dd
|
|
| Gigabyte | GB-BXi7-4770R (rev. 1.0) |
Affected:
73f5c64009c9b8ce26c13399584a65b73b3b5201475b04dd9621f5433ef959da
|
|
| Gigabyte | R130-134 |
Affected:
923e61ed9ecf1c37848cbe56822ce753f455fddf25c1eca816f3ac04aa46daa4
|
|
| Gigabyte | R270-D70 |
Affected:
d5844b2dc05f8374705493e1d67700d0421f63c27ea10070c60f1871dcf540c6
|
|
| Gigabyte | P15F R5 |
Affected:
e112ae0d90739fa839e6e29687412b5669a2f23bbe2b418d96b65ead135ec349
|
|
| Gigabyte | EL-20-3060-32G (rev. 1.0) |
Affected:
8e0251d4518373ebab7aa1dc037d732b5c04e92306e16a8e8ca1479df0a9ae88
|
|
| Gigabyte | MP30-AR1 (rev. 1.1) |
Affected:
586ca26deb275734620c0b80c8d16dd86538bff6116f5d7db1fc10230d775eb0
|
|
| Gigabyte | GB-KMA1 (rev. 1.0) |
Affected:
5b5b834775e9fa3cb50db4d25d9df7849cf0f13011a209fc53c51245aa963856
|
|
| Gigabyte | GA-6LXGH (rev. 1.0) |
Affected:
984e1178ed45439578fc0b3cc2787cc8f972987c087fc5b4762ef5f421cf5782
|
|
| Gigabyte | GA-6LXGL (rev. 1.0) |
Affected:
240c0e6220a07f27d4debd867f2a1774a50be1b37c3f53a2dab272a71280af4e
|
|
| Gigabyte | GB-BXi3-4010 (rev. 1.0) |
Affected:
10cef05010197e635c330548e99ad98827223f0c8eada8a6e5a95ac7dc2880fa
|
|
| Gigabyte | GA-Z68X-UD3H-B3 |
Affected:
9387c8f1b5d856bdf0ce43c88413c22f98214768708183bc610381363dd269d8
|
|
| Gigabyte | GB-BXBT-3825 (rev. 1.0) |
Affected:
6775386a28b32b93d1853880a8ccf1b916a3bedaf7ba4d34f2a64904de792417
|
|
| Gigabyte | GA-X99M-Gaming 5 (rev. 1.1) |
Affected:
d11d8f85507e54952adcfbb82d5d58ecfeec7674b756ba62c8e1316d9a1500de
|
|
| Gigabyte | G210-H4G (rev. 100) |
Affected:
dd75c90a2a81a34fee2c17a6e72b8ec2c93120fbd98c437c4648ac5fd78b6af1
|
|
| Gigabyte | MSQ77DI (rev. 1.1) |
Affected:
030615cdc1d2e52fe185f8fa8e6e1c1028beca283a6be9215482a39df1418622
|
|
| Gigabyte | GB-KMA3 (rev. 1.0) |
Affected:
dcac97ed60b61b1991fc9f499fb3bf0e8594d49d102e76a988ea8933d099d396
|
|
| Gigabyte | M9M3XAI (rev. 1.0) |
Affected:
1d3295cec309f0649ecec6952824abfad776ecc1f46199a080932b5e99ac206b
|
|
| Gigabyte | GB-BXCE-3205 |
Affected:
a080c1d64fb844389bad75a733e3b4c5483b07623276b114575d5cba32170869
|
|
| Gigabyte | GB-BXi7-5500 |
Affected:
14dca67fdba7b20c48d3c16446db2a648c79e5f94712afba6e720ecf04ba5223
|
|
| Gigabyte | GA-B85TN |
Affected:
2d817d05c86c92a00f00e286c6c26cc52e6a50019970a71d98aa07c53d9690c8
|
|
| Gigabyte | GA-H81TN |
Affected:
5ebbac1eb55e763bd4efa47f6232ecbcc62d73645c3291e00a3d5cd880898ebb
|
|
| Gigabyte | GA-H87TN (rev. 1.0) |
Affected:
e555305c3219cca7d7b8d5a667ae2ef454aca7eb84341f07e1fa8288cdb38359
|
|
| Gigabyte | GA-Q87TN (rev. 1.0) |
Affected:
5f237b90cd70e0f63c0414262a0af2fbf8456ea78252750ccc6ef7fe59cb8774
|
|
| Gigabyte | GB-BXi3-5010 (rev. 1.0) |
Affected:
bc4bcea45075ba867a4aadd97494ddcbbe693b23131bb52703d3c42b41340719
|
|
| Gigabyte | GB-BXi5-5200 |
Affected:
39b90d14141556595814f43afeb015cc34e75acc31d23b0c505ba00d1c4a6a7c
|
|
| Gigabyte | MATMH81 (rev. 1.0) |
Affected:
dea93336a790f6ce8a80f451d1dc454eaf29b034a38a802140937b3166c4d450
|
|
| Gigabyte | MZJ19AI (rev. 1.0) |
Affected:
51ebb3341dae5033164b3b45470115f49f327e5dae5ab111df2a59bc04afad8f
|
|
| Gigabyte | GA-H97TN (rev. 1.0) |
Affected:
882fa77c019e12dc61165308318657941c1b15c1259213e78aa035017fd50445
|
|
| Gigabyte | U21M |
Affected:
6fb97ce4f81eb4d83364b9377cf654a6f0e8d9271bd8e1e9f45f78b07f838172
|
|
| Gigabyte | GB-BXPi3-4010 (rev. 1.0) |
Affected:
8a4342c4bacccf07bdaf52b9cfadc8789c37092ccc0c414e1848e4d0317d01b4
|
|
| Gigabyte | GB-SIOPS-J1900 (rev. 1.0) |
Affected:
ddff03dbd491004d20587de561e976bc8b5b5366723b51d3f59dfd1892b9dc25
|
|
| Gigabyte | GB-TCV2A (rev. 1.0) |
Affected:
70c80b940abbafb0d631870322b5f7c8e306a2063097493ab471f0ba8ddd228b
|
|
| Gigabyte | MQHUDVI (rev. 1.0) |
Affected:
092c46188af77b69b4c19e349712a23244ec7cdc885c2e0150a8209c1693c95a
|
|
| Gigabyte | GB-SIOPS-4550U (rev. 1.0) |
Affected:
d3d7862eb46bcec3f0eecb5ec94caa94456def40792a125cb9b7912625be5973
|
|
| Gigabyte | GB-BXCE-2955 (rev. 1.0) |
Affected:
161c97b5c0ce6cc90a70034d8de30b18d07c43e50d5566c1802dadc967cb05eb
|
|
| Gigabyte | GB-BXi5-4200 (rev. 1.0) |
Affected:
05001b41f2adc9d6c008f12f9d1d9669225a2366c9a05f6bd19d420cd5b13fc3
|
|
| Gigabyte | GB-BXi7-4500 (rev. 1.0) |
Affected:
6f6b51ad77bb7963ec455923fa731323ceb72af167a0a40b8c2b91696301bae1
|
|
| Gigabyte | GA-H61M-S1 |
Affected:
19e2a33d2a28a825fb89e7dfda9609776110876b204c5ff760edf716cc7c390b
|
|
| Gigabyte | GB-BXi5G-760 (rev. 1.0) |
Affected:
faa729af295c234dfcfc5ac4ab91c8c255c1b054c612b9cbda1fce33f88b4d51
|
|
| Gigabyte | GB-BXi5G3-760 (rev. 1.0) |
Affected:
718662066149651d1b7506c7582df2252c555428481b1821829b4db25e2a836e
|
|
| Gigabyte | GB-BXi7G3-760 |
Affected:
7452bdc99e762f3b54571e03c1b6ab0873529b798275149fe0a8bc057929f8c8
|
|
| Gigabyte | GA-6LXSL (rev. 1.0) |
Affected:
3448017b88b33e3949d6c18876be32e506d827f65de6c425ebf82f33a2c3f502
|
|
| Gigabyte | GA-6LXSG (rev. 1.0) |
Affected:
eb08694cb68b19cc7bd0bc323a46e8ce6de5036078a61dc8827ee480269c88eb
|
|
| Gigabyte | GA-6LASH (rev. 1.0) |
Affected:
d7f1a6c78df7317f866866e74e881d91485ef816e492fdf2a6fa02b940629494
|
|
| Gigabyte | GA-Z77X-UP5 TH (rev. 1.0) |
Affected:
f0e7e5b4689bf7e81db1b56185b2a1186d31a50f1cfd1c9863a0746f490ebf3f
|
|
| Gigabyte | GA-6LXSV (rev. 1.2) |
Affected:
cc9b6fc8540a6abe60b8966ae6c4217180cabbb3471d12f93e3c81dc206c8bd4
|
|
| Gigabyte | MSH87FI (rev. 1.0) |
Affected:
c19f30c4c9a444922cb61cf136cd48d9674d2134b98e618f6e7ab9654eb7a7ef
|
|
| Gigabyte | GA-B75M-D3V |
Affected:
ac8e4d6a033b6a2d130404eb06e193b248a76308d4a82eeb5736d4f251af6826
|
|
| Gigabyte | MSH61DI (rev. 1.2) |
Affected:
ccb5cecbe797ba2e130f297ec86bfbdc629ebaf919065e50d3f8911cc05b3a1d
|
|
| Gigabyte | GB-XM12-3227 (rev. 1.0) |
Affected:
c67607819bad2d7abfd1d47eebad947f9920352c33b96db61f9f25c05bddc7c5
|
|
| Gigabyte | GA-H77M-D3H (rev. 1.0) |
Affected:
f5502f7f96b9ca121d3b52a1a804c877839e76e3dbb45beda100bea672067d26
|
|
| Gigabyte | GA-F2A85XM-D3H |
Affected:
104c3173aff7cbf07c72956516cdc7c34e6169604293aec90e86bcc4384a799a
|
|
| Gigabyte | GA-H77-D3H |
Affected:
d4c6ce9d730179b7a5cab37a8744a2ca588c9a2a8b8462b62d2c96757adaee61
|
|
| Gigabyte | GA-H77-D3H-MVP (rev. 1.0) |
Affected:
1ca64768668cac95b2c49594df5412492fd3e84a5ec279f5e5782d9d08d641e8
|
|
| Gigabyte | GA-Z77-D3H |
Affected:
0d28128151819a06848aeb241f3dc4737d3a9b3918b739f8c512085af375b368
|
|
| Gigabyte | GA-Z77MX-D3H |
Affected:
32b1eee6b2e1553ceb902d17d0ecf5534034685dc8c2863f9ec99d2dc587bb72
|
|
| Gigabyte | GA-Z77MX-D3H TH (rev. 1.0) |
Affected:
26778248ce3156bc2d3e70461f079d1292435aeca9ea2c6ef0e536c979845164
|
|
| Gigabyte | GA-Z77X-D3H (rev. 1.0) |
Affected:
b51371864d4322ca5c584cded0f6bbad11dd01cf498b841b270ede1f03497137
|
|
| Gigabyte | GA-Z77X-UD3H |
Affected:
c27a0ca23c6d3ee9eea18c0e700f33f13c568dc209341b8ab4b64148a235c70b
|
|
| Gigabyte | GA-Z77X-UD3H (rev. 1.0) |
Affected:
023f4c9928786909d9fcb2143edcb1ce9a20d1b15cf281559996f21617503f91
|
|
| Gigabyte | GA-Z77M-D3H |
Affected:
eeef50c6dbb27c9ae8bbca0e2be73384ba60469957414bc2943892ef28836b4f
|
|
| Gigabyte | GA-Z77M-D3H-MVP (rev. 1.0) |
Affected:
3c50ff8443f151a8022b4934dc0e87cd74d500719b586c82bce2184bac3ec2d3
|
|
| Gigabyte | GA-B75M-D2V (rev. 1.0) |
Affected:
cac095d827e58ed8992e3eb2bc4285823c8378247de15d7ddc3f97c79d275f8d
|
|
| Gigabyte | GA-B75M-HD3 (rev. 1.0) |
Affected:
c3d754d426defee4e705ab9b72862764a22a64f316a1f8a2563a72cae308c31f
|
|
| Gigabyte | GA-B75N (rev. 1.0) |
Affected:
4a901cc6ab10bd1546d8453bd1bcf75379880ee549329c03ecfd4b445b52de99
|
|
| Gigabyte | GA-H77-DS3H (rev. 1.0) |
Affected:
58d19c2ca76b765809a99f0eb2227291f4f51860723d303f9ef0cb20d4d19dcc
|
|
| Gigabyte | GA-Z77-DS3H (rev. 1.0) |
Affected:
98d605b3578ac3b7518f151c24c937455b204441ba806ea244f22e54c03af2be
|
|
| Gigabyte | GA-B75-D3V (rev. 1.0) |
Affected:
8222535124cf1bf77c3af3e6ce3b3a942390794440b01f8d2fd44b4e416b049b
|
|
| Gigabyte | GA-B75M-D3H (rev. 1.0) |
Affected:
33793d37f2415d724c58c993c2ad6cc67d661253b929165f6f0ab0c88c8325c4
|
|
| Gigabyte | GA-B75M-D3V (rev. 1.0) |
Affected:
235c6f47146d2bf5dd20ff3971421489c69517be3b467ec1a2b6f7dc0f2d8a94
|
|
| Gigabyte | GA-P75-D3 (rev. 1.0) |
Affected:
1859a1e462fbb1db039e99f7cfea16e6da59188ad37b313181211ab2c3d70150
|
|
| Gigabyte | GA-P75-D3P |
Affected:
901658f7361b4d15145d07de99b9d921d7293699a15479f086f4d1a00fedf089
|
|
| Gigabyte | GA-F2A55M-DS2 (rev. 1.0) |
Affected:
4be0b29ff5fd55d855e5529912b92acea24740eb7fa0250ba01a44824c4685b3
|
|
| Gigabyte | GA-E350N WIN8 (rev. 1.0) |
Affected:
4fd09df247091f6c6ead14d012325d14055ab38095f5c4d8c258352f48c2052f
|
|
| Gigabyte | GA-H77N-WIFI |
Affected:
7e95d1a64976573e5ed1c8c3466e24037d33fcfbbd9f02d1ae69643fdaa44d7f
|
|
| Gigabyte | GA-6UASV3 (rev. 1.0) |
Affected:
00d23573a79d5737cfc6a1094b12e22c8a8601618934193dba2242f0246af559
|
|
| Gigabyte | GA-H61TN (rev. 1.1) |
Affected:
f19c7fe7e25a9a41b4065791fa390b8d79ceee0cc7fafae702a92a6ec0e86696
|
|
| Gigabyte | GA-B75TN |
Affected:
506f5abb01dade2137a4b8d3ea42d1127f24f59f96339e77c59883571ae63443
|
|
| Gigabyte | GA-H77TN |
Affected:
1ffb3921b21ffdb876b2cbc7b6ff939fb5168efdf5ceed571d2d220e195fb150
|
|
| Gigabyte | GA-Z77N-WIFI |
Affected:
25c38be153f85659377f63b4968f5425bf7e8d6c99fb695eeaaed973939bd943
|
|
| Gigabyte | G1.Sniper M3 |
Affected:
bcd286446cd358474b492a2c9a4d49eab652aeda52c0e69ef94b1cd12b7579b5
|
|
| Gigabyte | GA-H61M-S2P-R3 (rev. 3.0) |
Affected:
0e26169fbddeb0ca9b8283dba44d571b554487b5dd9348caf84fe9d7a6a20dcc
|
|
| Gigabyte | GA-Z68X-UD3-B3 |
Affected:
c0adc82a52cbe367efed31279d6e1ea3ab98311db49a68ae149e4af9a70ab67a
|
|
| Gigabyte | GA-P67-DS3-B3 |
Affected:
ff5f5836457aa7fd0f02d037d0dc23b5c5a49fef8f7360268d7276e577060256
|
|
| Gigabyte | GA-P67X-UD3-B3 |
Affected:
b8fb25742a7753c0f7ebac50e9e3d6186ea123dcd0e33eb0a64abc111eaa7728
|
|
| Gigabyte | GA-P67X-UD3R-B3 (rev. 1.0) |
Affected:
435e0ba0715afef2a466835c19105c6480a35f921af59b863f2c29ed2d1de0e6
|
|
| Gigabyte | GA-Z68MA-D2H-B3 (rev. 1.0) |
Affected:
e8d1572bf6bb0b658f618c735322e6c1aa20d01b79c9100e3d177b6c27ced480
|
|
| Gigabyte | GA-P67A-D3-B3 |
Affected:
d36182899b2c912ba34f51b50bbf228e1ec367b0fc009d20d34e4f011f4e9fc1
|
|
| Gigabyte | GA-P67A-UD3-B3 (rev. 1.x) |
Affected:
c46c76138b4cf0a3407c3fe2844c11fdd5c0c2c4d335ab58aa0b0617a6f13f33
|
|
| Gigabyte | GA-Z68X-UD3R-B3 |
Affected:
50d3dc2e80333527177e5f5e1dbc06357ecaae3fa2dd1d51272a906ade3cd7e1
|
|
| Gigabyte | GA-Z68X-UD4-B3 (rev. 1.0) |
Affected:
beedbc9f64d20973229b584d965bcaf2f8fdc4a88c4bc202eb5e9f5565c85fa4
|
|
| Gigabyte | GA-Z68XP-UD3-iSSD (rev. 1.0) |
Affected:
f615668a861c9d430afe7b40f42f352881132d193d16426951563997fbdc81da
|
|
| Gigabyte | GA-Z68XP-UD3P (rev. 1.0) |
Affected:
1d3552918dfc84151da3dabc0687a4513f1dea9d6879d53a8b8646398fc462e5
|
|
| Gigabyte | GA-Z68XP-UD3R (rev. 1.0) |
Affected:
e4f33b57947d45b3e43bdd7bafd68d2f4c799fdf0b72a8a2ca61319ab760ae67
|
|
| Gigabyte | GA-Z68P-DS3 (rev. 2.0) |
Affected:
5823dc1fbc95d092e02519c069c4fd111783428757b969fd8b9dbac1009fe91e
|
|
| Gigabyte | GA-Z68XP-D3 (rev. 1.0) |
Affected:
384d9e1e3cad82b7841f33115dbfdf38589420716c8c0aa5a190971a44aa39e9
|
|
| Gigabyte | GA-Z68A-D3-B3 (rev. 1.0) |
Affected:
2065b895916edbec17057603ba98779b4bd10cbfc3477a87c767a36fb027b76a
|
|
| Gigabyte | GA-Z68A-D3H-B3 (rev. 1.0) |
Affected:
d6c9d4c8caf3307da9b1d6543e00682a3cddf1dc06c41f0f973355cb9c8554bc
|
|
| Gigabyte | GA-Z68AP-D3 |
Affected:
7013aca3c062f040cf9d0448f7e2892101b30e5956915c8dc3a53c3c2aacd13d
|
|
| Gigabyte | GA-Z68M-D2H |
Affected:
d6d451499ebe6d8dd621f1c2ebb00b87dd01f7870b791e682b66d5f33eb01d8b
|
|
| Gigabyte | GA-Z68XP-UD3 |
Affected:
c676efd7e6c8bf4a7d3da8aa51b2b564d77c67f6d2be68b25232326166e0c20b
|
|
| Gigabyte | GA-Z68XP-UD4 (rev. 1.0) |
Affected:
4ae3a48e1a715461671107f9e8e790cfd1c4ee4d2b8ddaa50b140d67622b920f
|
|
| Gigabyte | GA-C1007UN (rev. 1.0) |
Affected:
7b2aaaa9f92c0e6fa23a59bdda27d5cb26e8fdece26bc756893490d3ee657a4b
|
|
| Gigabyte | GA-C1007UN-D (rev. 1.0) |
Affected:
fcf7c3d07e1bf9f1347e48dd3ac6e45fc9492648985a06394ab6568a7a71e262
|
|
| Gigabyte | GA-H77M-HD3 |
Affected:
e3b619d396378c2e6bc2f550cf1c55cd17e7091fa4ab90761f32582eba28884d
|
|
| Gigabyte | G1.Sniper 3 (rev. 1.0) |
Affected:
cfa61511dad005aeb4ab01678f87169c7d509d59042b2fd33e8b58bdb34febe6
|
|
| Gigabyte | GA-6UASL3 (rev. 1.x/2.x) |
Affected:
7196b64c2f89763d2ea7f0f106d06352ae2c0e17a83fed2d10548e1aefa39245
|
|
| Gigabyte | GA-Z77X-UD4H |
Affected:
3ff3a0cad413c0b862ba515d60cac0e98e373e199f0d92c79a77ebe6fa6a2247
|
|
| Gigabyte | GA-Q77M-D2H (rev. 1.0) |
Affected:
43216a565586f1c49090c7982e6f3c1e41b179e430d7ac0c47c8ad07308a5bc3
|
|
| Gigabyte | GA-Z77-HD4 |
Affected:
f6cd8446d78da9720f06cd360a48e9b6bdae33e342e18cb05420adb78fe05858
|
|
| Gigabyte | GA-Z77-HD3 |
Affected:
c1209a2eb0b5eb9324e1a8ce11c77ca141023b94b988bd1df4db390dda4c275a
|
|
| Gigabyte | GA-Z77P-D3 |
Affected:
00fa676c6d12df8a48049f39b87e3343769356e880d2abcaf04ab1b679c450f9
|
|
| Gigabyte | GA-Z77X-UP4 TH (rev. 1.0) |
Affected:
c5310894b9a2bb510f37c49852d743d64343a698436ca22d9b7a44bcf20e447a
|
|
| Gigabyte | Q1742F |
Affected:
350cc51e5e7fa472e95460eed374eb1f9a43ea4e615e2654c26a9da4d83bf529
|
|
| Gigabyte | GA-6UASL1 (rev. 1.0) |
Affected:
f86f7ad9ffbc7437bba6bcf99d08b8de38f945bedff00c2d35362387077eabea
|
|
| Gigabyte | Q2542N |
Affected:
3d6faf2792722d1b9fbff087e4d85ddd2a4f9922a7848ed4db99284687df3b23
|
|
| HP | hp-proone-400-g1-19.5-inch-non-touch-all-in-one-pc |
Affected:
642290f1b37e616b64b3c6b60921e24ddad599a38e67cd46a281b24c1ab62bb3
|
|
| HP | hp-rp5-retail-system-model-5810 |
Affected:
2a090cfc69ebd88dbe2e2e9c52a7f3a75b8b150478e30a752c5c0f09129f3bc9
|
|
| HP | hp-z1-all-in-one-g2-workstation |
Affected:
d0a54ae69192d2d0289b2c9ae33a6ffd0a0db78189b41b032e18a3452c878eab
|
|
| HP | hp-z228-microtower-workstation |
Affected:
5174331d57cf3392012b00a6de381ee7a873f7fbd217bfa3e744b7dd6136807b
|
|
| HP | hp-z820-workstation |
Affected:
b02cdd16e398c2f31e9641d27d99865c404357136f857a1e2dcf2f7479b9457d
|
|
| HP | hp-z420-workstation |
Affected:
05e89382e73afb280f637acbfa1029e9107dd30c78df37b6a00f184657f5f2c3
|
|
| HP | hp-z1-all-in-one-workstation |
Affected:
b6fd5cd3364bdfa459f040c1693b879bbcf508513124bb95b5f36743efd8e73c
|
|
| HP | hp-z220-convertible-minitower-workstation |
Affected:
cc5a9c2d4827e9b1501c2dc0a464f580d4a2d65e4ff83dbab548e51839339d06
|
|
| HP | hp-prodesk-400-g1-microtower-pc |
Affected:
289f0fa72150a52f2b71bc6bf23f343ad9c1c412aa5977e89ffde7474562cb18
|
|
| HP | hp-prodesk-600-g1-desktop-mini-pc |
Affected:
a80a5c395fd3b28b0130d4579dd3e462f9e38bccb2a42cc5245cedd70b27ff0e
|
|
| HP | hp-compaq-elite-8380-convertible-minitower-pc |
Affected:
455164a23e14f8cc9567b458dfb85106294f149f0e446d2d8b4036551f894cf5
|
|
| HP | hp-elitedesk-705-g1-desktop-mini-pc |
Affected:
1650cfd06bb698ad3cecd9e0c38b0de04d29f9c397492ba70b985b033e2458da
|
|
| HP | hp-compaq-pro-6305-microtower-pc |
Affected:
44988d41019bf5c7989b71e966b97752f60c835ba2300c7d55323eded97c21e6
|
|
| HP | hp-elitedesk-800-g1-tower-pc |
Affected:
659078fcdff1dead57cd05eafa0af4de667b52e981d1b907f0d963b41902dc7a
|
|
| Lenovo | lenovo-10w-type-82st-82su |
Affected:
69dae6e64125b37fa0ee09f5cd9bf3581b3244e99d9b4651395834f9eef021af
|
|
| Lenovo | thinkcentre-edge-62z |
Affected:
b04cc879ac09941e714a8ccce371111bcbbc8d7b1dd1ecdc823de09fd2dad7b3
|
|
| Lenovo | thinkcentre-m72z |
Affected:
4438137139edb1e04de7e265e94444e1c87316b0821178285d87763f00bcc5df
|
|
| Lenovo | thinkcentre-edge-92z |
Affected:
e37c7b66aef1c9702b08f3d08a41edf3e4617fc94a17f318297506868e1d254e
|
|
| Lenovo | thinkcentre-m62z |
Affected:
76c5461e86a33095c4191aa02ccba85cdad5f24ac9c816fb8ab6f408cf32dcdf
|
|
| Lenovo | lenovo-62-desktop |
Affected:
73a8fdf89ed1a2d0af45142f4b4498545ce4182ca704ad2b292490263480b1fd
|
|
| Lenovo | aio-510-22asr |
Affected:
47affcc25ded66333920985902473398438b49dac28be82542062ddabffec3c8
|
|
| Lenovo | aio-300-22isu |
Affected:
a6b6a2940a5f4c98e2f531624707fd8ab7dc61f4b3d3de0457fe00ba3cc5c135
|
|
| Lenovo | lenovo-c460-all-in-one |
Affected:
1235ca01cc48484db1157b312ec1632c45be511cfbff28d25404df0a3df47148
|
|
| Lenovo | lenovo-c365-all-in-one |
Affected:
7cf94927f6826886883baf229f3cc2f2545588a564ddb7583f2b52853aeb5b21
|
|
| Lenovo | lenovo-erazer-x700-desktop |
Affected:
8dbcebb69c00242f0a346c34776171061d606262f412e92f84be99301d413c21
|
|
| Lenovo | lenovo-h520e-desktop |
Affected:
0ee94a5c0d4b93a2a1618d144bb0a505865a5d308c484c80fcf26fe31f23617a
|
|
| Supermicro | Multiple |
Affected:
https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024
|
|
| Fujitsu | Multiple |
Affected:
https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf
|
|
| Intel | Multiple |
Affected:
https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-30T16:02:49.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/455367"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-8105",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T20:18:46.069299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T20:21:06.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vz2694g",
"vendor": "Acer",
"versions": [
{
"lessThan": "0",
"status": "affected",
"version": "d61d0e09d008bfb29bc32532b1b94fcc4ee2af5e8372c6d38722a4e73ecc71d6",
"versionType": "sha256sum"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire s 27",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "2bd2bfaf79a72eaca45e544e5c6a5bb842b292bdc229b8975b3101a4013e0d5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire s32-1856",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "29837e239487cc83818a7f40f9280d9692a50376487899edd603494b0f30e4c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire xc-1710",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "cdaa406bda1a58fbe9933622dec218a26f79871d42f0d3576fbf878e51a16201"
}
]
},
{
"defaultStatus": "unaffected",
"product": "c24-1655",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "399f68dc94a6c42030efcd57fd034ff721f860b7b5d447779e7a6a6c99aba34f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire c22-1600",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "d938d08543d35d4249a51057c1d9c62bb1f6440af19913c5feffcea47dd3de95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "c24-962",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "3d525f96f63995c51ab1bcd2c50ebb71661ffeca9f78f97cc97e851d0e2bbbdd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "altos r680 f4",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "a2679a9595a104d70bddc024dbc4f65f0dc9d906f30a0d1ae6b996b14246a6c2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "altos r680s f4",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "e5fdaabf11b236c5c7b040d674936e84db746a180ab9999317e16dcb77aeeba4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iAPLx-DE(TAA30 TEST)",
"vendor": "Aopen",
"versions": [
{
"status": "affected",
"version": "94c6f84946db100b505af8a308f69ef6cddc2e310b50641a6e2e63bc9aed54e0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iKBLMUx-DER(Volta Charging)",
"vendor": "Aopen",
"versions": [
{
"status": "affected",
"version": "fcd339e12730f057e41ad41228f9612d4954f2d0dbcfeef37e14dcdaf2866e05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3510-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7fbfd8b03d178e074572dff764f28af98c87c7556ce3837ccb8dfe993efa1940"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x17-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "65f5939878deede2e1b24a6412ba025b78f45b1562e9d365d97e1c76a32a1832"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m17-r4-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f75b595b9ce5e1e25a5d64e54edffdf696251b4f4e860c0d3a03a183631f090e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x14-r1-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "620848eeadb74a572d6400672aecca35f46dfdc7b5152bb028fbcbf74ea7bccd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r15-amd-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "6348442334e85e8374884ea848685771053a7cf274ccb77559c710b5a00f61e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m17-r3-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "413a04c12bde19f1f97d9d334ed57197f0405f9f10ab7154d2b71e5471577c97"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-area51m-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "253743e7a39d0b709122c5329799f4c4608536eeb632218e7f0cbe1f6e8b5db8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x15-r1-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "4fc54067f263791aed2fa4b57b226ea15c4eb0f55b3797e002bb62aa936bdd8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3521-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e2242e4aa3a284fcbbcf2f38a10bec24408f1eff74bb307e699ea46f483359f2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r11-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "8f79d9de33f5f131226a78ccb10bb16218a5be51b2105cc32e38ceb0c8c30e9a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3502-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "62c02a9b5a4d4328ac41c3e3aa7757e64e6c5cd52b9e047333ad18e60d17fcb6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r13-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "dc5912033c5ca14475f2d59ca47f25c8840f362f0c8553d13bb06a8e47c42abf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "xps-8950-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "6982be0bd8e1aed1251fe5300eec2b515b7cab70e761cfb72074f5d658d092d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r15-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7e310dca802db0f7a22d39bb2d7d5b79c7e9df8e5698f0e691942ec334ce5794"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r14-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "26a447a94e96fa8d9c590888cae490750c32d5af95faece3595f21efc41c1f2c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r16-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "06a9dffc8fb3edafd1b6377cf38879860a0ae3c87f97258e09d189d291f64ead"
}
]
},
{
"defaultStatus": "unaffected",
"product": "xps-8960-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "0dcd7494f4926fb04b56e9713f0b62eff3a345b626fa2adaf47636bf0bb4c3eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m15-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "69da86e9cf24c49496529f3041604a6bb1c0c0ab86c192239d31d3a9b92467cd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-17-3782-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "602a23f43b11817ad5439579969753866a54b836f34dfe19342e5188cf088d85"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-15-r4",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "608e410d1c0475dac58b1e8f36b477aa8d9e9f28d30ec89d44b550e36bbbaf47"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-5680-gaming-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f1075841f54237735c1135ebf92baeab9c0c3f8b051229f898520f5b0f265353"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "d4ed519bd5e5ba2f027d00635494d485f19f3080d8baf6d711b190323294e216"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "cb25317443d65ba126174c8b7547c7d2f6c0288f859e2063436eb7b350d9bf62"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3472-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "02877ae1ee43c787fa980d6e897e14546ac193100395bbcc6bc26fdf3077e860"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-r3",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "003130dabf11c8b5df286d9584b3174faa9529cd6149513d13c7ce85d63d97b0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13-r2",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e6819bd24e063807336994f36e1b7cafbbec46c2679a365dde1b54b720a049e4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-24-5460-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "d54e560849c716d0ded4b25d9aacc746f77174cc6d3eeb3a50424eaf337c92aa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-20-3059-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "4b4fd4cc68e48cfbacaf1279ff42ce6e9d37aa7706efffb2a0bb84fbda2aabd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-5459-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2c6a0bd7b3a91b9e1b309bde7d405812a42abe40001ce661252d81e7cd009650"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-22-3263-desktop-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "13deddbbdccb6e5411317e96bdb045e28c0dcbb7e86ed5f32e5d24b4b54a5657"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3250-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "95446bcddec63d36a9f5554815892c104febb73c676a075d789e4b7c69979fa6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-3464-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "3ffd081959db4684563f0044cca9ac16d5467a42d40913f503bad8d171bf1c99"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3662-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "5a02b9214bb7ca03030323835a85efd84d369ff02a6baf9193083e2b22e8d0c3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "fe9e2b75babda09ba22a3e99494198e125188d9345bda2b961f10e98e6c2b784"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-one-23-2330-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "374f19a62abe5b7c195038ebc945528046478ba7fac2b7b429edfaa47122e6e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-r2",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e94ccb36573d53127cfdf1f6d617c31ba8562fbdd4b43e48fe1fd52325315756"
}
]
},
{
"defaultStatus": "unaffected",
"product": "poweredge-c5230",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "52dbddaf0c9803e7f9dd389519b829515abe97dc0fbd9b979230de28880f595d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-alpha",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f1d2c02737ba96e93892f38c161b3f35fbca79a4302e439e8405d3434ed88fdb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-5552-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "73e72a45f92daa7ef76dcf82e6d13113cd9acbd2250d78d2e02232535f83fbc5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3646-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "081c82a0748297ca5841b1772330fb6e776c678d425789a66e3072fb73d072d7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-3455-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2fd0f72190810fa5c4a2a3f57a7bce51dd0baa47584b59b7cba4752a92c66ee5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-20-3052-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "c4574a6a5e1e6b4f3b4a3317b51d75c3764395775f900b9ede99dca5e76849f2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-3252-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "9cc04e65928cf4852d0ae16d55808b42542387ae389ebbd3e42f888638909932"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3655-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "31a7af2885146a94a82ce214a26e4dcdcfa36969aa47a7a1eaf3725fa6a2198d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-22-3265-desktop-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7c0c8fab8b15d6de59936a3921f85d9e79f710c6c6db6459804b679d82760e26"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-17-5755-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "19967c4eebd851b31936c8cab20f86008c7f065cf93217f6cc82350521cc640f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3656-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "a0e12007dd08b6d9a22fcc6548d0562ea3a966b2030ea9d00c739971e02b6c9a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-20-3015-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "05b03dab647098c957cadd2a66ebb1401dc5dae51f267351c0d076c239d5856b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Studio Sys UPD",
"vendor": "Formelife",
"versions": [
{
"status": "affected",
"version": "a451ed9d6359fd109f495c75bab2678285265a72be64b3e5d0d5447a0e167cd5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E152-ZE1 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a9638651a2475403924f124552dc199689a45d2e2e59e3dea2b223667dfb63de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AU47 M1",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "d3715136d50fc486ef59fb4aee1d7f06552fdf98423809939538fe905a1aa0b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY TX100 S3p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "bfadb1d20541d4c39857e7b295b7ad20ce81d393f014eae27565bc173c1880c0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY CX270 S2",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "e44c2088ee54191192cc690787d74d8ddbfe3fc97c58fb2c42cf8a952784c94f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY CX420 S1 Chassis",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "c27a0e267f18a89c8ba8aadd37786ef8fe18162b60b45fc209bf992b570837af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY RX100 S7p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "e71744d4e18cbee18a1fe381a8a83350487baa6cfbf3729d999f85d7b650610a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY TX120 S3p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "51a9197d05b1aad84546d9469b2c400bd7536eea62b2760a308e5bf84e71d74b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G152-Z12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ad457250d51a0638880d9cf1df9dd029ab34b36265eda73c5459d8d0460ba3de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ab6af312a78886a13144814ce766a771604755f8dd303381658026304415280"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eef3fd99672410b85e6342c5757723d0d3ccecef9805237955baa20780de8b4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-ZR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f21b8f836105cdb4051d8bb29302dcf86836b640bf048b24f3c76e930b513b32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z20 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "62bb737d55f4caa082b7ea2aa6f8a59c8efdaf9d5ac5b158cbfb32a6cead8164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z43",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1b6ff7d60400c7c21a5b28f947475e61abee187627c1ff12cddb25b1ce59ecb3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z45",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "18def9ce5aa6551c1d7e77e9f53e34701f77b89d6b32d41ea050cc94d52941e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z50",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b14d2e3fadc16c97684a4ae947798bb3a67372441dd7252568f71fc86e98ae9f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-Z52",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "062e3100bfbe635c66feed863141f7a6f2bfcf0b887a5b3d7ae31fb610d17cac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H252-Z12 (rev. A02)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac416150a9752dc20107bef240e73c6054af4992348003429bfd97a7373f4f27"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z61",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "340cc5c8f4468eb2d36b684dffbf139b4ac4504b5db3993c3c1b5145858c5131"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z6B",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0e761b6f3c7d3a1407addf499ff848c493a9d0b0197368cbe858bbc4fa5a4702"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H282-ZC0 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b739af751913ea6ff42999069963dcf6a1bdd58a3de800ab721d9bdbd59bf0d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ32-AR0 (rev. 3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a4102b19258804214beb838f61699a7623cc654341e6f60ad986dae805935c14"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 3.x/4.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0a3837abd91821c4ad98687d2dc6456b7fcb05c8b672c48f242ffeabfa3e9b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB2 (rev. 3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7678e64f7728c059b228ddec74f0918f0544d5193f7b8efe0bf03e8f36c2f5c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "122baff0bf1243b945a7eaa9ca55303469d624d6150d4da136d697878177f1a8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9d318d27111a3c5a2e3a6451103750d70dec9d6e9d048f7e98fcd60066b98aee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-Z90 (rev. A00/B00/AT0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dbd77ee47e4bccbb2b8af2883765641e9d7c404937da2942637fa1b4b6d4d635"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R262-ZA2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c7f73261e85bdc43932e49254cb8654ed2ce0945379592cecb081d51e5834289"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z97 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "076310804e591d1c2d4ab1d53cff0866c04a4189e03e6964b528b8a94faa7991"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S252-ZC0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8927ee41096d71b75bbef2672e22f640a22ae3588f4f44786fff92c70b861885"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-CE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "79700c28616b906f5534cf45d4582878a73f96eff24f1f894bd04b24c00eade8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-PE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac5ec67cafd72fd7f497c3759b0dcf359de8b7db6941120c0c69d5f3eea4bcbc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME33-AR0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8bdf9b526d2e9e65f23ded60745006c65678d184a258761666d3864432cc0cac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-EG0-AAC1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "630321979d80b22e20ca5fc713b2e3e1a8d9ec9ecaa6e2f814193ab8471636aa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R243-E30-AAC1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ae9c0a6e84b0c2912eda99c2de4e95d45c0c8feb2a097e02832ae03c74796f50"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G191-H44",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "28068e88e5041161f4485f958f49060d6a865e4beb0b53bafc8f3c5e5e3923b9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G241-G40 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "912834981a1de06dcdd4f8cfd11e7db46ac691e5ef20616d76d859e889c303be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-2G0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0dbbb711ff0879479dc30b9a7116fb94f093e0225b74916f6b79edae90d8fb2a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G591-HS0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bce2bb4589e9ba8bc8029514a887f3f3bb4ded3556bb5d77dc1a38bad564b435"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H231-G20 (rev. 100/A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "819cf98fc21e036b3ae7e6390ae09edcf6fc6c260b22bf6ede0852029ef2495b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-H61 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "190d03dff0cfed20b38ae3270c8bb197b024765963dff6b7730d96bfebcbb24c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-NO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7eab23785afd939c2abdf53e001e896c67216a6cc75b646d990fdf92ae226748"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H281-PE0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9f715f7b4128701de97332885c28547fe89ca4214de5af85623ab90670fdbbff"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD61-SC2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98c90d7d56e82fcf28b362fbf659c3dfd3f987de96d997defe2ef2e78f33cecf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD71-HB0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "82bbbdeed52e95c3f19ad09cc8fff5ea17f9f5341fbef5f88fba478c24e9fd66"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD71-HB1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6957244c7417f2ea28889e02d23b63091b6049b82263872ec3a952765becf9c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU71-SU0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "67c4f4ad83e151ebe6e61092bec3153ec269e7be1945dbba0c61091a345a885e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R161-340 (rev. 100/200)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1bea20b7f9327d743487da2db53e5fb89ace6d22f56600b58918737418e716ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R281-3C1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "aef16fc11c0f6ddca64581dc5b42b9d6e4ab66807ae7c5a30ccfd8f6774a2b18"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R281-3C2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5077c5d90bce52e6e22371dd64910f30aad69c42aaf9a144165682fffe23c3e0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T181-G20 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c2b46f65550950fb75d45f5bff54bbed8d4877d803a9688739abd47909fc5f6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC13-LE0 (rev. 1.x/3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a1f593c61f035734a87dddbe547a18a52d641785c40cfd320b0a0802be57a1e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R123-C00",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ddce5a86b35fcf3fe494169bd1834b1f40f24b1a4938e5239bba011dfb981949"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-C10 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a09c15eaf24a7804b16fa6fc8e4d16c8ebbc850d070439b2c1ead835f4626dc0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z23",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36b879d3be098143f10fd76db48424f3c3470ffffbe2f828ec7462bd8ec73dcf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z42 (rev. IAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b98e94dc0b78131fe59ca6a9c0a142037d412e2ce5fcdb9d0d6d10f102b1d5fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G363-ZR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b2bdfb3a454065b92210cf8a11ef836b45b1db8679d31b45e65a71d1f5efdee8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB4 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "930761233953091f36c6f92e069229f7dd6c86555c03315e1cf51f9fd349ac79"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZD1 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c564d83ca92af69a296c473cf748d2a6062883164794856c8be429a652e421fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZD2 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "74e19d515a7d2d4644f026bd8ea3ee5035b1d325189d9ff2184892a62a7cddc2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZX1 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "637be0a8baa2b2a07788add89178c5ff71b837b0d7313d31252293e87a8c3734"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H223-Z10 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d2868fe9d5c6ff7e0397d929f170cc6ff006c5d1b5f7bd99d937de8f93dbcd5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H233-Z80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5bcc229773a51f96a3904ab181bc621231f881b88a9f59b9427555d9bc868045"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H253-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4978fa8b487795206594ef340a6c846814e02e248aaf6d6d22e21e58c194fc00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H273-Z80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7d216a628dc15d65ad64ee6535a8c190260c9616945108237dab43b3fb1ed549"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-AR0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2c185f2a4900213d87796a8f1b7ba719d3506961c3587cc6b6c39ebae2067e93"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-CP0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "13b00bbbbe69eb17f726a086841770b17b9b5b02c903d165e5dcbc371b87e4d6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM0 (rev. 2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "140cae90bff7b80c41f0fc69c6439ec9ef3e7b54e408a29dcb9b41bcdf07bb3d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36d2df2564747908c8f8b28df00ea5504783b9308fc76899d0a5ac1b57f43361"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z35 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6e276e4fdfd0ddecdf0c1df49718595d0c4bcb28850897215b88fa01c239b62d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-Z90 (rev. LAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9bb0e8c4030538d2b820b333ffa1b211a7930953f30bc9ba206eb26adfa45741"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-Z93 (rev. AAV1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "44c75c03ddbd8689b7a5df96689d730f002367d428da0982bf089c8f6909a75e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z35 (rev. AAF1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4f59fb01703b0e6cd5140683e9eb6d98c452b3acb64ab642004276daf49e1ace"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z93",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "59c838f97265422664d3508ad13e370351e9f482983d942dd7fbf33bbbf00587"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z97",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "42329f479e5572eadd01b94fa8f3f3ae16b7fb4452ac2111f886855e4f52597b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-ZF0 (rev. IAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3b999a0a4b3a7336597e7373e3317dd29b91f5510fdfcc8323988d1edab6c23a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-Z12 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "920c4d1c705e8b80e94b19f2c690d1fa4f25f0f6954db6209ed5118d7927fc32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H223-V10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9387dfa08afff4cd1f875331c6eb24ac6758d608976603c7398c039dde35890"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "76f7ae620a91ff5e8590a2f22f59018e613aeb12b626b886d6ce2f5e4276fce9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "57be6485a091b1f60afa9a2af34cff051e293d03696c04ba578f97ac38a34d4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V60 (rev. AAW1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2221d582286ebe04101fc5bd7e353e3f8826c86f948defeb8ac265b8c7ceb8d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E162-220",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0c8eb9d218ca1706bd15989efc2915e792918b52cdcac38a4845913631f6cccd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-IR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ebf41cbd3da1701755a788922944f1ec7e13aa8396a03611cef2e3940da4cc20"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-280",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5caad5c1ff5d9518017d64a2dc8cb2a83e294520ba6460c0a1b14212688f39a4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ID0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c2902ae30064150ea9236e92b819a2cf96c47ad73f0439233471b89bb04cc13a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H252-3C0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "436d56f15a1373c341638cc0edd950866bd519e0cb1e0de07ab7df2c59fba5d1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "83eeeab2bc322fa12b1ab2be69ba64ade98d999f8e1118ba1d6957c45b52a6c7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC1 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "083289beeb6b2d85285084059994d0ae833833cc7284428b6eea303099d99090"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "db38dafec56ac3bb8948390f699fddf5a3f3f2b33d0a696d41c803c059a5b940"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB0 (rev. 1.x/2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eff883c442f1805faa24a44e645413d9c9d3d95e6e0bb5c227124f7eac8187b6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43eacbb8f8ffe499f4d0715cf6f798cd81351474abce0e410ecfeed7071740e3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ede862fa7c647cdd18ab5b2cc90aeec53c35e7f2a9e8d3cc9bd4f1f4e7837b30"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB3 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ffc9128e64f5a30a78f594923301a6110a8a97c236665f4d4ca7ea28d8a8d21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU72-SU0 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "776719490d81637a1604081fa3e9ea7fc975020cbb45103bbe4efc70ed69c6e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU92-TU0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6c0481e584911e1758040140b89593d1839956ef379a6d45d5ac37d0666b866"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU92-TU1 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "80073632c479a5522a64e14cd9bdb4cb12c3b86eb8eee5c36f63c40c96865334"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-34A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "da898f000b47ebe799f88868276a9f9a0744ae283480c70b4506f17218696a52"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-NA0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b851b25b7dfd2d50e710016c21c06a5aab78fcd64597ca631669b7e6344db6d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-NC0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "75adec4e87cb200578f3899c3bd7435bbdadcc4941e5edcb5a3fe3055a8ad190"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-G30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee788077e078691ba0f587f2f9f044667b3463f794d8f38fa0c96e8b68550703"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB1 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "64c336027bad7ec398c64d31ec444c47ec0d0b60eaf89202547967cc1b21fed3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-AR0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4270e08e2fca65beb36f8adaf338c4b94d248a98eb3d205d0fcf6a1cd2d6ca6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM0 (rev. 2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "29ed1fb8fd445c86fb30ef02e78db0b5be5213ece5edebf5f9702daaa94f5ed2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5be6bd89d0e644714c6c98502efcb6e5b90fbdf3101f82cd821d04d2fb11e60f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z34 (rev. AAH1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00089e4dbac3fcc36ba347ac7d7f9067722601a9a55c2360bf9cae439a52c010"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z35 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ea3e4c728b066bf6827adb0497ec6e32ab66c546c4ca89fca8f3113c3d74e950"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 (rev. 1.0/1.1/1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5e55411efbcff6e593a2de57f46b6040324f35c1ed14f902333a71b6cea38930"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E251-U70 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6c404dfcb9550bf9080bb679ccfba607c96b149772c345ddeab0f881fdd16f8b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "84c011953dcd5981156d4d5488c82f53ee73cc839d3359004d491b0f1fbf2808"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB0 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c4dca3104af399295b160bd3ad7d01d38f9dc86e7143dceae68403480d7c19cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z94",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47da1b96a4296aa07edf9e4f54df7dc663e8c8134477ee8718319667073a5d7f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-ZF0 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0f77013fe1a7795b311828614ab371df89c88dd7ddd165d17130422289838731"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX34-BS0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5b7f646ddc82ab730c91e13b52d86d9fa3c28d0b0cd1569fcf0a9b77509d7c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R123-X00 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "876f82d1e8632fff9b24a04be60fb1486a1e4eefb8b20183580874680fc06150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8567d8f2fd8a32c33c81aae33ef21e34f818159199f0beed6c10dd6e2283351f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c7e9eff716b9e7000c89692637c58014ee0be37d7ddd39a0c2ae4ecba82e38fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC12-LE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e37407821e4af774debc51d6dd492c11fe6652ebfd25febae7a603a7ef69822"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW34-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "add3e41160a5effcd5a6dbfcda45072059e02f5a6fa39042fdbf36ae8193067f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E133-C10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d5900b5a13292df17073793a00393ea8e60a645104ebf8d95c5407674421c76"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E163-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ecbdd2c9fdb6e9bc4f2e48b5b3e1651977a39eddc6480cc4888462636648f38"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC62-G41 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dc4153ee0a3333ab789383cef8b0d9760b9f416138a093cd3357370261babf4e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX33-BS0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0e138096681313a3923eefa3bd3480e6416c73d627d3888b36ce7bb6b2b989f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC13-LE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9f880e1df8c0a237dd9cf607e19287817eb75f59057e8df89ade763ca7b6812"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z33 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d18f17a61f21b0b96542a3efd2a543cf87b434d86055e48aaac951f09c53e0e3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-X13 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3e3fbdde80c01e9755408922f67ad04834a61cb5e519ab010b151b68772a9784"
}
]
},
{
"defaultStatus": "unaffected",
"product": "B760M D2HX LITE SI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "641b9c056a8fecdc3a572db60e00f0b0fed7722fe9cf377bc4b6ee9208423107"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-7840",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f63845840d8dabf49f4a1137c4b1558257748fc26812bd693de92ed0257362ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z32 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7fd571d3ff56fa697a130f06d98ae3d2568e4e3d5848cc0966f4e00617801cf2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB2 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e01af875c3100fa3d72d014aaf93417317a1a4a4e69c4a28c216c73dfa5e041f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310MSTX-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "094ba53bd3f96434153ed4c426a2c9f8b62ccab2b7ff60932061f9fa84a9309e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310TN-CM",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9f5d955a2b3e33b9ba93e98d56a3ce4c997c4234161a4637aa88eda81cfc743a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310TN-R2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ad827acb383f51e80cfd4605f8b02186b680f61ba0129e6c054af896dbe6d48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H310N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "de983965452c5d6bdbf7e4137ef30782337efded699beb2db1cb1cfab2a9cdb9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-E30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0ed7595a6c1b6e26d1e930ca3a8c1c0dd619db049ef112fa653b8bf9b026bda"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-Z11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c70331be155ee7c048b0296e15de195158c1215b1ddb31fb842018467c5857d1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-S46 (rev. AAM1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4151a030854ddba555d497a9d2626723d662a9c81e86b39e4e2c02c209ebabbc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-S35 (rev. AAH1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f8c33896586db20586273c8378d4fd18e49a4db7b6ac15333eb67536536c40da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-S94",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "70ed5ca85b768ef6f9bb36baa9596d07fb259c775b457464c138a7494f7340a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-S11 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9ad9beef2a8253dc72e6bdd37d76bd54fcae482fbd3308904d87dfaa4df281e2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z54",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f446b6d7d932602558e4abdbea9a9b826a12d27c535ca6c2d0bafa5e34ec3864"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-S90 (rev. LAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9cee49e6b444421c55798f7ce7bf7a1eebc6d6f75319c2bcb39bd11b4075c71a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX34-BS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5380cc7bc3d652f0d0316dd3225fb45f1bb054e9c568b9c8e8bf9591306cdbaf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-S45",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "77b27203150cbb0b885df35e361b1a193163316e3f315be4e7967312b097aedd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-S30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0c5fec105a86f8b7ffa77bd983d3ed0b54cbc65542e0ffdb9aae29cfc2ddd8e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-X11 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e8f28f55ed2fb648c7237e216e5c377da45e9f6d6a746605515002aaf502ae4c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-Z91 (rev. AAV1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1fee6620306388e1d23dba7889b858bd56a091cf04ee68db32639e14d9b87a14"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-EG0 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "672102a1648ac9839230ff8c818edc737b01fbe92250ae0db8ae2441b257f5d7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi3-1220 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "39ea2372c5af03dacf3a4112895e5bb59489497c23828e38acd4b4fec35df970"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi5-1240 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d34f17d147062c8aa223fd2e528b8c10c0879e8ee2d6064607f45e93908a935"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi7-1260 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dc45a2e1fd0112f5deac4678b7b093d4e233256af8e492104658c38a5ad426da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-S90 (rev. AAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "059d906408ac5c7daa81504d9e9057023d7686c9383faa48ef6f195d4b32d997"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-SB0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "394bf746dc6183441ea4d034769683c92eb999195fe6ab6e1fbf10c4cd1aed32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-S62",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d733c74eeca529ae54b842ea757213532781db14b38c9222f4eb34be5ac7e1b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-SG0 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "35ec23b26774c9030a1deca1b66837805aa7bedd6518d5be506681f2296b5e17"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S453-S70",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9fb2a464f53ad26c1bab90ee2437c0c265ef6d0faf419af58baca323c6156b7a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E163-S30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a7ac0837b77d7a91edb4e5fbfde127eafe1601e858a6312af9e555646de46480"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z20",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "abe7715141d75d5817b2456105d037d116c441796c7a373dbf3307412e111bf5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO15-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b0766c740aceae7f71543bfb22d3c757640e714e52f32a17a3d42f9d16d39383"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E133-C10 (rev. AAA1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2af044c4474abc534ec6da84e1e6415386421dbc897ed2946efe131840de8161"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R271-Z00 (rev. B00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcff49fc24b1b8cf02fce97a15b0bc8bb19c6979df21136007c677ac3b9023c7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-PE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2bf55cd3046c8fb548063466ea9eb0802c4401f3c04a13f9ef693fe7c23570ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 (rev. 1.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8448a4dad1df740fb0882eb8533c40a2227e385f9f2f07a546c1d2e6020b7cbf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0dc9159572d38d754e168d1290219dc558cc72e67e8fa72727ddd43a5ad187e7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E152-ZE0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "83d24271a7b1b9bba7070c128edcc8b4d6a5e7c96caa920baf5c014efbf6775d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z93 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "255ffd2b1161bb8a53626ad3920c40eb5f0f63cb1d5710969abf31797f8771de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA0 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "85f9cdc44ed670c411f0892b769e91567f9a81bcdeb92861fcf6e2ffc7773f9c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S453-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92c197c09f8aaa2e20427f649cacd1484ef7a345040f54eeb3135745b6f671dd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-ZO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efc056c3caa782e178b7ade2333316ef39a0a6e17157c68a61927b3a045061e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z6A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ac696517ae7da9f3efe81af66b89b5f7b24beb6e09aca06e61e454915070a3b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 3.0/4.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ad038a3b127e95df1fc8fa61bafb96a113fe0093d9ecee66db9ece973c5a257"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB2 (rev. 3.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "225cea866d8c5843d32d6edc97764b69b05707e47c9537e6e6e7f4ac06775816"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G152-Z12 (rev. 200)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e7969888310f2eceb73544fd8108eda95c1a3ea62ff57da93c643bc55b898f50"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d31512a9a475071b6e14a03aed7c5286aa0c622925d7a840bdee7158a7d9583c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H242-Z10 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1096dfa8e4e5f5d2410eacac73c51bd1b946bc4d2f110a44e8c33f53d0182eb5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R152-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5297e4a26fd8ed927abcb2438a5ac2a4e35e770d06d272ed77b3d847bebb11fb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3-6100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e81cd2760e4d5090b1d0da86309ba993256d88a4abb8065ce83266bcf4f0ca34"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-Z90",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40d4956a427564b83b0c1a86f1c32510feeeb5282eccfb211bd29f0a0a7767c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "58a47d7e153b03ce005686aac24bfe31f405a7cc4670b826ccc775a839de7ee1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-IR0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43dd7e97fc6fd1fc0ac1ef601c00eed9ec9b5d5325243fb8c6f0ae3517fce89b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-280 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5b7eee5f852ce1424dfd476d8713650e528fa359f19e551b7adb9b6a12ad467e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-H80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e79fefca976e762f76a8ce36494928dc2ba039de02b69659a87b5245cb27ac2f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-NO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d04141fdfff53843c10ef247e885ad9fb62ffc58c89580718ecd2b102a590f30"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-NO1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ca65772cdd5fef0d287957d5a6e308fa1126b9b40a2cd701e1190e852ce0bfd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-340 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ade7666d9e200c0929260025880128674b63349911f1d03857a42cf753f10b80"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-280",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6917b15d532856e0c0f7cbfc3501f4d5c273616046d94695e01ce07303f6011f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G481-H80 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "53a8edb12be4b79c231d3f950e20343f20f3727a6544504259639fa6506f2457"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H231-H60 (rev. 100/A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "56289ef76755acc7f4e843b3ee0f29ec8f063f113f640b157d095d18a866d874"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-2A0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "01c95a23c9bfeff78ab2b6d77ca33e6a967cf624d1afb5fad393776c79a25920"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S251-3O0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "303797b38020f7b91381f887954f819112509c4b855ebd75c7a31dd227acf1cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S451-3R0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9a2e7d55dcf6e3f7537515d2c6cb0e36770a5fbea7a01dafe4a90359ade90eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WRX80-SU8-IPMI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "249510667c5c37bd25d731655d7dbf18c5fc2d8d377c0c2326810cda6d9c0f46"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R292-4S0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1dcce1bfce8c75c3fdf8a307ba7f6d0231504095e1c4e6bf2166a4cf75df29cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z93 (rev. AAF1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcb8c9ec0cdddcf94852ac34e952a349af1ca970d825dc239075286875a9257d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNE3HG4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ed3834eedb770cbb44be9357c5b05d9800ec9577ba3eb6faa3c47460d78814ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R161-R12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "523e9d1bf5710144e36f9535141955dcf9a3d075fff092f6b4d1e12ee2eda562"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-2807",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "16f990d85b5a42e9b762a08f69614b0c6e3f5c1236364ca38efe92a5dd729bb4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB12-CE0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bcf637c0c5be2018d76681b66661d1e6f061c2e1366124f4ef8754c074f8a95c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z30 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92780ca87316f207f58c61f65bc8f702fbb2881688d9819dbe8ebbbbed6e1f67"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO23-H60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "955038954a0d1463be658fe518b6006f9fde166b67e9007f3befb9cfa62e5da9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR7-4700",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a462c1a73072f541b6719e4cdee351d44a7cb3593dabbc6809b5b387d909eee5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR7-4800",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "424e8b46bd3feec4aae4ec33eae1ca8658526eeb66e121adb244d3c322dd005d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR3-4300 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5cc12fd686928c97fa7fbfda17250579adc4e7bd11e46e88650de5ebca6ed03c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR5-4500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ea44803e9b188161126374021e9d845136edd676d33fc80e5f9348b8d577a87"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W771-Z00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d07d7094aa0dbdb896f8d3dceb093ea8c1d72ee0009472ece73190d2071aee6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB51-PS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "372c9a6f86f60d7cef6ae2d2ee7ca0d55df998ba0a47468668c6758b3d3db725"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ca8a556421eb318b0e5901085e97c448f1646a1636e34ec6e4d76f4a3d61f601"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD2 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c8ab653dc8a40406c0a8a4d71b56059a2f9b7c7ab9e883290acd071941c7bc25"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW22-SE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d369b68d0c38afedcbb0eeb82f2d06d486e9c0ce212ebe3b0d9f8dfcdbbbf5b0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX32-4L0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "78ce8406e3b09a3450d41ba11c1dae91456f25c796441dabb52c7b7e261b3a69"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW32-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0cd64d233ea4db6db2a90962d2888f4e5b967fbb24fa944ccbbfc2c02d5a358a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX32-BS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40234a98894a9855db1a921ffe9d272caa1e5702dcdd14afc82f6a91753fd460"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER3-5300",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a3ab1a934f5806b5472f13257771924e3fcbaed289b2d6a860ec2fbbfd2d0c11"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER3-5400",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "06879fa2383284b0222247992f7d359bf5d0ddcebfdcd5b42a20ee5f46a8473f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER5-5500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "68f88269c87ecb16f9b7d9269005ce505a3498b9e3440054742481a2254d5aea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER5-5600",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d98134626baccb58d0d97613efeae6d504b112a4f8d8849e2599ceecf55f7fad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-5700",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ec439231fb2d3491a63b173bda078a128bf02b19262b3549f3a799992442d9e7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-5800",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7704838038c24fa47fadd54f19c5911fa39823ecfb5f451db59271112a07e777"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMCE-4500C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43cce322b194b9be7bedb247098e8b691878f238b14199cfba11af4422b3464d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMCE-5105",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c412ba0cc85278e93f349b9fae6011982f23f8f3a7b6539a36d90b551ae1006f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMPD-6005",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f14b4087af44921d294462fb0d65259f18af0cc23b7ab1c5b87773b9c3c13e4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi3-10110 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6626703c5940d244a87f2967f0c54f4a5a7b53597dd92a0b561f28a2f9a9161"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-10510 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "af98c4cea319d387751cb356a28390fa630a1b2f66920a3202b37e0acb861ade"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dbe505cc1f3a4135628b7e22c7fddb99bf3ee1d46f82a84219e8cb0905c20ff2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d27437e85db58b607bc173e844b31dbfb8b949ea3c225e13377ae942572c4611"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9bd110e7a5a1e1cdd77af3702309d98f748cdec6d25a5e76c04f63417e2e6a8d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-Z50 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b2bd8851706081fb9e310e5f4a7a97c3a0bb32eb7167a609e602ba6cec1ea89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D3P (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19c85b8fbc25322544c775c9fdcee793a563d51b32ede6b29c02248e0813f42b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSRE-1505 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2f18902d7afbe8d900b6552c2d7a86760f05c4698c1018053b2fad97f6ab51f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3-1115G4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f6c034629c0d8df05227f4e7d85d02d8fa52d7fda0940fd4f80f62a23be06c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5-1135G7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "baddfacc85e4aa97915493c4f66cde6002104bfc10ecfa3839c4fc6e32597953"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7-1165G7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b191f4293202c488ba673c288bb5edbaf506a9835a508ec38fa705797738c918"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PH",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a5013d7b2208a6c2d1ea75bbef06711be676430321f4b275140049d6fd53f8df"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PV",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60d70e509fc3f7c1da701e5195218f20e297c11d2dd4f0327ea4d25732c120d0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z20 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0ae28d4aca350a31f66402f4b0f46e05e4aaf77adfc813179a7df20c8f4b148"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W331-Z00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4f7c60d69e3c374da221c2ab2d2393794965f2e0e1cf296f5a64d4d77299089e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5534cc441ef64739b9609ed3160f296cefda8faaae992448baedb01e9310be7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "82f181dfcdb973537274d8fbf4ad83d60ba8b7315bf99def64780a8c29c6a843"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 3 Pro",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "810a53fa70ab5b27f2dbe92948b79638dc87fe6015f94c41501562a47805e28f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 7 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee03798b5db2710360c33566b2e61b46bc664ff8a25b257bbfb620c332d70f2b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 7 Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ca7152161d4d3a65a2d4fa707a3784811bbb7507332f1c82662456f5f76b5a5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 9 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14d6cfb20110768c3da503050dd9222a2514aecd0ca49f2c08e64bf6595b0cd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS MASTER",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "326280954738ecffd23930791fec6dc0ba2b9774c85886b98d33723974c3427d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Ultra Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "91933d348054953096135089baa7b6ca61dc43e9fc25dff45c9fb4dbf9e8d606"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Ultra Gaming Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "22869435dede4b52f75a6b82266b67f8930857829185f97bd322c3a72a8899e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 DESIGNARE EX (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0a1aa3edaeb6b389a08cded1ce036ea9178527389ca1549442a35f8b1b2bcdf6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3716034ddd789a3e8e1c688a477e4735f228bc3acfa18b63e719d7cd1e8fedfb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 EX (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6fbe2e27bf4b4543e39c88a4702f487b15d02a47b04e006759cfb6432d82fa0b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299-WU8",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d15d9bd6d7980d27bb56848643aecef336c8ff0a695e155071b7dafb1f75d08c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-Z60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "826f711b5accbc542c3e33d607f1dd10edfb3486772975f204aa2de43bdb52fb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ71-CE0 (rev. 3.x/4.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c0c4215e8207d397914a56edf50428f01ad3676c23630ef7b8c06cf36e45a7e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z40 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fcbed542b232be01a0ed2d52dcd3dddc101fafed3da9f3e3aa6b17b652e640f4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G182-C20",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e133210fdecf2d57cde25b0bc706437210318e37655eb22a97000bf27a02c177"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03e23d40902c4e68730e74ddadcc716f46032774001e1b6bc606c5294d4bacf8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "390cd14f2be9ff14cdcc90a9e705cc017bb2535e66b93859eddc233425998937"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G221-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e8b934cc0bd3127262a9e52fac754d64abe27c09902a78acec81c0daf883f77"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-Z20 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8d49dfb69b420390cf13ff8f3a3b3ab88e5dcd46a182c4ac5be9868bc6278c35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ71-CE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3b797002d243cbed1182569ffc6b5e5f6243e59ee27bbabae7362fa80be6e91"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-Z90",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "24be564cb337350bd9cbf409cd95f29b760e1ff872f99b27379c40b533e9f2e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R271-Z00 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "99f913a3f88561d7163bb1ed79380dd346897e577315eef71695aeb861e82579"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T181-Z70 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e42a49d2674808c57b781e8b3d78613a143ba9797d1a856ccd2a62302a49520e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-10710 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14c74b9b80e71d3302c13aea0dfea3560e1452a55c698c20e457c5b495154443"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi5-10210(E)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "56430f2f4f9aef4e50f503dc8397fdb20b005bf38a8b9029c43e3eed56c39229"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bacd1c945c9ff1ecea3e29039ad8b742c6d040e5792bb45008c1b7f664fb36bb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z46",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "31aa7ba19f6edb9472a3da22793803c265a0cb0b7cd7979db56251c37edcfe5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z90 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8cc6129ba23848fbd65b91a9b70999aad19d3b7a6d168066cbe4a0b759fc5a5c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z96 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "605db3a5cf91d915929488803446e5a51dda16d661e76840b707474d2df79069"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z50 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9b0c2aaaef88b38db18e4efd44b2582c8401f9a17f2c54d0e1f07d2c94a9a5f4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5fb07e319cf6d523a488d879e7eeef3321e90fbee049efb642b34ad2a32611b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25555956322c0eaecf58fd759ed9b0b7857f9dd149b02de55e2f5eedb291117b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W281-G40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f7c504d3d3907aa4c7f70ca1fbe1fed7e73426eb987b9c5e2f6b31d42e801af1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW51-HP0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1190d15905ff8656d2d0601c388df633b1646fd585de4fe871fdf93fc23d35a0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z53",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5f61e3f93c7f6615cfdc26efce6a83b3188d697e2243643d08d10dfa9de8afb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z54 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0fe0c762e396660fb30aeddcf5a5928af864eb44399271ed975913f36e46190e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-4570R",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3353c109a69e6fdd86adbec899e2669cce724bc35db33a86fb0bf1c81a508c2c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621 AORUS XTREME (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7edc3eecb5d5ed515e06f8130d875fcae07cb0c7bfaa2e4cd8d86862e5ecc256"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MJ11-EC0 (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3631995d059e336863527f1511894bdfc61361bc0691a430b3896fb94746aded"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-E6010N (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9c8f182cf3b058d12bddb039d8a3f3686d1c325c9b2719ec5fc8644e066274a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3000",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2da499751e8a5446ac8445cee5b95f6bf75ded5c8ec6738eb67f5c4ac2081c32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-Z20 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6d6107f0d094fab41eaf6073089de8a0b24bb7a66c5851f534a8f1d26812c3d2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-Z60 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "edd3eccfbbc2ef2ac40e723697f67a346fca062ddd6679c5ff8cfbb91d3b6afb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-Z90 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "575fc48c70ea9ee40f8016ea2328ebe790e7e556333a95b9b511be466047f668"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-T60 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b636c9fc0ec84737f2238365e71c23e9227695cd5ad52bf40dbe8290920fb60"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7HT-6500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e9bc71596a97741893377b2c52a13b5b2ff0a7b6f985af40725e0755d2c537c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-SD8",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6ad23c1fab3f0a2babb23e7907385e25a06801c2edd50d108e5b08f923855a8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-SU8 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9017e90f6c47a9d9560cfd92206c4b2e624cd91cd7f0680fb75dd972ef9582d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSRE-1605 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d72f64d5a25b9088f7fff456d3783c2fb0e7926cd4de6469c6c3f57690830907"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming G1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0455dd8b57341d5667d4c4dd71767321c3f72770f84db4e46f93d31e50b376a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-WD12-IPMI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0215ce75b3629651d0c64b0b241095b58f0af921cec3022c524d531c22f1385e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-WD12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f528dbe55aba35bd4e5d55fe853afed41c54d78719765944a5ea74dbc062f4b5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cc7b733f36b027823b3f501864d74397d308f8bc169149cca5307855234a4527"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900N-D3V (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19b4ba1388707838d0de17b6f2e9ce01f70f728926ab7e2dcc0566f6dbce8e90"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G211-H4G",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9546a8c62b6d285172acc0ca17340040cd18ff76bfe5b9e7672824e948f7331f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW21-SE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60370916ce5edea7899125ad1b470d59cc04b0aeccea1ae5474f78ccf187e4ae"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW31-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a89940e207a6fdd61170536d0d8fe66b4584c38a804c0df15d23c0cf30d49e35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R121-340",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d2565f697c692df559b665d0b97b3743c9de07c0ffa83b0fbb5b86aa821e8622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R121-X30 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ca3df4ff24732338397d64dc81509ea5a7c4b979ca3f2ee6c7446d690355c52"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W131-X30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7fb3aff9b87102cb3535bd80904b7252c40ba4f556d9f355a45fc9003cb29e9d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z42 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "09d1d8dff99b19615f14413d6ba20891819d481b12667452786510209344095e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G180-G00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e32576a5522533c1914ea8aed13f238022bf60eb6fb86ec5393bc8ee56cf5a06"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G190-G30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cbb6d5a01124074eda2161e53a5128e0d0d8eedaffa55b14c1dfdd6fbc5a067d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G190-H44",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bef72cba124fcef35a3ccd67b94707f20c2bfe2a4f4d89f3497affd72b8c2a73"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G250-G50 (rev. 400)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9424cd10408253ab228dc2125524340f5ca53759e3ad4e996e7cf0320f41884f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G250-G51 (rev. 400)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c17b5d0b9140f95f5317619866739be362765e6165292cb183f539b6758f34b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H230-R4C (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "59a3fe40e2896be666fd2712f7e5176ab10ca9335b39bd04fa48867ee607c066"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H23N-H60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d4fc77114a472bf1902a66a35f51a11689446c8d0dc18000717a5f74ae6b3a2b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H23N-R4O",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a5cda726ef82b73f9c764e39a64ceab32e4d6e238c3019e06d3b7f2218d68ea8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H270-F4G (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "934742dd01634ef45d78c2a7f9f3e89a0db2cbc7baf994570cd8b64fa4491da0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H270-H70 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "499d17336ee9e6be59a733507c25f7b343933bd728f296f6ef08af611d0a8ae2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD30-RS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3b9ef069c1c67a9caa29f8eaa915605cd0bbf1edb735d92abf2c4e959ca4a726"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD60-SC0 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "473033483d404754621122afe34dc8f8f47432bde116cfdde03ac38fdf2fb054"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD60-SC1 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7213c438e3f07e82dff82a5b6cdeb5f80e8b82ce6e12fc377732a8df2c527bfc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD70-HB1 (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7540b3951f0ddc6c1c1f4eaf062525f55a1c6e862022e4a545530895510d772a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD70-HB2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0db641b3a89e75061d6af75e41e365cab69a819f6880d4bd0a0f4ea7960fa17e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD80-TM0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "15f2bdadf43e6d3731df0693552d4aa4780ed958dcbe0ea4ef80bc27510cdc85"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD80-TM1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "298d5755fa084d9268d09063222030993755cee31f9fe5429323b830c8c3f5cb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU70-SU0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4b5caac23e6866a9bbfd7962a5557ddc9b0369cdce09b664910b35bd66e690cd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW50-SV0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cde8f07d2e7d14233748df612e113ce348140090694b96c407053fe4e6e1690b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW70-3S0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f8c314404f2801dc3b04cce95fa27a97f58459f9d70c8e3b03bbfd45bbaf5e40"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R180-F28 (rev. 152)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5d3bf4c8452e70a4ee31e25cfd555694af3cf64eda965fade0b21e8a262a2c10"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R260-R3C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e6bc9c983e21a0cfcb2d86a9dc88c28e5ba33387acdff81bccd6caf780e4619c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R270-R3C (rev. 143)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b6d0ebe479ce082420f5412fc099860ab825450e58d96a6b33c5013ea061864"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R280-G2O",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efaf5f327a471776f0a75a2b8b7f963c8ab72190be7f606d51a0c04715dafe70"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D120-C20 (rev. 230)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cef953fd8883203ef326a6b195a90328ae31ddc10736afa171b617a906fab77e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G150-B10 (rev. 111)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fe702d3ce5fdade4ab194ec43fcf6f0a070123ab547ae49b9cbaec33c474dfb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z51 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4dcab1a378bb4cc541f210917c563b95dd678e185b4d0dc8483b175cbf9097ad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB10-DS0 (rev. 1.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3aa61cde7b1886fab7e60e077bdb39d0a94e3c451593d13e87306b88b4e56a80"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZAPLAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cd755796109542b3da08826c56951102e5034c76428138d1a6dd4f1ca29955a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3350 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b22a7a1693d8cb2deb608f8e3ab366f5eea0e6bdef6ddb03a86d599fb2efdd48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3350C (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a42535bbb37725951ac18b0fa9b5771454ce707bcdbeacb8120d0aa0eee0cf1b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3455",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03662e2e512cfe18afe431d968d60e944af5f7514f840754864ee4cd97990130"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3455C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47b54ae65d44b227a3bab252fcd465df6e6d4875cf2511f1261f1c8e5b196e1a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EACE-3450",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "421dfe54ac2554e627762ea96f454f95f7232f3f238dc9f5d5fc96bbf284fbac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EAPD-4200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6009503816a44e0d4fa7d0d74ac7418b6551e31e58bab97390711055449e52d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB1900N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cb4e9aa8b2416ed2fb7593a3c93d5fed07d24d1f349761a1790deb97778a565c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB1900TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "93d6ae2ede6573f018ca1dccc5b686a0461a0d662a353511a0b420a10935267d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W42G-P08R",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f0d6176199b56171ec12bd663025c664b2bf3f8b844bc90edc8dbc3cc062871d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MA10-ST0 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00f354e79abadfb8b4aea11bb07c3ddc16f00b3055ec8c221ad4d69538bdeffd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11HI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2fdb64f2007196150cda167f3eb121cedba80d75d0b79def30c4d7155ea0b2a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-GZ1DTi7-1070-NK (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0d274a7eb05cebe468e07b2e6692a11c90f222d18077b3d058fc02b464046265"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S12-P04R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25b628eb776a57d9fa45cffb00f8f3347cb9d7c2f3c33712348b85c3ecad2d4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R272-Z30 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fbf652a641fc3d847c148abb65130f7eece7a51a9c6607f1c403a8bbdde6ce48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG4-1050Ti (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0c57eb7255f99412b62429f165eeb1f8a297c26a13eb6d7ddbee91e32dbce6c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-GZ1DTi5K (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f37453e390737ec297686b784da5aad11acbaf8375d377fac533caee996c1d66"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R160-S34",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "898a0ddce89b59e6993ea651b0a0d4b54752957b63274dda75160674fa0928f6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-T90 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c02c66a7d393e7bd8cf757197bbc6bc22fd9f9b38a8a1068166eba97bc5b4a29"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11BM (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "410a0aebc3826f029ee6a4cd0c5816eb0676fe99a0b112e8ce55e8b2f3b49e6d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11JI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "05cb527ef122bbe9ebe54d4678686e6a21b961f16392841f5f0b0bc3882a184e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11KI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "945d5b0e567bf5604ea9b12fc7f3f3bb12ccfb1935b9de78c9bc77241632fc9b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11TI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7796142d4d8a09c6f416d5b3cd452caa659cfca40992683d7f8af55cf4e6a7c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MFH27AI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4d3a05e1006e9d5a1045ea65277cc4fba148ab4533ccb1b6d52ffe54edc7fffc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "J4105N H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d1879acf606abac026703a7fe242feb538192ec6f01642ca33ba6d6de55a725"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160N-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bc5aa15ece1e486f4b7d31c5ba6d45382204c115e556a6412d751e25703a4a7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi5-8250",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3584936b2dad0ff3ee3d6b167442d39dce8400e1016267462827ff20d15dcdf7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-SBC4100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "873e676d25545b3d6e133a2c85cedd5a4627a11f67513e54e6a99e812e7618cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-8550 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "591b486bba979b64d20fc90bd63a5991b7df16b5aab1447de888e3d6090f1086"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5A-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e13105b80056966dee303194e6eb7e2f622dccb80f5fc5780100197d43b871ea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7A-7500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "002c5c88a393a9da6b48c30d64bd702f6b50fef07c32f45b7c09f40fe2f3f2c0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi5HG6-1060",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "289cffe9f81f1e9a9cd087bc529701a9343084e499684caf4d34bfe8db15f3f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7G4-1050Ti",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9d8b09f7fdf906dff7d92049fa20921927f3cfebf564455eac78ce2518ad03a1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG6-1060 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3835eeda7653120a02ce98ea98ba75ebce53ac1efabe3b81d0b6dcc9e611d1ac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi3A-7100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5697a205b0e85c8f31e3538135e32b72ca60d1652162c30007d94ad079096fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EKi3A-7100",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2f7481194b1e0a153551fbc9e68fef59f463882e3fc0238673ed6293715366c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EKi3M-7100",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c1cc2040975c62eabeae3df92e63b2c1a22c690a97edcea1576f83e975355db4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5HT-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47a969af17efdfe04690233319d36d12ff820901d0817ce17846281e7d5f49ea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5HT2-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0aa384720b8e5c0d09b9b0b14cf14a105e4b607681f778bcaa202412e666bdf1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7HT-7500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f61c63e919c797c1faae135458e0db89f288a1d05402380823562f34452806be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7HT2-7500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cb0603d8ecac9baf7de500500990ad0a7e9068dfee69f296d62de549f69f9b1c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi3-8130",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a74d2353acccf98743271fd296b2bf6f1e047cca1fcaccc2fd9095a7f72fba2d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iTXL-Q170A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fa7e7ca9fd48d608094d5f56ad6f0166db7be91862666abbb6fa631055b98f5c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7A-6600 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6504f61ce57f6caae37cc7c56910267d18a1db46e6681178b6807f0e26ab966c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5HT-6200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e649eb460cc049ddac440fe93528336fa42bdd9cd7a284ad9a2481647b57e75a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG4-950",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b772a8c72de61e4821a04793a16c8dc8ff7b354fa2a0bff189d879df254c9f1e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7QG4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f4426a3de06ca8015af5798b631afe601a78a069be9e70fc818222d9b4f679cf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2H (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee21f7397347f3b42d5229b41f9d9a6b4be739419f6f2bef1c3eec8f5d3a17e2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3150",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "66ff6219a24fb3662b7b3d4fb1fb7937649dcf052cea4364d4c9b178735807f3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7H-6500-LA-IW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9e23a81c581d5e6c351c2cac1a944ef5759271739f6150c3ef6857bfe401ae62"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB4100TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5abc359c698cd90030a597105c4ef899e4ef56271b9e0f43c843408b9fb53d33"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cf2df7d9f1ff5f087021f7b47cef6aa3efb47cbfd639f730512bc630e0c91f81"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7G4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "210688036c5ecadc5d764691d511e738ff32146bc69f26601fd45321c65b0c7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSCE-3955",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "327e84e3cfce4cb086435232d033a20ebcd4b95cd5aa4b85cb92206f44507170"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSCEA-3955",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6e166fd67041801b0481c69bc271ae73e0657f1078442b5740b09f6774128e01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7A-6500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6662b3f0d921aaee11ecae2893271fe861524620b05540e255d1e364aa65abb6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi5HG4-950",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "030031c6c1b9422a56ed44f04efa2ec84fc8a2de254f24d14989934f613d12b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSI3H-6100-ZA-IWUS (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6399b690346ae7ceda0f8dafbca5acd17ac4d796619568a51cc8e50f5b630b42"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3A-6100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e7049738618fc298adb3099074b3419bcf553f0e54acd9ada2d611fe64925026"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5-6200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "044e3800c05a232d4a8821edc28aae7927474c8814a385f717010ef9b12a5622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5A-6200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d86ef77e6d28671ef838b314840a4ff9237798c058244805b3b3bc01010db097"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5A-6300 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8ca806b8be055f9b5df84871c469279930b34b89de515068b1cb30bfa9c3cae0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5H-6200-B2-IW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40f56a09ded19979902613399e9d6c84cee02b72b7114cabac53629fe2c068be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7-6500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5cb60622a0063c6d261c5693fd423d7fa44d826e8250812f50c7b9a28921712c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3150-FT-BW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c754aa67ba523b595de11270897af05dc22907a4fce3f4880bb372b1e18d9164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3000-FT-BW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19a209b004631abf16b5f6abdbe22b3e9578e1f5ffc4bb94b6601fb612ae47f1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-7PXSL1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "663977d4a882f59c8a8791d427ef4431ca63f89ed5683a4cb6d61006f1b1c8d5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4260703c9695e6975438598d85f4046bd34a1f16f77fe797b22cb45b4428f83c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 5P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e5ddbae819b82a8237740cccc23cee00844fa79a15e18e6187854b29e7e81a2a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 7 WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b767595393d045e4adb4225856611b3a51848a17495666be273823220a0dd165"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming G1 WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3e85abb0959e87075f3a91e0048163e92c1831edf3c70a4d85f6ebbe5d56cfd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Phoenix SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fe510a8d06c948ca3e699a51d8f60bc0411df8056124d5e4a993cd526da8a0a5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SOC Champion",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a85cfd3acbec43f545c8586b63aa52622d9fd00303bf80ff3890012032699ea7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD4",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "95eddffa23bfc032d7d65b730d49a4d87bdaa93e349fd9e30dde6a450b9a9bff"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD5 WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36b023bf42423988805835e5b7c48af57c0b487c7308cfaf5a7a0ff75e3ae8cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD7 WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f93b61306682c563bb68ecb67dea64f9d5b86a8e1c7cfa7fb2b4ea02a15146e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Ultra Gaming",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "90818dd14d621360badea1463f975a367952e2a0d43e7dc73401a7ab0a2d3a1f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99M-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e3b8e6db2e08d8cf93dcd44adf437d6a6fabfa7b309702b35f7ddd4c1790734c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Designare EX",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "71337bea704f642aad176d64c9f64fdcdb9f38f8107294a417c9bce7a104cdd4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0307e5ffce3a9981334d7eb19b13caeed61ab8074212943438b4a423b5d2a9b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SOC Force",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "678f05bab483e1cb9cc2cd51415c920bb4307b31ff917dc46cc44c6c2083b5bb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "295417e80fba51a322a02a7e4c35ab04af54a48355711066339743e88e3922f1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "51c5cd38074336d75c166ad86a2df881b53b4fed849b538e3281d1bcf0502094"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD4P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "27abdc6ac0e50d6d6ca0e937c0a7ab1efe8d2c53c46532b68f0cb1a5fb955517"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3160",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9cd9ea2490848b03659e0e7dd7871ac815c54080e5588a530afe35cfc1ed585e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N-GSM",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "01b2fa505a7a377587ea64b20e1a1570eb7f6567a9204ec972ae478998236a0e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MVBAYAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "86a0a4b3efcbc51e14a0a307a0efe343c7a7e3e2bae3a6e0502869f610034ead"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAC (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "073a6246ab57b038afd9050e2dd017aefdde6dfad5d61b80bb2d5c3c71134b73"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAD (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "be9c2feced70f810a5d08ec03dd8e7df75f9abd066a2ee30ad82136f355ceaf7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAG (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "305b23937168ebedc60ac6756010c07e4588c48e9fe4694fb935945dbf4be6ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ab2b4adb933a22cc5b3b3739e315a68c9a9a3dca20b1ae7f27713c0279f6670"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYVA (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f96a77ebf7806cc05507582f25810237aeaea30ef819dbe90ab2227f8a36ce8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8bc76dc04271ff2014eaab3560bbe3177cc08eb3337f4f512c7d44b98a40d1d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-HD2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "713c6e95151ae02f075d0391a12e47fa2aaeed199379377bddc00590ceda1795"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b66a10f650f73f5497b22a2d45d9c0bf4df9a987668c4d617e62925c5c26c388"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110-D3A (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "447d66dd22c3af2bbdeea4b2a766cb3fa4442466d0c02d62647de9f3683cd6c2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a04064b45ec7d0c5b6ae123d779095e23315e6ac1a150d4b3190909a2237603b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b1276f7ad8788d3db650a672e6ce6785d5c3922d2bc5aae554ad1b48b62dec5d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150M-PLUS WS",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3ba7690791f1adeaa12e45dc9adca1ee7f08c99bf5f1c51961c6975d1cd14770"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efb150fe9825a88101d934fb5a9801f970f6e734e758344062d37152e8baa1af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5f374f38948ddbde29b9673cd70ce05e27af9f3be23a7bc086f37f35a68ede4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H R2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ec7f01320c848a88e89d3db821f462448f62e5ae65fb4fd02dc3a5602ad1eac0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "577535df524a000747a1e15828af3de0cfe6865b0b20170d024974d6b5b81160"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-Gaming 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "901396591f3682b308f9cfa279cf1a7f8d4cc6622a9ca799e6b5e1d5bf769f2e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6a24bb276e5c9b05ac4cca0da01e1b381245a0d217efb5190543de6ec41b2505"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-WW",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b565acd86a3f4e294d606bf6c0e42eedc4b7361f4adf7c31ee4a806b54767cfb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P110-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c544cd0b03384834b08b784ec0339e2b91a129ee56e7f4881101a10af567e6a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8b02d988ee00fe78039974032b856c56e741a4594744b4f6376cbe1df8271226"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBSWAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "41bbe9daa5808a1c5b9836a654d6c6d312ed7034c304f963af28d13eaad84340"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-M.2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "18216a9c0fedbfa3a8c8cb3380845ff086beaec130296234d58d02d24fe051a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PT",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "210d858cd9ce7dbb1b76277fd580e1c71214d1f7ceff46788efda64e817fa95e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c80df47ed107f7ea4eca4e15a55fce37f1578b985ed45131b8c67dce9ac2bdad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110MSTX-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "55099b8c517078f75299dc02afe1f09167bcd7760c0f46546cf4f8274b54c465"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5fa2136e6ebb55d5aa3c0bcee64bcf4506a7854ca10fb5a43b8141ff4bf1275"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150-PLUS WS (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0bd8853cb934be142b7edb2ef31a2031fb348a6ecea1db37e466dce25bf7fd6a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D2P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a08c05bf56e1c4e4d180d69266bbcb244e7e2f85259d86c05bfcf5593cfa33f9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D2P-IN (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98372c6dea313b0660ae2f1b1c80a8a5d7e93ce07010621392faca75818c0fe6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "af4026ab4defc142e75d57ae35e7ef4492fac8ab6c0cc55c6de47f3e21f5ac24"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2PH (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b2977acab6438edeb2af8a4e3d0c353fd89e9b2d47082b528c3c23fbddbdcbe3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "464be29c2ee1a3f706063374be13365d0a296776aed73fd0c8506f1cdddb568a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900M-D2P (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f89741fdf7f21d8670407a4b8038e75319d73486009e08a795632e94fa27df82"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5641071fccfc0169979343e131d614caa71a2b334ffa45d1ee10817ccef73d8a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900N-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ed85051f384bd7694f0a86322c705f819cc18a0ced71d4e3c3946b37d4f3abe7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LASL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2c0e4341f91bcedf78c301778d52492fa304380cdd15bdda725910cc6709e033"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LISL (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9a8e636b33372a34e9719b8b20d2073bc56f549b64e5af83fe617187a51b97c1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99P-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fa52c6150c49a84699bec9739b84f5a2c073f4f69b1bc84028f3b2cb15b2167f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper B7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92311971e888a24238c48086febf47b2d0820856e514dd6308575291b6de4e48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper M7 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6051ccb31aaab7240147a1fdf9b8f444c7ee4bde73ffb4baca63b02bc77dea81"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper Z170 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3df7b53ef2284dd2f3385aaa589f87f2e3fadc93d2755e28781452a273d999ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "878450f31de9dd84201895e81547ada2085ec94608d7fb6bdf84d73dc3b98538"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d1d3adca998106090f4b2f08d6c50769e88e944ed640518d23f8865102c2ec0d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4cec11820244f485baa7f61d50e60a514b0c5aedb87d1a26cd6b6fb153fdf9ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D2V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fdedaff9a18229027689f23bef37cd8424e248412137bbf710fb6163eac6ac43"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "da480d23fe57a6003e41f8c88e2aacbade99186f0b62ba4561663b346e9f96e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5fd1eb03f29343e1ba70dce50264a7143129fe60bde396f6e3715330623db8de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f2da89fe72acf6892b139fd4f7a047c30eea75cf5c572da6f901511658ae1522"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b3148d78c2efd368e986a43b19e209f2ad4817e8a4ef41bb79c57ec7b9dc09f3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "086d80a421ed4cc907120e6c96117c3b69b9edaf2ef6951fde7d3dbe6ea4c878"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e69ba3bdca3335f01b749abb84c702f6f926eab3e4d6ca70dd5ab84c3aee24a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "639cd1a8d45af689d2fe1aea44b62d2110146b314f39be8a5d472e412842e61c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "94a5124370c2d66b38a568b3d8be4a98dd8d2e25313b68506f7753c4d60be97e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "825b4bc9bf807631611cd33434d1455bca3d412b9a03463fdd1092c54d5ebbfd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N Phoenix (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "12886ede3cef3c93c4602ff26519a04c9143e903b103006ca3805c3df2744c8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N Phoenix-WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "330f761ad2d43d72a4a09776d76bdffdfdd88d4ddf6002e0056e2826828372ab"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fddafb4af375516cb2f72c9308852c88738a66d57af9deb08e9a10f1dc983499"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H R2 TPM (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ecd2f653fab0c6dc0ed24c68a8f04c454cf8dea68b58d149e9d79758aac2c54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f71a5cfc0646d85af2847e6816752e81f3b4d2a3ea5fa94516aed9464eaa4024"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a402dd098614ebc89fe70642661c52da9ed9ba0b21627cff4868defc97db0274"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2e24220caffd6ba7c7e1835f12740073a9e3a826a1ffb9bca210756c224eb99a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7802bf1fde1f8771ff7165acab0474471598a46df398d7db84adf911d2d37260"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2HP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4b0a77259b2af63a9704b094688237ff3c29fac1c011a373a0f2537a8a543d1a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PH DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b73d5f184db4524883fae5f01e681f52371964740bd6fa957998ab4d65537732"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PV DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ebd6b43db01ccccaffc4a08182e03cf6633d5371aa69c82f7300141277fe7d7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "756777ea660defef2629b8802bcbdd29b61020fa8ae8cb07045a7d5f991f3508"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN-E",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "879f28f51c3b235744352f0808b6267258131f2594f3ff85a6938401e73eb9da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN-M",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "50f77912004b73bade539e1c3983a7ab78984b8590a64d3e030ade4352c49eb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e4a209b19361c13d7a18fa41d8a257a22f6c806bd62f04dd24cd77abd7d3134f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-D3HP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2e1be66c511bc8367a2b1ab41a3ca60cfe46648bcab2d5f1f5bdf5df14de1c05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Designare (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ea3c21e1aadbadfc2e9ac0860d94eb87e6590ab37f98326e00b9615a13a6208"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Gaming 3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2cb69c081c6413077fd076d7230ff816931ae65bbead2f94f0b12d33e1861c9e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Gaming 3 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eacba20ef05b116d70c6344a54486bb7c23a131d7c897f5399b9a084a5bd5205"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "38643b383b7d51cc53298693e108cc293779dc43f254b2e2b17f66a80f9e4175"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b3cb86dfc649346ea7ed4c8ff117ca91b59435b9baa9bdd8e6f2bde1dc1b1124"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60a230b0a5722bfbb364b6d64ae3e1b1cccb6161bbd6f8cc034977f4d283b4f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-D3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1c6801b8a7920939facfa379b6141016651601971156e426db947ca40b6f1708"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-DS3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9ea15324d90a1b750cfcbf964321370a56b116b44a0cbee2035cf11ffcc0ef8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "78bff3425a6b42b846508850f03a040c22c43566947ac1d039b431fb80a31451"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03299dee42886b0856629da99bce9cedee322b80bfbb89aa6943913d2da15e03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "523817566d04fde3f7fc0215b4c4758243319affa5c1819e4f041c290a36970f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-Gaming K3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "db4668c191b9266a2afbf974c348885a9d10a3e1750d1e100418aaa896a5a103"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bf0aac3f13b0d68c6a255735eaed4000c7e5f09748818746b4a1038f0be34f78"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bceea4f950f07347b40c579223456984c0515a2cc94c4cedbbea3c17e1c459eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "20607b0f670b297b45523730d2204e46603cb3c65f47e6cf8293b07b7b1178ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a34cb81eac53b0800c2c02d2984c0960c0d68a22707869befd4af3996be42e7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170M-D3H DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fc0eb68179f1363c19896c7cc043021a57cd45a3492187829b329474c361722a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170MX-Gaming 5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b87e20d143fef2fc32233444070130834ce5dbbffe06409cb537e59c911f49cf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170N-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "209045f2bba172fb91679d4319cfe548c24921f1e28dd9f887e3a78bce515e7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d67b82421d81df8f3d64966609e3c963be6d0dbd87df531ba5f3ef0bd61e5353"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Designare",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c061fffcfd8d7e38afb97fb434afc78d39d22bf9b02884c7c1b04487cbb7dea7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7b1cb9593c0c1890a7f1e922777c206012f2f1ded7b3339d66fa49efaca44c74"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "438bf66c9433bfe1ba92452f5f7eb1d46cbdf9af9ab3c3d1d4354e902fb0f257"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 6",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25917f5dcd5f5a4c2daaa9fc0cdf991b365e226856202b4e5e987d406e6af95b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "75468e84df86d3133927f5c08028dfb6dce55168c99ec9fde08397f5ab0865ce"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming GT",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d40ec6b83d08a885cb576844e609105e15fdc4e48181dbc861e2bce0b657b59"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-SOC FORCE",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5c25f790a4eb79b4ad3c4ceae05329c0878337257a6e31c276ff7aa5c18accc4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6389e5f47ee85c43b2d9aebef2e0c8a9f06856fabb148496a8acf251cdb3c1c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD3 Ultra (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a01bb5e701b3b847766d027e7b9bed8e7bb05403ca0160734bc73c93fb77b6fc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "260811f239a5a92f4a894f52c5b7218faa75c5765e3db17a4ee33530bbfc1295"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD5 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ad921f429c443cd2a73ba3373fb6407a81b4b8d53b3fd5cbea07ca847ddc75c9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Ultra Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "464643065d45eeb1c2566dcce90bd868313319547c91d46e3cea78126109d374"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170XP-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "32d8482434dfaae6405eca2bf724939194c8740da638c9e3e8b760489b2a1128"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-1900",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b0b62e4ea23df186b7bbf0fff342ec107596e1fd249721eea75375982054535"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160N-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e03efb41e61ac04cb14a63c5ee5a71d3deeddb29426e38eab1c68946d60e26a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "J4005N D2P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bae6e219e1ed8e8164382c4f05db847386c5f2908fb2fa453066aed4531310b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "aecee44ca1c8bd43d65abeafcd5f0085e1165d42baa953808d566005189746a9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050M-D3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d4c55cc53de9adaaacd9e70527becc4de1cb0b39a605791601fefcd0156ced4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050N-D2P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c717a5d6b61b22bd458dbb497dc5abad9e30fedb668810e558a46f994a656435"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050N-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "63cd7d4698c89b720c73125900f4cba4b8b1c2b962064280a93dc9ce2a0e9549"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1c4cf96a2ce5bae121b0594c2b41664510cffcdfc4001072f2275964c20fe12e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150N-D2H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4685e5a58d4cf84102460110a5fad72931b1b46eb9f71650811832f80580bc0c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150N-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b0474259effceedf7aedde543afa096fdcca74d9865eac223b6a91b4ed922310"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5f53230a65454b8805179f246ac3c8b36bd274ae0051d900cd04890e7b765555"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3V DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8ba0474e2bdeb945adf9a819854cde336f3cca848e1ac41e381aaf03d397c7d0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150-PRO ECC",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6ed04464891a4cdc3a25ba34d3cd44599bd118ed953c68c8b63f11be2dc83d3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150M-PRO ECC (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "764d56cd4e5b88fa97313d5eef173bb426aa27aef5d81794eaf5b9c1fdf38375"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X170-EXTREME ECC",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "35f6ab275afa77bb30a5672f32b196d8c76208e48500d7f381e05f8f12e400e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bbb58a67574c989b095f38c9fe031cadd5a709235d6e0bfc9a206f98fd5318f0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-9SISL (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "493437a68a7a7b46b645d46660e17c3b6599eee86cd06f592683e56963cf9a8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-S (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "554e7be483afb47c81760179da5199ebe2f59a97b7146e50ed42f35728df9c5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68MX-UD2H-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5bbd2f88bf68b66e974356e0e49f63b83fdeea8d148da445e24073d8012c0c3a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3P-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b7981e34bc8994973c48a18ac01d6b075f092de47d35fc62fffdc503ecf081ed"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EL-30 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "485b963baebaf9e0d0d3f0438da8fc3a5e74cac6fc7781e732df5ad0a3be3eec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S2PV (rev. 2.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9e2baeb611484b3c3460fbabe2b48ad91111e9a0cd7d1f189ab2d0438a69b3dd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-4770R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "73f5c64009c9b8ce26c13399584a65b73b3b5201475b04dd9621f5433ef959da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R130-134",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "923e61ed9ecf1c37848cbe56822ce753f455fddf25c1eca816f3ac04aa46daa4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R270-D70",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d5844b2dc05f8374705493e1d67700d0421f63c27ea10070c60f1871dcf540c6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P15F R5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e112ae0d90739fa839e6e29687412b5669a2f23bbe2b418d96b65ead135ec349"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EL-20-3060-32G (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e0251d4518373ebab7aa1dc037d732b5c04e92306e16a8e8ca1479df0a9ae88"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MP30-AR1 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "586ca26deb275734620c0b80c8d16dd86538bff6116f5d7db1fc10230d775eb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-KMA1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5b5b834775e9fa3cb50db4d25d9df7849cf0f13011a209fc53c51245aa963856"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXGH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "984e1178ed45439578fc0b3cc2787cc8f972987c087fc5b4762ef5f421cf5782"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXGL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "240c0e6220a07f27d4debd867f2a1774a50be1b37c3f53a2dab272a71280af4e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi3-4010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "10cef05010197e635c330548e99ad98827223f0c8eada8a6e5a95ac7dc2880fa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3H-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9387c8f1b5d856bdf0ce43c88413c22f98214768708183bc610381363dd269d8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-3825 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6775386a28b32b93d1853880a8ccf1b916a3bedaf7ba4d34f2a64904de792417"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99M-Gaming 5 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d11d8f85507e54952adcfbb82d5d58ecfeec7674b756ba62c8e1316d9a1500de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G210-H4G (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dd75c90a2a81a34fee2c17a6e72b8ec2c93120fbd98c437c4648ac5fd78b6af1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSQ77DI (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "030615cdc1d2e52fe185f8fa8e6e1c1028beca283a6be9215482a39df1418622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-KMA3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcac97ed60b61b1991fc9f499fb3bf0e8594d49d102e76a988ea8933d099d396"
}
]
},
{
"defaultStatus": "unaffected",
"product": "M9M3XAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1d3295cec309f0649ecec6952824abfad776ecc1f46199a080932b5e99ac206b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXCE-3205",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a080c1d64fb844389bad75a733e3b4c5483b07623276b114575d5cba32170869"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-5500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14dca67fdba7b20c48d3c16446db2a648c79e5f94712afba6e720ecf04ba5223"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B85TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d817d05c86c92a00f00e286c6c26cc52e6a50019970a71d98aa07c53d9690c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H81TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ebbac1eb55e763bd4efa47f6232ecbcc62d73645c3291e00a3d5cd880898ebb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H87TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e555305c3219cca7d7b8d5a667ae2ef454aca7eb84341f07e1fa8288cdb38359"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Q87TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5f237b90cd70e0f63c0414262a0af2fbf8456ea78252750ccc6ef7fe59cb8774"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi3-5010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bc4bcea45075ba867a4aadd97494ddcbbe693b23131bb52703d3c42b41340719"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-5200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "39b90d14141556595814f43afeb015cc34e75acc31d23b0c505ba00d1c4a6a7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MATMH81 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dea93336a790f6ce8a80f451d1dc454eaf29b034a38a802140937b3166c4d450"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZJ19AI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "51ebb3341dae5033164b3b45470115f49f327e5dae5ab111df2a59bc04afad8f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H97TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "882fa77c019e12dc61165308318657941c1b15c1259213e78aa035017fd50445"
}
]
},
{
"defaultStatus": "unaffected",
"product": "U21M",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6fb97ce4f81eb4d83364b9377cf654a6f0e8d9271bd8e1e9f45f78b07f838172"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXPi3-4010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8a4342c4bacccf07bdaf52b9cfadc8789c37092ccc0c414e1848e4d0317d01b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-SIOPS-J1900 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ddff03dbd491004d20587de561e976bc8b5b5366723b51d3f59dfd1892b9dc25"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-TCV2A (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "70c80b940abbafb0d631870322b5f7c8e306a2063097493ab471f0ba8ddd228b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MQHUDVI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "092c46188af77b69b4c19e349712a23244ec7cdc885c2e0150a8209c1693c95a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-SIOPS-4550U (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3d7862eb46bcec3f0eecb5ec94caa94456def40792a125cb9b7912625be5973"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXCE-2955 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "161c97b5c0ce6cc90a70034d8de30b18d07c43e50d5566c1802dadc967cb05eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-4200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "05001b41f2adc9d6c008f12f9d1d9669225a2366c9a05f6bd19d420cd5b13fc3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-4500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f6b51ad77bb7963ec455923fa731323ceb72af167a0a40b8c2b91696301bae1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19e2a33d2a28a825fb89e7dfda9609776110876b204c5ff760edf716cc7c390b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5G-760 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "faa729af295c234dfcfc5ac4ab91c8c255c1b054c612b9cbda1fce33f88b4d51"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5G3-760 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "718662066149651d1b7506c7582df2252c555428481b1821829b4db25e2a836e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7G3-760",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7452bdc99e762f3b54571e03c1b6ab0873529b798275149fe0a8bc057929f8c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3448017b88b33e3949d6c18876be32e506d827f65de6c425ebf82f33a2c3f502"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSG (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eb08694cb68b19cc7bd0bc323a46e8ce6de5036078a61dc8827ee480269c88eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LASH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d7f1a6c78df7317f866866e74e881d91485ef816e492fdf2a6fa02b940629494"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UP5 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f0e7e5b4689bf7e81db1b56185b2a1186d31a50f1cfd1c9863a0746f490ebf3f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSV (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cc9b6fc8540a6abe60b8966ae6c4217180cabbb3471d12f93e3c81dc206c8bd4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSH87FI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c19f30c4c9a444922cb61cf136cd48d9674d2134b98e618f6e7ab9654eb7a7ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac8e4d6a033b6a2d130404eb06e193b248a76308d4a82eeb5736d4f251af6826"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSH61DI (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ccb5cecbe797ba2e130f297ec86bfbdc629ebaf919065e50d3f8911cc05b3a1d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-XM12-3227 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c67607819bad2d7abfd1d47eebad947f9920352c33b96db61f9f25c05bddc7c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5502f7f96b9ca121d3b52a1a804c877839e76e3dbb45beda100bea672067d26"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-F2A85XM-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "104c3173aff7cbf07c72956516cdc7c34e6169604293aec90e86bcc4384a799a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d4c6ce9d730179b7a5cab37a8744a2ca588c9a2a8b8462b62d2c96757adaee61"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-D3H-MVP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ca64768668cac95b2c49594df5412492fd3e84a5ec279f5e5782d9d08d641e8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0d28128151819a06848aeb241f3dc4737d3a9b3918b739f8c512085af375b368"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77MX-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "32b1eee6b2e1553ceb902d17d0ecf5534034685dc8c2863f9ec99d2dc587bb72"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77MX-D3H TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "26778248ce3156bc2d3e70461f079d1292435aeca9ea2c6ef0e536c979845164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b51371864d4322ca5c584cded0f6bbad11dd01cf498b841b270ede1f03497137"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c27a0ca23c6d3ee9eea18c0e700f33f13c568dc209341b8ab4b64148a235c70b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "023f4c9928786909d9fcb2143edcb1ce9a20d1b15cf281559996f21617503f91"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77M-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eeef50c6dbb27c9ae8bbca0e2be73384ba60469957414bc2943892ef28836b4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77M-D3H-MVP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3c50ff8443f151a8022b4934dc0e87cd74d500719b586c82bce2184bac3ec2d3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D2V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cac095d827e58ed8992e3eb2bc4285823c8378247de15d7ddc3f97c79d275f8d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c3d754d426defee4e705ab9b72862764a22a64f316a1f8a2563a72cae308c31f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75N (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4a901cc6ab10bd1546d8453bd1bcf75379880ee549329c03ecfd4b445b52de99"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "58d19c2ca76b765809a99f0eb2227291f4f51860723d303f9ef0cb20d4d19dcc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98d605b3578ac3b7518f151c24c937455b204441ba806ea244f22e54c03af2be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8222535124cf1bf77c3af3e6ce3b3a942390794440b01f8d2fd44b4e416b049b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "33793d37f2415d724c58c993c2ad6cc67d661253b929165f6f0ab0c88c8325c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "235c6f47146d2bf5dd20ff3971421489c69517be3b467ec1a2b6f7dc0f2d8a94"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P75-D3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1859a1e462fbb1db039e99f7cfea16e6da59188ad37b313181211ab2c3d70150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P75-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "901658f7361b4d15145d07de99b9d921d7293699a15479f086f4d1a00fedf089"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-F2A55M-DS2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4be0b29ff5fd55d855e5529912b92acea24740eb7fa0250ba01a44824c4685b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-E350N WIN8 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4fd09df247091f6c6ead14d012325d14055ab38095f5c4d8c258352f48c2052f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7e95d1a64976573e5ed1c8c3466e24037d33fcfbbd9f02d1ae69643fdaa44d7f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASV3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00d23573a79d5737cfc6a1094b12e22c8a8601618934193dba2242f0246af559"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61TN (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f19c7fe7e25a9a41b4065791fa390b8d79ceee0cc7fafae702a92a6ec0e86696"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "506f5abb01dade2137a4b8d3ea42d1127f24f59f96339e77c59883571ae63443"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ffb3921b21ffdb876b2cbc7b6ff939fb5168efdf5ceed571d2d220e195fb150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25c38be153f85659377f63b4968f5425bf7e8d6c99fb695eeaaed973939bd943"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper M3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bcd286446cd358474b492a2c9a4d49eab652aeda52c0e69ef94b1cd12b7579b5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S2P-R3 (rev. 3.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0e26169fbddeb0ca9b8283dba44d571b554487b5dd9348caf84fe9d7a6a20dcc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c0adc82a52cbe367efed31279d6e1ea3ab98311db49a68ae149e4af9a70ab67a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67-DS3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ff5f5836457aa7fd0f02d037d0dc23b5c5a49fef8f7360268d7276e577060256"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67X-UD3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b8fb25742a7753c0f7ebac50e9e3d6186ea123dcd0e33eb0a64abc111eaa7728"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67X-UD3R-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "435e0ba0715afef2a466835c19105c6480a35f921af59b863f2c29ed2d1de0e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68MA-D2H-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e8d1572bf6bb0b658f618c735322e6c1aa20d01b79c9100e3d177b6c27ced480"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67A-D3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d36182899b2c912ba34f51b50bbf228e1ec367b0fc009d20d34e4f011f4e9fc1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67A-UD3-B3 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c46c76138b4cf0a3407c3fe2844c11fdd5c0c2c4d335ab58aa0b0617a6f13f33"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3R-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "50d3dc2e80333527177e5f5e1dbc06357ecaae3fa2dd1d51272a906ade3cd7e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD4-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "beedbc9f64d20973229b584d965bcaf2f8fdc4a88c4bc202eb5e9f5565c85fa4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3-iSSD (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f615668a861c9d430afe7b40f42f352881132d193d16426951563997fbdc81da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1d3552918dfc84151da3dabc0687a4513f1dea9d6879d53a8b8646398fc462e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e4f33b57947d45b3e43bdd7bafd68d2f4c799fdf0b72a8a2ca61319ab760ae67"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68P-DS3 (rev. 2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5823dc1fbc95d092e02519c069c4fd111783428757b969fd8b9dbac1009fe91e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-D3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "384d9e1e3cad82b7841f33115dbfdf38589420716c8c0aa5a190971a44aa39e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68A-D3-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2065b895916edbec17057603ba98779b4bd10cbfc3477a87c767a36fb027b76a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68A-D3H-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6c9d4c8caf3307da9b1d6543e00682a3cddf1dc06c41f0f973355cb9c8554bc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68AP-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7013aca3c062f040cf9d0448f7e2892101b30e5956915c8dc3a53c3c2aacd13d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68M-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6d451499ebe6d8dd621f1c2ebb00b87dd01f7870b791e682b66d5f33eb01d8b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c676efd7e6c8bf4a7d3da8aa51b2b564d77c67f6d2be68b25232326166e0c20b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ae3a48e1a715461671107f9e8e790cfd1c4ee4d2b8ddaa50b140d67622b920f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-C1007UN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7b2aaaa9f92c0e6fa23a59bdda27d5cb26e8fdece26bc756893490d3ee657a4b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-C1007UN-D (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fcf7c3d07e1bf9f1347e48dd3ac6e45fc9492648985a06394ab6568a7a71e262"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77M-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e3b619d396378c2e6bc2f550cf1c55cd17e7091fa4ab90761f32582eba28884d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cfa61511dad005aeb4ab01678f87169c7d509d59042b2fd33e8b58bdb34febe6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASL3 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7196b64c2f89763d2ea7f0f106d06352ae2c0e17a83fed2d10548e1aefa39245"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD4H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3ff3a0cad413c0b862ba515d60cac0e98e373e199f0d92c79a77ebe6fa6a2247"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Q77M-D2H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43216a565586f1c49090c7982e6f3c1e41b179e430d7ac0c47c8ad07308a5bc3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-HD4",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f6cd8446d78da9720f06cd360a48e9b6bdae33e342e18cb05420adb78fe05858"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c1209a2eb0b5eb9324e1a8ce11c77ca141023b94b988bd1df4db390dda4c275a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77P-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00fa676c6d12df8a48049f39b87e3343769356e880d2abcaf04ab1b679c450f9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UP4 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5310894b9a2bb510f37c49852d743d64343a698436ca22d9b7a44bcf20e447a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Q1742F",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "350cc51e5e7fa472e95460eed374eb1f9a43ea4e615e2654c26a9da4d83bf529"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASL1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f86f7ad9ffbc7437bba6bcf99d08b8de38f945bedff00c2d35362387077eabea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Q2542N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d6faf2792722d1b9fbff087e4d85ddd2a4f9922a7848ed4db99284687df3b23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-proone-400-g1-19.5-inch-non-touch-all-in-one-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "642290f1b37e616b64b3c6b60921e24ddad599a38e67cd46a281b24c1ab62bb3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-rp5-retail-system-model-5810",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "2a090cfc69ebd88dbe2e2e9c52a7f3a75b8b150478e30a752c5c0f09129f3bc9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z1-all-in-one-g2-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "d0a54ae69192d2d0289b2c9ae33a6ffd0a0db78189b41b032e18a3452c878eab"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z228-microtower-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "5174331d57cf3392012b00a6de381ee7a873f7fbd217bfa3e744b7dd6136807b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z820-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "b02cdd16e398c2f31e9641d27d99865c404357136f857a1e2dcf2f7479b9457d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z420-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "05e89382e73afb280f637acbfa1029e9107dd30c78df37b6a00f184657f5f2c3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z1-all-in-one-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "b6fd5cd3364bdfa459f040c1693b879bbcf508513124bb95b5f36743efd8e73c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z220-convertible-minitower-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "cc5a9c2d4827e9b1501c2dc0a464f580d4a2d65e4ff83dbab548e51839339d06"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-prodesk-400-g1-microtower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "289f0fa72150a52f2b71bc6bf23f343ad9c1c412aa5977e89ffde7474562cb18"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-prodesk-600-g1-desktop-mini-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "a80a5c395fd3b28b0130d4579dd3e462f9e38bccb2a42cc5245cedd70b27ff0e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-compaq-elite-8380-convertible-minitower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "455164a23e14f8cc9567b458dfb85106294f149f0e446d2d8b4036551f894cf5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-elitedesk-705-g1-desktop-mini-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "1650cfd06bb698ad3cecd9e0c38b0de04d29f9c397492ba70b985b033e2458da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-compaq-pro-6305-microtower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "44988d41019bf5c7989b71e966b97752f60c835ba2300c7d55323eded97c21e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-elitedesk-800-g1-tower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "659078fcdff1dead57cd05eafa0af4de667b52e981d1b907f0d963b41902dc7a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-10w-type-82st-82su",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "69dae6e64125b37fa0ee09f5cd9bf3581b3244e99d9b4651395834f9eef021af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-edge-62z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "b04cc879ac09941e714a8ccce371111bcbbc8d7b1dd1ecdc823de09fd2dad7b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-m72z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "4438137139edb1e04de7e265e94444e1c87316b0821178285d87763f00bcc5df"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-edge-92z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "e37c7b66aef1c9702b08f3d08a41edf3e4617fc94a17f318297506868e1d254e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-m62z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "76c5461e86a33095c4191aa02ccba85cdad5f24ac9c816fb8ab6f408cf32dcdf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-62-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "73a8fdf89ed1a2d0af45142f4b4498545ce4182ca704ad2b292490263480b1fd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aio-510-22asr",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "47affcc25ded66333920985902473398438b49dac28be82542062ddabffec3c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aio-300-22isu",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "a6b6a2940a5f4c98e2f531624707fd8ab7dc61f4b3d3de0457fe00ba3cc5c135"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-c460-all-in-one",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "1235ca01cc48484db1157b312ec1632c45be511cfbff28d25404df0a3df47148"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-c365-all-in-one",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "7cf94927f6826886883baf229f3cc2f2545588a564ddb7583f2b52853aeb5b21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-erazer-x700-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "8dbcebb69c00242f0a346c34776171061d606262f412e92f84be99301d413c21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-h520e-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "0ee94a5c0d4b93a2a1618d144bb0a505865a5d308c484c80fcf26fe31f23617a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Supermicro",
"versions": [
{
"status": "affected",
"version": "https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Binarly Research team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T21:48:41.125Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "UEFI Forum Standards on SecureBoot and Driver Signing Advisory",
"tags": [
"product",
"technical-description"
],
"url": "https://uefi.org/specs/UEFI/2.9_A/32_Secure_Boot_and_Driver_Signing.html"
},
{
"name": "Binarly Finder\u0027s Advisory",
"tags": [
"technical-description"
],
"url": "https://www.binarly.io/advisories/brly-2024-005"
},
{
"name": "CERT/CC Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/455367"
},
{
"name": "Binarly Technical Description",
"tags": [
"technical-description",
"signature"
],
"url": "https://github.com/binarly-io/Vulnerability-REsearch/blob/main/PKfail/BRLY-2024-005.md"
},
{
"name": "Supermicro Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024"
},
{
"name": "Intel Advisory cum End-ofLife anouncement",
"tags": [
"vendor-advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html"
},
{
"name": "Fujitsu Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf"
},
{
"name": "Gigabyte Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.gigabyte.com/us/Support/Security/2205"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insecure Platform Key (PK) used in UEFI system firmware signature",
"x_generator": {
"engine": "VINCE 3.0.6",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-8105"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-8105",
"datePublished": "2024-08-26T19:15:11.237Z",
"dateReserved": "2024-08-22T19:50:07.296Z",
"dateUpdated": "2025-08-25T21:48:41.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-65002 (GCVE-0-2025-65002)
Vulnerability from cvelistv5 – Published: 2025-11-12 00:00 – Updated: 2025-11-18 14:32
VLAI
Summary
Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fujitsu / Fsas Technologies | iRMC |
Affected:
S6 on M5 , < 1.37S
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:50:28.005054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T14:32:28.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iRMC",
"vendor": "Fujitsu / Fsas Technologies",
"versions": [
{
"lessThan": "1.37S",
"status": "affected",
"version": "S6 on M5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T13:26:05.547Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-ISS-2025-082610-Security-Notice.pdf"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65002",
"datePublished": "2025-11-12T00:00:00.000Z",
"dateReserved": "2025-11-12T00:00:00.000Z",
"dateUpdated": "2025-11-18T14:32:28.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-65001 (GCVE-0-2025-65001)
Vulnerability from cvelistv5 – Published: 2025-11-12 00:00 – Updated: 2026-02-25 05:24
VLAI
Summary
Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability.
Severity
8.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-787 - Out-of-bounds Write
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fujitsu | fbiosdrv.sys |
Affected:
0 , < 2.5.0.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-65001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T15:49:21.946419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T15:50:02.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-02-25T05:24:11.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://ydinkin.substack.com/p/200-kernel-bugs-in-30-days"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "fbiosdrv.sys",
"vendor": "Fujitsu",
"versions": [
{
"lessThan": "2.5.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T17:45:19.044Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-FCCL-2025-072319-Security-Notice.pdf"
},
{
"url": "https://hexaplex.ai"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-65001",
"datePublished": "2025-11-12T00:00:00.000Z",
"dateReserved": "2025-11-12T00:00:00.000Z",
"dateUpdated": "2026-02-25T05:24:11.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8105 (GCVE-0-2024-8105)
Vulnerability from cvelistv5 – Published: 2024-08-26 19:15 – Updated: 2025-08-25 21:48
VLAI
Title
Insecure Platform Key (PK) used in UEFI system firmware signature
Summary
A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.
Severity
6.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://uefi.org/specs/UEFI/2.9_A/32_Secure_Boot_… | producttechnical-description |
| https://www.binarly.io/advisories/brly-2024-005 | technical-description |
| https://kb.cert.org/vuls/id/455367 | third-party-advisory |
| https://github.com/binarly-io/Vulnerability-REsea… | technical-descriptionsignature |
| https://www.supermicro.com/en/support/security_PK… | vendor-advisory |
| https://www.intel.com/content/www/us/en/security-… | vendor-advisory |
| https://security.ts.fujitsu.com/ProductSecurity/c… | vendor-advisory |
| https://www.gigabyte.com/us/Support/Security/2205 | vendor-advisory |
| https://www.kb.cert.org/vuls/id/455367 |
Impacted products
743 products
| Vendor | Product | Version | |
|---|---|---|---|
| Acer | vz2694g |
Affected:
d61d0e09d008bfb29bc32532b1b94fcc4ee2af5e8372c6d38722a4e73ecc71d6 , < 0
(sha256sum)
|
|
| Acer | aspire s 27 |
Affected:
2bd2bfaf79a72eaca45e544e5c6a5bb842b292bdc229b8975b3101a4013e0d5f
|
|
| Acer | aspire s32-1856 |
Affected:
29837e239487cc83818a7f40f9280d9692a50376487899edd603494b0f30e4c5
|
|
| Acer | aspire xc-1710 |
Affected:
cdaa406bda1a58fbe9933622dec218a26f79871d42f0d3576fbf878e51a16201
|
|
| Acer | c24-1655 |
Affected:
399f68dc94a6c42030efcd57fd034ff721f860b7b5d447779e7a6a6c99aba34f
|
|
| Acer | aspire c22-1600 |
Affected:
d938d08543d35d4249a51057c1d9c62bb1f6440af19913c5feffcea47dd3de95
|
|
| Acer | c24-962 |
Affected:
3d525f96f63995c51ab1bcd2c50ebb71661ffeca9f78f97cc97e851d0e2bbbdd
|
|
| Acer | altos r680 f4 |
Affected:
a2679a9595a104d70bddc024dbc4f65f0dc9d906f30a0d1ae6b996b14246a6c2
|
|
| Acer | altos r680s f4 |
Affected:
e5fdaabf11b236c5c7b040d674936e84db746a180ab9999317e16dcb77aeeba4
|
|
| Aopen | iAPLx-DE(TAA30 TEST) |
Affected:
94c6f84946db100b505af8a308f69ef6cddc2e310b50641a6e2e63bc9aed54e0
|
|
| Aopen | iKBLMUx-DER(Volta Charging) |
Affected:
fcd339e12730f057e41ad41228f9612d4954f2d0dbcfeef37e14dcdaf2866e05
|
|
| Dell | inspiron-15-3510-laptop |
Affected:
7fbfd8b03d178e074572dff764f28af98c87c7556ce3837ccb8dfe993efa1940
|
|
| Dell | alienware-x17-r2-laptop |
Affected:
65f5939878deede2e1b24a6412ba025b78f45b1562e9d365d97e1c76a32a1832
|
|
| Dell | alienware-m17-r4-laptop |
Affected:
f75b595b9ce5e1e25a5d64e54edffdf696251b4f4e860c0d3a03a183631f090e
|
|
| Dell | alienware-x14-r1-laptop |
Affected:
620848eeadb74a572d6400672aecca35f46dfdc7b5152bb028fbcbf74ea7bccd
|
|
| Dell | alienware-aurora-r15-amd-desktop |
Affected:
6348442334e85e8374884ea848685771053a7cf274ccb77559c710b5a00f61e9
|
|
| Dell | alienware-m17-r3-laptop |
Affected:
413a04c12bde19f1f97d9d334ed57197f0405f9f10ab7154d2b71e5471577c97
|
|
| Dell | alienware-area51m-r2-laptop |
Affected:
253743e7a39d0b709122c5329799f4c4608536eeb632218e7f0cbe1f6e8b5db8
|
|
| Dell | alienware-x15-r1-laptop |
Affected:
4fc54067f263791aed2fa4b57b226ea15c4eb0f55b3797e002bb62aa936bdd8c
|
|
| Dell | inspiron-15-3521-laptop |
Affected:
e2242e4aa3a284fcbbcf2f38a10bec24408f1eff74bb307e699ea46f483359f2
|
|
| Dell | alienware-aurora-r11-desktop |
Affected:
8f79d9de33f5f131226a78ccb10bb16218a5be51b2105cc32e38ceb0c8c30e9a
|
|
| Dell | inspiron-15-3502-laptop |
Affected:
62c02a9b5a4d4328ac41c3e3aa7757e64e6c5cd52b9e047333ad18e60d17fcb6
|
|
| Dell | alienware-aurora-r13-desktop |
Affected:
dc5912033c5ca14475f2d59ca47f25c8840f362f0c8553d13bb06a8e47c42abf
|
|
| Dell | xps-8950-desktop |
Affected:
6982be0bd8e1aed1251fe5300eec2b515b7cab70e761cfb72074f5d658d092d9
|
|
| Dell | alienware-aurora-r15-desktop |
Affected:
7e310dca802db0f7a22d39bb2d7d5b79c7e9df8e5698f0e691942ec334ce5794
|
|
| Dell | alienware-aurora-r14-desktop |
Affected:
26a447a94e96fa8d9c590888cae490750c32d5af95faece3595f21efc41c1f2c
|
|
| Dell | alienware-aurora-r16-desktop |
Affected:
06a9dffc8fb3edafd1b6377cf38879860a0ae3c87f97258e09d189d291f64ead
|
|
| Dell | xps-8960-desktop |
Affected:
0dcd7494f4926fb04b56e9713f0b62eff3a345b626fa2adaf47636bf0bb4c3eb
|
|
| Dell | alienware-m15-r2-laptop |
Affected:
69da86e9cf24c49496529f3041604a6bb1c0c0ab86c192239d31d3a9b92467cd
|
|
| Dell | inspiron-17-3782-laptop |
Affected:
602a23f43b11817ad5439579969753866a54b836f34dfe19342e5188cf088d85
|
|
| Dell | alienware-15-r4 |
Affected:
608e410d1c0475dac58b1e8f36b477aa8d9e9f28d30ec89d44b550e36bbbaf47
|
|
| Dell | inspiron-5680-gaming-desktop |
Affected:
f1075841f54237735c1135ebf92baeab9c0c3f8b051229f898520f5b0f265353
|
|
| Dell | alienware-17-laptop |
Affected:
d4ed519bd5e5ba2f027d00635494d485f19f3080d8baf6d711b190323294e216
|
|
| Dell | alienware-13-laptop |
Affected:
cb25317443d65ba126174c8b7547c7d2f6c0288f859e2063436eb7b350d9bf62
|
|
| Dell | inspiron-3472-desktop |
Affected:
02877ae1ee43c787fa980d6e897e14546ac193100395bbcc6bc26fdf3077e860
|
|
| Dell | alienware-17-r3 |
Affected:
003130dabf11c8b5df286d9584b3174faa9529cd6149513d13c7ce85d63d97b0
|
|
| Dell | alienware-13-r2 |
Affected:
e6819bd24e063807336994f36e1b7cafbbec46c2679a365dde1b54b720a049e4
|
|
| Dell | vostro-24-5460-aio |
Affected:
d54e560849c716d0ded4b25d9aacc746f77174cc6d3eeb3a50424eaf337c92aa
|
|
| Dell | inspiron-20-3059-aio |
Affected:
4b4fd4cc68e48cfbacaf1279ff42ce6e9d37aa7706efffb2a0bb84fbda2aabd2
|
|
| Dell | inspiron-24-5459-aio |
Affected:
2c6a0bd7b3a91b9e1b309bde7d405812a42abe40001ce661252d81e7cd009650
|
|
| Dell | inspiron-22-3263-desktop-aio |
Affected:
13deddbbdccb6e5411317e96bdb045e28c0dcbb7e86ed5f32e5d24b4b54a5657
|
|
| Dell | inspiron-3250-small-desktop |
Affected:
95446bcddec63d36a9f5554815892c104febb73c676a075d789e4b7c69979fa6
|
|
| Dell | inspiron-24-3464-aio |
Affected:
3ffd081959db4684563f0044cca9ac16d5467a42d40913f503bad8d171bf1c99
|
|
| Dell | inspiron-3662-desktop |
Affected:
5a02b9214bb7ca03030323835a85efd84d369ff02a6baf9193083e2b22e8d0c3
|
|
| Dell | alienware-13 |
Affected:
fe9e2b75babda09ba22a3e99494198e125188d9345bda2b961f10e98e6c2b784
|
|
| Dell | inspiron-one-23-2330-aio |
Affected:
374f19a62abe5b7c195038ebc945528046478ba7fac2b7b429edfaa47122e6e6
|
|
| Dell | alienware-17-r2 |
Affected:
e94ccb36573d53127cfdf1f6d617c31ba8562fbdd4b43e48fe1fd52325315756
|
|
| Dell | poweredge-c5230 |
Affected:
52dbddaf0c9803e7f9dd389519b829515abe97dc0fbd9b979230de28880f595d
|
|
| Dell | alienware-alpha |
Affected:
f1d2c02737ba96e93892f38c161b3f35fbca79a4302e439e8405d3434ed88fdb
|
|
| Dell | inspiron-15-5552-laptop |
Affected:
73e72a45f92daa7ef76dcf82e6d13113cd9acbd2250d78d2e02232535f83fbc5
|
|
| Dell | inspiron-3646-small-desktop |
Affected:
081c82a0748297ca5841b1772330fb6e776c678d425789a66e3072fb73d072d7
|
|
| Dell | inspiron-24-3455-aio |
Affected:
2fd0f72190810fa5c4a2a3f57a7bce51dd0baa47584b59b7cba4752a92c66ee5
|
|
| Dell | vostro-20-3052-aio |
Affected:
c4574a6a5e1e6b4f3b4a3317b51d75c3764395775f900b9ede99dca5e76849f2
|
|
| Dell | vostro-3252-small-desktop |
Affected:
9cc04e65928cf4852d0ae16d55808b42542387ae389ebbd3e42f888638909932
|
|
| Dell | inspiron-3655-desktop |
Affected:
31a7af2885146a94a82ce214a26e4dcdcfa36969aa47a7a1eaf3725fa6a2198d
|
|
| Dell | inspiron-22-3265-desktop-aio |
Affected:
7c0c8fab8b15d6de59936a3921f85d9e79f710c6c6db6459804b679d82760e26
|
|
| Dell | inspiron-17-5755-laptop |
Affected:
19967c4eebd851b31936c8cab20f86008c7f065cf93217f6cc82350521cc640f
|
|
| Dell | inspiron-3656-desktop |
Affected:
a0e12007dd08b6d9a22fcc6548d0562ea3a966b2030ea9d00c739971e02b6c9a
|
|
| Dell | vostro-20-3015-aio |
Affected:
05b03dab647098c957cadd2a66ebb1401dc5dae51f267351c0d076c239d5856b
|
|
| Formelife | Studio Sys UPD |
Affected:
a451ed9d6359fd109f495c75bab2678285265a72be64b3e5d0d5447a0e167cd5
|
|
| Gigabyte | E152-ZE1 (rev. A00) |
Affected:
a9638651a2475403924f124552dc199689a45d2e2e59e3dea2b223667dfb63de
|
|
| Fujitsu | AU47 M1 |
Affected:
d3715136d50fc486ef59fb4aee1d7f06552fdf98423809939538fe905a1aa0b3
|
|
| Fujitsu | PRIMERGY TX100 S3p |
Affected:
bfadb1d20541d4c39857e7b295b7ad20ce81d393f014eae27565bc173c1880c0
|
|
| Fujitsu | PRIMERGY CX270 S2 |
Affected:
e44c2088ee54191192cc690787d74d8ddbfe3fc97c58fb2c42cf8a952784c94f
|
|
| Fujitsu | PRIMERGY CX420 S1 Chassis |
Affected:
c27a0e267f18a89c8ba8aadd37786ef8fe18162b60b45fc209bf992b570837af
|
|
| Fujitsu | PRIMERGY RX100 S7p |
Affected:
e71744d4e18cbee18a1fe381a8a83350487baa6cfbf3729d999f85d7b650610a
|
|
| Fujitsu | PRIMERGY TX120 S3p |
Affected:
51a9197d05b1aad84546d9469b2c400bd7536eea62b2760a308e5bf84e71d74b
|
|
| Gigabyte | G152-Z12 |
Affected:
ad457250d51a0638880d9cf1df9dd029ab34b36265eda73c5459d8d0460ba3de
|
|
| Gigabyte | G242-Z11 |
Affected:
2ab6af312a78886a13144814ce766a771604755f8dd303381658026304415280
|
|
| Gigabyte | G242-Z12 |
Affected:
eef3fd99672410b85e6342c5757723d0d3ccecef9805237955baa20780de8b4f
|
|
| Gigabyte | G262-ZR0 |
Affected:
f21b8f836105cdb4051d8bb29302dcf86836b640bf048b24f3c76e930b513b32
|
|
| Gigabyte | G292-Z20 (rev. A00) |
Affected:
62bb737d55f4caa082b7ea2aa6f8a59c8efdaf9d5ac5b158cbfb32a6cead8164
|
|
| Gigabyte | G292-Z43 |
Affected:
1b6ff7d60400c7c21a5b28f947475e61abee187627c1ff12cddb25b1ce59ecb3
|
|
| Gigabyte | G292-Z45 |
Affected:
18def9ce5aa6551c1d7e77e9f53e34701f77b89d6b32d41ea050cc94d52941e1
|
|
| Gigabyte | G482-Z50 |
Affected:
b14d2e3fadc16c97684a4ae947798bb3a67372441dd7252568f71fc86e98ae9f
|
|
| Gigabyte | G492-Z52 |
Affected:
062e3100bfbe635c66feed863141f7a6f2bfcf0b887a5b3d7ae31fb610d17cac
|
|
| Gigabyte | H252-Z12 (rev. A02) |
Affected:
ac416150a9752dc20107bef240e73c6054af4992348003429bfd97a7373f4f27
|
|
| Gigabyte | H262-Z61 |
Affected:
340cc5c8f4468eb2d36b684dffbf139b4ac4504b5db3993c3c1b5145858c5131
|
|
| Gigabyte | H262-Z6B |
Affected:
0e761b6f3c7d3a1407addf499ff848c493a9d0b0197368cbe858bbc4fa5a4702
|
|
| Gigabyte | H282-ZC0 (rev. A00) |
Affected:
0b739af751913ea6ff42999069963dcf6a1bdd58a3de800ab721d9bdbd59bf0d
|
|
| Gigabyte | MZ32-AR0 (rev. 3.x) |
Affected:
a4102b19258804214beb838f61699a7623cc654341e6f60ad986dae805935c14
|
|
| Gigabyte | MZ72-HB0 (rev. 3.x/4.x) |
Affected:
e0a3837abd91821c4ad98687d2dc6456b7fcb05c8b672c48f242ffeabfa3e9b4
|
|
| Gigabyte | MZ72-HB2 (rev. 3.x) |
Affected:
7678e64f7728c059b228ddec74f0918f0544d5193f7b8efe0bf03e8f36c2f5c5
|
|
| Gigabyte | R162-Z10 |
Affected:
122baff0bf1243b945a7eaa9ca55303469d624d6150d4da136d697878177f1a8
|
|
| Gigabyte | R162-ZA2 |
Affected:
9d318d27111a3c5a2e3a6451103750d70dec9d6e9d048f7e98fcd60066b98aee
|
|
| Gigabyte | R182-Z90 (rev. A00/B00/AT0) |
Affected:
dbd77ee47e4bccbb2b8af2883765641e9d7c404937da2942637fa1b4b6d4d635
|
|
| Gigabyte | R262-ZA2 |
Affected:
c7f73261e85bdc43932e49254cb8654ed2ce0945379592cecb081d51e5834289
|
|
| Gigabyte | R282-Z97 (rev. A00) |
Affected:
076310804e591d1c2d4ab1d53cff0866c04a4189e03e6964b528b8a94faa7991
|
|
| Gigabyte | S252-ZC0 |
Affected:
8927ee41096d71b75bbef2672e22f640a22ae3588f4f44786fff92c70b861885
|
|
| Gigabyte | ME03-CE0 (rev. 1.0) |
Affected:
79700c28616b906f5534cf45d4582878a73f96eff24f1f894bd04b24c00eade8
|
|
| Gigabyte | ME03-PE0 (rev. 1.x) |
Affected:
ac5ec67cafd72fd7f497c3759b0dcf359de8b7db6941120c0c69d5f3eea4bcbc
|
|
| Gigabyte | ME33-AR0 (rev. 1.0) |
Affected:
8bdf9b526d2e9e65f23ded60745006c65678d184a258761666d3864432cc0cac
|
|
| Gigabyte | R143-EG0-AAC1 |
Affected:
630321979d80b22e20ca5fc713b2e3e1a8d9ec9ecaa6e2f814193ab8471636aa
|
|
| Gigabyte | R243-E30-AAC1 |
Affected:
ae9c0a6e84b0c2912eda99c2de4e95d45c0c8feb2a097e02832ae03c74796f50
|
|
| Gigabyte | G191-H44 |
Affected:
28068e88e5041161f4485f958f49060d6a865e4beb0b53bafc8f3c5e5e3923b9
|
|
| Gigabyte | G241-G40 (rev. 100) |
Affected:
912834981a1de06dcdd4f8cfd11e7db46ac691e5ef20616d76d859e889c303be
|
|
| Gigabyte | G291-2G0 (rev. 100) |
Affected:
0dbbb711ff0879479dc30b9a7116fb94f093e0225b74916f6b79edae90d8fb2a
|
|
| Gigabyte | G591-HS0 |
Affected:
bce2bb4589e9ba8bc8029514a887f3f3bb4ded3556bb5d77dc1a38bad564b435
|
|
| Gigabyte | H231-G20 (rev. 100/A00) |
Affected:
819cf98fc21e036b3ae7e6390ae09edcf6fc6c260b22bf6ede0852029ef2495b
|
|
| Gigabyte | H261-H61 (rev. 100) |
Affected:
190d03dff0cfed20b38ae3270c8bb197b024765963dff6b7730d96bfebcbb24c
|
|
| Gigabyte | H261-NO0 |
Affected:
7eab23785afd939c2abdf53e001e896c67216a6cc75b646d990fdf92ae226748
|
|
| Gigabyte | H281-PE0 |
Affected:
9f715f7b4128701de97332885c28547fe89ca4214de5af85623ab90670fdbbff
|
|
| Gigabyte | MD61-SC2 (rev. 1.x) |
Affected:
98c90d7d56e82fcf28b362fbf659c3dfd3f987de96d997defe2ef2e78f33cecf
|
|
| Gigabyte | MD71-HB0 (rev. 1.x) |
Affected:
82bbbdeed52e95c3f19ad09cc8fff5ea17f9f5341fbef5f88fba478c24e9fd66
|
|
| Gigabyte | MD71-HB1 (rev. 1.x) |
Affected:
c6957244c7417f2ea28889e02d23b63091b6049b82263872ec3a952765becf9c
|
|
| Gigabyte | MU71-SU0 (rev. 1.x) |
Affected:
67c4f4ad83e151ebe6e61092bec3153ec269e7be1945dbba0c61091a345a885e
|
|
| Gigabyte | R161-340 (rev. 100/200) |
Affected:
1bea20b7f9327d743487da2db53e5fb89ace6d22f56600b58918737418e716ee
|
|
| Gigabyte | R281-3C1 |
Affected:
aef16fc11c0f6ddca64581dc5b42b9d6e4ab66807ae7c5a30ccfd8f6774a2b18
|
|
| Gigabyte | R281-3C2 |
Affected:
5077c5d90bce52e6e22371dd64910f30aad69c42aaf9a144165682fffe23c3e0
|
|
| Gigabyte | T181-G20 (rev. 1.0) |
Affected:
c2b46f65550950fb75d45f5bff54bbed8d4877d803a9688739abd47909fc5f6e
|
|
| Gigabyte | MC13-LE0 (rev. 1.x/3.x) |
Affected:
a1f593c61f035734a87dddbe547a18a52d641785c40cfd320b0a0802be57a1e5
|
|
| Gigabyte | R123-C00 |
Affected:
ddce5a86b35fcf3fe494169bd1834b1f40f24b1a4938e5239bba011dfb981949
|
|
| Gigabyte | R133-C10 (rev. AAG1) |
Affected:
a09c15eaf24a7804b16fa6fc8e4d16c8ebbc850d070439b2c1ead835f4626dc0
|
|
| Gigabyte | G293-Z23 |
Affected:
36b879d3be098143f10fd76db48424f3c3470ffffbe2f828ec7462bd8ec73dcf
|
|
| Gigabyte | G293-Z42 (rev. IAP1) |
Affected:
b98e94dc0b78131fe59ca6a9c0a142037d412e2ce5fcdb9d0d6d10f102b1d5fe
|
|
| Gigabyte | G363-ZR0 |
Affected:
b2bdfb3a454065b92210cf8a11ef836b45b1db8679d31b45e65a71d1f5efdee8
|
|
| Gigabyte | G493-ZB4 (rev. AAP1) |
Affected:
930761233953091f36c6f92e069229f7dd6c86555c03315e1cf51f9fd349ac79
|
|
| Gigabyte | G593-ZD1 (rev. AAX1) |
Affected:
c564d83ca92af69a296c473cf748d2a6062883164794856c8be429a652e421fe
|
|
| Gigabyte | G593-ZD2 (rev. AAX1) |
Affected:
74e19d515a7d2d4644f026bd8ea3ee5035b1d325189d9ff2184892a62a7cddc2
|
|
| Gigabyte | G593-ZX1 (rev. AAX1) |
Affected:
637be0a8baa2b2a07788add89178c5ff71b837b0d7313d31252293e87a8c3734
|
|
| Gigabyte | H223-Z10 (rev. AAP1) |
Affected:
3d2868fe9d5c6ff7e0397d929f170cc6ff006c5d1b5f7bd99d937de8f93dbcd5
|
|
| Gigabyte | H233-Z80 |
Affected:
5bcc229773a51f96a3904ab181bc621231f881b88a9f59b9427555d9bc868045
|
|
| Gigabyte | H253-Z10 |
Affected:
4978fa8b487795206594ef340a6c846814e02e248aaf6d6d22e21e58c194fc00
|
|
| Gigabyte | H273-Z80 |
Affected:
7d216a628dc15d65ad64ee6535a8c190260c9616945108237dab43b3fb1ed549
|
|
| Gigabyte | MZ33-AR0 (rev. 1.x) |
Affected:
2c185f2a4900213d87796a8f1b7ba719d3506961c3587cc6b6c39ebae2067e93
|
|
| Gigabyte | MZ33-CP0 (rev. 1.x) |
Affected:
13b00bbbbe69eb17f726a086841770b17b9b5b02c903d165e5dcbc371b87e4d6
|
|
| Gigabyte | MZ73-LM0 (rev. 2.x) |
Affected:
140cae90bff7b80c41f0fc69c6439ec9ef3e7b54e408a29dcb9b41bcdf07bb3d
|
|
| Gigabyte | MZ73-LM1 (rev. 1.x) |
Affected:
36d2df2564747908c8f8b28df00ea5504783b9308fc76899d0a5ac1b57f43361
|
|
| Gigabyte | R163-Z35 (rev. AAC1) |
Affected:
6e276e4fdfd0ddecdf0c1df49718595d0c4bcb28850897215b88fa01c239b62d
|
|
| Gigabyte | R183-Z90 (rev. LAD1) |
Affected:
9bb0e8c4030538d2b820b333ffa1b211a7930953f30bc9ba206eb26adfa45741
|
|
| Gigabyte | R183-Z93 (rev. AAV1) |
Affected:
44c75c03ddbd8689b7a5df96689d730f002367d428da0982bf089c8f6909a75e
|
|
| Gigabyte | R263-Z35 (rev. AAF1) |
Affected:
4f59fb01703b0e6cd5140683e9eb6d98c452b3acb64ab642004276daf49e1ace
|
|
| Gigabyte | R283-Z93 |
Affected:
59c838f97265422664d3508ad13e370351e9f482983d942dd7fbf33bbbf00587
|
|
| Gigabyte | R283-Z97 |
Affected:
42329f479e5572eadd01b94fa8f3f3ae16b7fb4452ac2111f886855e4f52597b
|
|
| Gigabyte | R283-ZF0 (rev. IAL1) |
Affected:
3b999a0a4b3a7336597e7373e3317dd29b91f5510fdfcc8323988d1edab6c23a
|
|
| Gigabyte | TO25-Z12 (rev. AA01) |
Affected:
920c4d1c705e8b80e94b19f2c690d1fa4f25f0f6954db6209ed5118d7927fc32
|
|
| Gigabyte | H223-V10 |
Affected:
c9387dfa08afff4cd1f875331c6eb24ac6758d608976603c7398c039dde35890
|
|
| Gigabyte | H263-V60 |
Affected:
76f7ae620a91ff5e8590a2f22f59018e613aeb12b626b886d6ce2f5e4276fce9
|
|
| Gigabyte | H263-V11 |
Affected:
57be6485a091b1f60afa9a2af34cff051e293d03696c04ba578f97ac38a34d4f
|
|
| Gigabyte | H263-V60 (rev. AAW1) |
Affected:
2221d582286ebe04101fc5bd7e353e3f8826c86f948defeb8ac265b8c7ceb8d9
|
|
| Gigabyte | E162-220 |
Affected:
0c8eb9d218ca1706bd15989efc2915e792918b52cdcac38a4845913631f6cccd
|
|
| Gigabyte | G262-IR0 |
Affected:
ebf41cbd3da1701755a788922944f1ec7e13aa8396a03611cef2e3940da4cc20
|
|
| Gigabyte | G292-280 |
Affected:
5caad5c1ff5d9518017d64a2dc8cb2a83e294520ba6460c0a1b14212688f39a4
|
|
| Gigabyte | G492-ID0 (rev. 100) |
Affected:
c2902ae30064150ea9236e92b819a2cf96c47ad73f0439233471b89bb04cc13a
|
|
| Gigabyte | H252-3C0 (rev. 100) |
Affected:
436d56f15a1373c341638cc0edd950866bd519e0cb1e0de07ab7df2c59fba5d1
|
|
| Gigabyte | H262-PC0 (rev. 100) |
Affected:
83eeeab2bc322fa12b1ab2be69ba64ade98d999f8e1118ba1d6957c45b52a6c7
|
|
| Gigabyte | H262-PC1 (rev. 100) |
Affected:
083289beeb6b2d85285084059994d0ae833833cc7284428b6eea303099d99090
|
|
| Gigabyte | H262-PC2 |
Affected:
db38dafec56ac3bb8948390f699fddf5a3f3f2b33d0a696d41c803c059a5b940
|
|
| Gigabyte | MD72-HB0 (rev. 1.x/2.0) |
Affected:
eff883c442f1805faa24a44e645413d9c9d3d95e6e0bb5c227124f7eac8187b6
|
|
| Gigabyte | MD72-HB1 (rev. 1.x) |
Affected:
43eacbb8f8ffe499f4d0715cf6f798cd81351474abce0e410ecfeed7071740e3
|
|
| Gigabyte | MD72-HB2 (rev. 1.x) |
Affected:
ede862fa7c647cdd18ab5b2cc90aeec53c35e7f2a9e8d3cc9bd4f1f4e7837b30
|
|
| Gigabyte | MD72-HB3 (rev. 1.x) |
Affected:
5ffc9128e64f5a30a78f594923301a6110a8a97c236665f4d4ca7ea28d8a8d21
|
|
| Gigabyte | MU72-SU0 (rev. 1.x/2.x) |
Affected:
776719490d81637a1604081fa3e9ea7fc975020cbb45103bbe4efc70ed69c6e6
|
|
| Gigabyte | MU92-TU0 (rev. 1.x) |
Affected:
d6c0481e584911e1758040140b89593d1839956ef379a6d45d5ac37d0666b866
|
|
| Gigabyte | MU92-TU1 (rev. 1.x/2.x) |
Affected:
80073632c479a5522a64e14cd9bdb4cb12c3b86eb8eee5c36f63c40c96865334
|
|
| Gigabyte | R182-34A |
Affected:
da898f000b47ebe799f88868276a9f9a0744ae283480c70b4506f17218696a52
|
|
| Gigabyte | R182-NA0 |
Affected:
0b851b25b7dfd2d50e710016c21c06a5aab78fcd64597ca631669b7e6344db6d
|
|
| Gigabyte | R182-NC0 |
Affected:
75adec4e87cb200578f3899c3bd7435bbdadcc4941e5edcb5a3fe3055a8ad190
|
|
| Gigabyte | R282-G30 |
Affected:
ee788077e078691ba0f587f2f9f044667b3463f794d8f38fa0c96e8b68550703
|
|
| Gigabyte | G493-ZB1 (rev. AAP1) |
Affected:
64c336027bad7ec398c64d31ec444c47ec0d0b60eaf89202547967cc1b21fed3
|
|
| Gigabyte | MZ33-AR0 (rev. 1.0) |
Affected:
4270e08e2fca65beb36f8adaf338c4b94d248a98eb3d205d0fcf6a1cd2d6ca6e
|
|
| Gigabyte | MZ73-LM0 (rev. 2.0) |
Affected:
29ed1fb8fd445c86fb30ef02e78db0b5be5213ece5edebf5f9702daaa94f5ed2
|
|
| Gigabyte | MZ73-LM1 (rev. 1.0) |
Affected:
5be6bd89d0e644714c6c98502efcb6e5b90fbdf3101f82cd821d04d2fb11e60f
|
|
| Gigabyte | R263-Z34 (rev. AAH1) |
Affected:
00089e4dbac3fcc36ba347ac7d7f9067722601a9a55c2360bf9cae439a52c010
|
|
| Gigabyte | R263-Z35 (rev. AAL1) |
Affected:
ea3e4c728b066bf6827adb0497ec6e32ab66c546c4ca89fca8f3113c3d74e950
|
|
| Gigabyte | GA-H110M-DS2 (rev. 1.0/1.1/1.2) |
Affected:
5e55411efbcff6e593a2de57f46b6040324f35c1ed14f902333a71b6cea38930
|
|
| Gigabyte | E251-U70 (rev. 100) |
Affected:
6c404dfcb9550bf9080bb679ccfba607c96b149772c345ddeab0f881fdd16f8b
|
|
| Gigabyte | G293-Z40 |
Affected:
84c011953dcd5981156d4d5488c82f53ee73cc839d3359004d491b0f1fbf2808
|
|
| Gigabyte | G493-ZB0 (rev. AAP1) |
Affected:
c4dca3104af399295b160bd3ad7d01d38f9dc86e7143dceae68403480d7c19cc
|
|
| Gigabyte | R283-Z94 |
Affected:
47da1b96a4296aa07edf9e4f54df7dc663e8c8134477ee8718319667073a5d7f
|
|
| Gigabyte | R283-ZF0 (rev. AAL1) |
Affected:
0f77013fe1a7795b311828614ab371df89c88dd7ddd165d17130422289838731
|
|
| Gigabyte | MX34-BS0 (rev. 1.x) |
Affected:
c5b7f646ddc82ab730c91e13b52d86d9fa3c28d0b0cd1569fcf0a9b77509d7c4
|
|
| Gigabyte | R123-X00 (rev. AA01) |
Affected:
876f82d1e8632fff9b24a04be60fb1486a1e4eefb8b20183580874680fc06150
|
|
| Gigabyte | R162-ZA1 |
Affected:
8567d8f2fd8a32c33c81aae33ef21e34f818159199f0beed6c10dd6e2283351f
|
|
| Gigabyte | G242-Z10 |
Affected:
c7e9eff716b9e7000c89692637c58014ee0be37d7ddd39a0c2ae4ecba82e38fe
|
|
| Gigabyte | MC12-LE0 (rev. 1.x) |
Affected:
8e37407821e4af774debc51d6dd492c11fe6652ebfd25febae7a603a7ef69822
|
|
| Gigabyte | MW34-SP0 (rev. 1.0) |
Affected:
add3e41160a5effcd5a6dbfcda45072059e02f5a6fa39042fdbf36ae8193067f
|
|
| Gigabyte | E133-C10 |
Affected:
2d5900b5a13292df17073793a00393ea8e60a645104ebf8d95c5407674421c76
|
|
| Gigabyte | E163-Z30 |
Affected:
1ecbdd2c9fdb6e9bc4f2e48b5b3e1651977a39eddc6480cc4888462636648f38
|
|
| Gigabyte | MC62-G41 (rev. 1.0) |
Affected:
dc4153ee0a3333ab789383cef8b0d9760b9f416138a093cd3357370261babf4e
|
|
| Gigabyte | MX33-BS0 (rev. 1.x) |
Affected:
a0e138096681313a3923eefa3bd3480e6416c73d627d3888b36ce7bb6b2b989f
|
|
| Gigabyte | MC13-LE0 (rev. 1.x) |
Affected:
b9f880e1df8c0a237dd9cf607e19287817eb75f59057e8df89ade763ca7b6812
|
|
| Gigabyte | R263-Z33 (rev. AAL1) |
Affected:
d18f17a61f21b0b96542a3efd2a543cf87b434d86055e48aaac951f09c53e0e3
|
|
| Gigabyte | R133-X13 (rev. AAB1) |
Affected:
3e3fbdde80c01e9755408922f67ad04834a61cb5e519ab010b151b68772a9784
|
|
| Gigabyte | B760M D2HX LITE SI (rev. 1.0) |
Affected:
641b9c056a8fecdc3a572db60e00f0b0fed7722fe9cf377bc4b6ee9208423107
|
|
| Gigabyte | GB-BER7-7840 |
Affected:
f63845840d8dabf49f4a1137c4b1558257748fc26812bd693de92ed0257362ec
|
|
| Gigabyte | R163-Z32 (rev. AAG1) |
Affected:
7fd571d3ff56fa697a130f06d98ae3d2568e4e3d5848cc0966f4e00617801cf2
|
|
| Gigabyte | MD72-HB2 (rev. 1.x/2.x) |
Affected:
e01af875c3100fa3d72d014aaf93417317a1a4a4e69c4a28c216c73dfa5e041f
|
|
| Gigabyte | GA-H310MSTX-HD3 |
Affected:
094ba53bd3f96434153ed4c426a2c9f8b62ccab2b7ff60932061f9fa84a9309e
|
|
| Gigabyte | GA-H310TN-CM |
Affected:
9f5d955a2b3e33b9ba93e98d56a3ce4c997c4234161a4637aa88eda81cfc743a
|
|
| Gigabyte | GA-H310TN-R2 (rev. 1.0) |
Affected:
5ad827acb383f51e80cfd4605f8b02186b680f61ba0129e6c054af896dbe6d48
|
|
| Gigabyte | H310N |
Affected:
de983965452c5d6bdbf7e4137ef30782337efded699beb2db1cb1cfab2a9cdb9
|
|
| Gigabyte | R143-E30 (rev. AAB1) |
Affected:
a0ed7595a6c1b6e26d1e930ca3a8c1c0dd619db049ef112fa653b8bf9b026bda
|
|
| Gigabyte | TO25-Z11 |
Affected:
c70331be155ee7c048b0296e15de195158c1215b1ddb31fb842018467c5857d1
|
|
| Gigabyte | G293-S46 (rev. AAM1) |
Affected:
4151a030854ddba555d497a9d2626723d662a9c81e86b39e4e2c02c209ebabbc
|
|
| Gigabyte | R163-S35 (rev. AAH1) |
Affected:
f8c33896586db20586273c8378d4fd18e49a4db7b6ac15333eb67536536c40da
|
|
| Gigabyte | R283-S94 |
Affected:
70ed5ca85b768ef6f9bb36baa9596d07fb259c775b457464c138a7494f7340a2
|
|
| Gigabyte | TO25-S11 (rev. AA01) |
Affected:
9ad9beef2a8253dc72e6bdd37d76bd54fcae482fbd3308904d87dfaa4df281e2
|
|
| Gigabyte | G482-Z54 |
Affected:
f446b6d7d932602558e4abdbea9a9b826a12d27c535ca6c2d0bafa5e34ec3864
|
|
| Gigabyte | R183-S90 (rev. LAD1) |
Affected:
9cee49e6b444421c55798f7ce7bf7a1eebc6d6f75319c2bcb39bd11b4075c71a
|
|
| Gigabyte | MX34-BS0 (rev. 1.0) |
Affected:
5380cc7bc3d652f0d0316dd3225fb45f1bb054e9c568b9c8e8bf9591306cdbaf
|
|
| Gigabyte | G293-S45 |
Affected:
77b27203150cbb0b885df35e361b1a193163316e3f315be4e7967312b097aedd
|
|
| Gigabyte | R163-S30 (rev. AAB1) |
Affected:
e0c5fec105a86f8b7ffa77bd983d3ed0b54cbc65542e0ffdb9aae29cfc2ddd8e
|
|
| Gigabyte | R133-X11 (rev. AAG1) |
Affected:
e8f28f55ed2fb648c7237e216e5c377da45e9f6d6a746605515002aaf502ae4c
|
|
| Gigabyte | E283-Z91 (rev. AAV1) |
Affected:
1fee6620306388e1d23dba7889b858bd56a091cf04ee68db32639e14d9b87a14
|
|
| Gigabyte | R143-EG0 (rev. AAC1) |
Affected:
672102a1648ac9839230ff8c818edc737b01fbe92250ae0db8ae2441b257f5d7
|
|
| Gigabyte | GB-BEi3-1220 (rev. 1.0) |
Affected:
39ea2372c5af03dacf3a4112895e5bb59489497c23828e38acd4b4fec35df970
|
|
| Gigabyte | GB-BEi5-1240 (rev. 1.0) |
Affected:
2d34f17d147062c8aa223fd2e528b8c10c0879e8ee2d6064607f45e93908a935
|
|
| Gigabyte | GB-BEi7-1260 (rev. 1.0) |
Affected:
dc45a2e1fd0112f5deac4678b7b093d4e233256af8e492104658c38a5ad426da
|
|
| Gigabyte | E283-S90 (rev. AAD1) |
Affected:
059d906408ac5c7daa81504d9e9057023d7686c9383faa48ef6f195d4b32d997
|
|
| Gigabyte | G493-SB0 |
Affected:
394bf746dc6183441ea4d034769683c92eb999195fe6ab6e1fbf10c4cd1aed32
|
|
| Gigabyte | H263-S62 |
Affected:
d733c74eeca529ae54b842ea757213532781db14b38c9222f4eb34be5ac7e1b8
|
|
| Gigabyte | R163-SG0 (rev. AAC1) |
Affected:
35ec23b26774c9030a1deca1b66837805aa7bedd6518d5be506681f2296b5e17
|
|
| Gigabyte | S453-S70 |
Affected:
9fb2a464f53ad26c1bab90ee2437c0c265ef6d0faf419af58baca323c6156b7a
|
|
| Gigabyte | E163-S30 (rev. AAB1) |
Affected:
a7ac0837b77d7a91edb4e5fbfde127eafe1601e858a6312af9e555646de46480
|
|
| Gigabyte | G293-Z20 |
Affected:
abe7715141d75d5817b2456105d037d116c441796c7a373dbf3307412e111bf5
|
|
| Gigabyte | TO15-Z40 |
Affected:
b0766c740aceae7f71543bfb22d3c757640e714e52f32a17a3d42f9d16d39383
|
|
| Gigabyte | E133-C10 (rev. AAA1) |
Affected:
2af044c4474abc534ec6da84e1e6415386421dbc897ed2946efe131840de8161
|
|
| Gigabyte | R271-Z00 (rev. B00) |
Affected:
dcff49fc24b1b8cf02fce97a15b0bc8bb19c6979df21136007c677ac3b9023c7
|
|
| Gigabyte | ME03-PE0 (rev. 1.0) |
Affected:
2bf55cd3046c8fb548063466ea9eb0802c4401f3c04a13f9ef693fe7c23570ef
|
|
| Gigabyte | GA-H110M-DS2 (rev. 1.3) |
Affected:
8448a4dad1df740fb0882eb8533c40a2227e385f9f2f07a546c1d2e6020b7cbf
|
|
| Gigabyte | GA-H110M-H |
Affected:
0dc9159572d38d754e168d1290219dc558cc72e67e8fa72727ddd43a5ad187e7
|
|
| Gigabyte | E152-ZE0 |
Affected:
83d24271a7b1b9bba7070c128edcc8b4d6a5e7c96caa920baf5c014efbf6775d
|
|
| Gigabyte | R282-Z93 (rev. A00) |
Affected:
255ffd2b1161bb8a53626ad3920c40eb5f0f63cb1d5710969abf31797f8771de
|
|
| Gigabyte | R162-ZA0 (rev. A00) |
Affected:
85f9cdc44ed670c411f0892b769e91567f9a81bcdeb92861fcf6e2ffc7773f9c
|
|
| Gigabyte | S453-Z30 |
Affected:
92c197c09f8aaa2e20427f649cacd1484ef7a345040f54eeb3135745b6f671dd
|
|
| Gigabyte | G262-ZO0 |
Affected:
efc056c3caa782e178b7ade2333316ef39a0a6e17157c68a61927b3a045061e9
|
|
| Gigabyte | H262-Z6A |
Affected:
2ac696517ae7da9f3efe81af66b89b5f7b24beb6e09aca06e61e454915070a3b
|
|
| Gigabyte | MZ72-HB0 (rev. 3.0/4.0) |
Affected:
2ad038a3b127e95df1fc8fa61bafb96a113fe0093d9ecee66db9ece973c5a257
|
|
| Gigabyte | MZ72-HB2 (rev. 3.0) |
Affected:
225cea866d8c5843d32d6edc97764b69b05707e47c9537e6e6e7f4ac06775816
|
|
| Gigabyte | G152-Z12 (rev. 200) |
Affected:
e7969888310f2eceb73544fd8108eda95c1a3ea62ff57da93c643bc55b898f50
|
|
| Gigabyte | G292-Z40 |
Affected:
d31512a9a475071b6e14a03aed7c5286aa0c622925d7a840bdee7158a7d9583c
|
|
| Gigabyte | H242-Z10 (rev. A00) |
Affected:
1096dfa8e4e5f5d2410eacac73c51bd1b946bc4d2f110a44e8c33f53d0182eb5
|
|
| Gigabyte | R152-Z30 |
Affected:
5297e4a26fd8ed927abcb2438a5ac2a4e35e770d06d272ed77b3d847bebb11fb
|
|
| Gigabyte | GB-BSi3-6100 (rev. 1.0) |
Affected:
e81cd2760e4d5090b1d0da86309ba993256d88a4abb8065ce83266bcf4f0ca34
|
|
| Gigabyte | E283-Z90 |
Affected:
40d4956a427564b83b0c1a86f1c32510feeeb5282eccfb211bd29f0a0a7767c4
|
|
| Gigabyte | R163-Z30 (rev. AAB1) |
Affected:
58a47d7e153b03ce005686aac24bfe31f405a7cc4670b826ccc775a839de7ee1
|
|
| Gigabyte | G262-IR0 (rev. 100) |
Affected:
43dd7e97fc6fd1fc0ac1ef601c00eed9ec9b5d5325243fb8c6f0ae3517fce89b
|
|
| Gigabyte | G292-280 (rev. 100) |
Affected:
5b7eee5f852ce1424dfd476d8713650e528fa359f19e551b7adb9b6a12ad467e
|
|
| Gigabyte | G492-H80 |
Affected:
e79fefca976e762f76a8ce36494928dc2ba039de02b69659a87b5245cb27ac2f
|
|
| Gigabyte | H262-NO0 |
Affected:
d04141fdfff53843c10ef247e885ad9fb62ffc58c89580718ecd2b102a590f30
|
|
| Gigabyte | H262-NO1 |
Affected:
ca65772cdd5fef0d287957d5a6e308fa1126b9b40a2cd701e1190e852ce0bfd2
|
|
| Gigabyte | R182-340 (rev. 100) |
Affected:
ade7666d9e200c0929260025880128674b63349911f1d03857a42cf753f10b80
|
|
| Gigabyte | G291-280 |
Affected:
6917b15d532856e0c0f7cbfc3501f4d5c273616046d94695e01ce07303f6011f
|
|
| Gigabyte | G481-H80 (rev. 100) |
Affected:
53a8edb12be4b79c231d3f950e20343f20f3727a6544504259639fa6506f2457
|
|
| Gigabyte | H231-H60 (rev. 100/A00) |
Affected:
56289ef76755acc7f4e843b3ee0f29ec8f063f113f640b157d095d18a866d874
|
|
| Gigabyte | R181-2A0 (rev. 100) |
Affected:
01c95a23c9bfeff78ab2b6d77ca33e6a967cf624d1afb5fad393776c79a25920
|
|
| Gigabyte | S251-3O0 (rev. 100) |
Affected:
303797b38020f7b91381f887954f819112509c4b855ebd75c7a31dd227acf1cc
|
|
| Gigabyte | S451-3R0 |
Affected:
c9a2e7d55dcf6e3f7537515d2c6cb0e36770a5fbea7a01dafe4a90359ade90eb
|
|
| Gigabyte | WRX80-SU8-IPMI (rev. 1.0) |
Affected:
249510667c5c37bd25d731655d7dbf18c5fc2d8d377c0c2326810cda6d9c0f46
|
|
| Gigabyte | R292-4S0 |
Affected:
1dcce1bfce8c75c3fdf8a307ba7f6d0231504095e1c4e6bf2166a4cf75df29cc
|
|
| Gigabyte | R283-Z93 (rev. AAF1) |
Affected:
dcb8c9ec0cdddcf94852ac34e952a349af1ca970d825dc239075286875a9257d
|
|
| Gigabyte | GB-BNE3HG4-950 (rev. 1.0) |
Affected:
ed3834eedb770cbb44be9357c5b05d9800ec9577ba3eb6faa3c47460d78814ee
|
|
| Gigabyte | R161-R12 |
Affected:
523e9d1bf5710144e36f9535141955dcf9a3d075fff092f6b4d1e12ee2eda562
|
|
| Gigabyte | GB-BXBT-2807 |
Affected:
16f990d85b5a42e9b762a08f69614b0c6e3f5c1236364ca38efe92a5dd729bb4
|
|
| Gigabyte | MB12-CE0 (rev. 100) |
Affected:
bcf637c0c5be2018d76681b66661d1e6f061c2e1366124f4ef8754c074f8a95c
|
|
| Gigabyte | R263-Z30 (rev. AAC1) |
Affected:
92780ca87316f207f58c61f65bc8f702fbb2881688d9819dbe8ebbbbed6e1f67
|
|
| Gigabyte | TO23-H60 |
Affected:
955038954a0d1463be658fe518b6006f9fde166b67e9007f3befb9cfa62e5da9
|
|
| Gigabyte | GB-BRR7-4700 |
Affected:
a462c1a73072f541b6719e4cdee351d44a7cb3593dabbc6809b5b387d909eee5
|
|
| Gigabyte | GB-BRR7-4800 |
Affected:
424e8b46bd3feec4aae4ec33eae1ca8658526eeb66e121adb244d3c322dd005d
|
|
| Gigabyte | GB-BRR3-4300 (rev. 1.0) |
Affected:
5cc12fd686928c97fa7fbfda17250579adc4e7bd11e46e88650de5ebca6ed03c
|
|
| Gigabyte | GB-BRR5-4500 (rev. 1.0) |
Affected:
6ea44803e9b188161126374021e9d845136edd676d33fc80e5f9348b8d577a87
|
|
| Gigabyte | W771-Z00 (rev. 100) |
Affected:
d07d7094aa0dbdb896f8d3dceb093ea8c1d72ee0009472ece73190d2071aee6e
|
|
| Gigabyte | MB51-PS0 (rev. 1.0) |
Affected:
372c9a6f86f60d7cef6ae2d2ee7ca0d55df998ba0a47468668c6758b3d3db725
|
|
| Gigabyte | X299 UD4 Pro (rev. 1.0) |
Affected:
ca8a556421eb318b0e5901085e97c448f1646a1636e34ec6e4d76f4a3d61f601
|
|
| Gigabyte | G492-ZD2 (rev. A00) |
Affected:
c8ab653dc8a40406c0a8a4d71b56059a2f9b7c7ab9e883290acd071941c7bc25
|
|
| Gigabyte | MW22-SE0 (rev. 1.0) |
Affected:
d369b68d0c38afedcbb0eeb82f2d06d486e9c0ce212ebe3b0d9f8dfcdbbbf5b0
|
|
| Gigabyte | MX32-4L0 (rev. 1.0) |
Affected:
78ce8406e3b09a3450d41ba11c1dae91456f25c796441dabb52c7b7e261b3a69
|
|
| Gigabyte | MW32-SP0 (rev. 1.0) |
Affected:
0cd64d233ea4db6db2a90962d2888f4e5b967fbb24fa944ccbbfc2c02d5a358a
|
|
| Gigabyte | MX32-BS0 (rev. 1.0) |
Affected:
40234a98894a9855db1a921ffe9d272caa1e5702dcdd14afc82f6a91753fd460
|
|
| Gigabyte | GB-BER3-5300 |
Affected:
a3ab1a934f5806b5472f13257771924e3fcbaed289b2d6a860ec2fbbfd2d0c11
|
|
| Gigabyte | GB-BER3-5400 |
Affected:
06879fa2383284b0222247992f7d359bf5d0ddcebfdcd5b42a20ee5f46a8473f
|
|
| Gigabyte | GB-BER5-5500 (rev. 1.0) |
Affected:
68f88269c87ecb16f9b7d9269005ce505a3498b9e3440054742481a2254d5aea
|
|
| Gigabyte | GB-BER5-5600 |
Affected:
d98134626baccb58d0d97613efeae6d504b112a4f8d8849e2599ceecf55f7fad
|
|
| Gigabyte | GB-BER7-5700 |
Affected:
ec439231fb2d3491a63b173bda078a128bf02b19262b3549f3a799992442d9e7
|
|
| Gigabyte | GB-BER7-5800 |
Affected:
7704838038c24fa47fadd54f19c5911fa39823ecfb5f451db59271112a07e777
|
|
| Gigabyte | GB-BMCE-4500C |
Affected:
43cce322b194b9be7bedb247098e8b691878f238b14199cfba11af4422b3464d
|
|
| Gigabyte | GB-BMCE-5105 |
Affected:
c412ba0cc85278e93f349b9fae6011982f23f8f3a7b6539a36d90b551ae1006f
|
|
| Gigabyte | GB-BMPD-6005 |
Affected:
6f14b4087af44921d294462fb0d65259f18af0cc23b7ab1c5b87773b9c3c13e4
|
|
| Gigabyte | GB-BRi3-10110 (rev. 1.0) |
Affected:
d6626703c5940d244a87f2967f0c54f4a5a7b53597dd92a0b561f28a2f9a9161
|
|
| Gigabyte | GB-BRi7-10510 (rev. 1.0) |
Affected:
af98c4cea319d387751cb356a28390fa630a1b2f66920a3202b37e0acb861ade
|
|
| Gigabyte | MF51-ES1 (rev. 1.0) |
Affected:
dbe505cc1f3a4135628b7e22c7fddb99bf3ee1d46f82a84219e8cb0905c20ff2
|
|
| Gigabyte | MF51-ES0 (rev. 1.0) |
Affected:
d27437e85db58b607bc173e844b31dbfb8b949ea3c225e13377ae942572c4611
|
|
| Gigabyte | MF51-ES2 (rev. 1.0) |
Affected:
9bd110e7a5a1e1cdd77af3702309d98f748cdec6d25a5e76c04f63417e2e6a8d
|
|
| Gigabyte | G492-Z50 (rev. A00) |
Affected:
0b2bd8851706081fb9e310e5f4a7a97c3a0bb32eb7167a609e602ba6cec1ea89
|
|
| Gigabyte | GA-J1800M-D3P (rev. 1.x) |
Affected:
19c85b8fbc25322544c775c9fdcee793a563d51b32ede6b29c02248e0813f42b
|
|
| Gigabyte | GB-BSRE-1505 (rev. 1.0) |
Affected:
2f18902d7afbe8d900b6552c2d7a86760f05c4698c1018053b2fad97f6ab51f7
|
|
| Gigabyte | GB-BSi3-1115G4 (rev. 1.0) |
Affected:
6f6c034629c0d8df05227f4e7d85d02d8fa52d7fda0940fd4f80f62a23be06c8
|
|
| Gigabyte | GB-BSi5-1135G7 |
Affected:
baddfacc85e4aa97915493c4f66cde6002104bfc10ecfa3839c4fc6e32597953
|
|
| Gigabyte | GB-BSi7-1165G7 |
Affected:
b191f4293202c488ba673c288bb5edbaf506a9835a508ec38fa705797738c918
|
|
| Gigabyte | GA-H110M-S2PH |
Affected:
a5013d7b2208a6c2d1ea75bbef06711be676430321f4b275140049d6fd53f8df
|
|
| Gigabyte | GA-H110M-S2PV |
Affected:
60d70e509fc3f7c1da701e5195218f20e297c11d2dd4f0327ea4d25732c120d0
|
|
| Gigabyte | G292-Z20 (rev. 100) |
Affected:
e0ae28d4aca350a31f66402f4b0f46e05e4aaf77adfc813179a7df20c8f4b148
|
|
| Gigabyte | W331-Z00 (rev. 100) |
Affected:
4f7c60d69e3c374da221c2ab2d2393794965f2e0e1cf296f5a64d4d77299089e
|
|
| Gigabyte | X299 AORUS Gaming |
Affected:
c5534cc441ef64739b9609ed3160f296cefda8faaae992448baedb01e9310be7
|
|
| Gigabyte | X299 AORUS Gaming 3 |
Affected:
82f181dfcdb973537274d8fbf4ad83d60ba8b7315bf99def64780a8c29c6a843
|
|
| Gigabyte | X299 AORUS Gaming 3 Pro |
Affected:
810a53fa70ab5b27f2dbe92948b79638dc87fe6015f94c41501562a47805e28f
|
|
| Gigabyte | X299 AORUS Gaming 7 (rev. 1.0) |
Affected:
ee03798b5db2710360c33566b2e61b46bc664ff8a25b257bbfb620c332d70f2b
|
|
| Gigabyte | X299 AORUS Gaming 7 Pro (rev. 1.0) |
Affected:
6ca7152161d4d3a65a2d4fa707a3784811bbb7507332f1c82662456f5f76b5a5
|
|
| Gigabyte | X299 AORUS Gaming 9 (rev. 1.0) |
Affected:
14d6cfb20110768c3da503050dd9222a2514aecd0ca49f2c08e64bf6595b0cd2
|
|
| Gigabyte | X299 AORUS MASTER |
Affected:
326280954738ecffd23930791fec6dc0ba2b9774c85886b98d33723974c3427d
|
|
| Gigabyte | X299 AORUS Ultra Gaming (rev. 1.0) |
Affected:
91933d348054953096135089baa7b6ca61dc43e9fc25dff45c9fb4dbf9e8d606
|
|
| Gigabyte | X299 AORUS Ultra Gaming Pro (rev. 1.0) |
Affected:
22869435dede4b52f75a6b82266b67f8930857829185f97bd322c3a72a8899e1
|
|
| Gigabyte | X299 DESIGNARE EX (rev. 1.0) |
Affected:
0a1aa3edaeb6b389a08cded1ce036ea9178527389ca1549442a35f8b1b2bcdf6
|
|
| Gigabyte | X299 UD4 (rev. 1.0) |
Affected:
3716034ddd789a3e8e1c688a477e4735f228bc3acfa18b63e719d7cd1e8fedfb
|
|
| Gigabyte | X299 UD4 EX (rev. 1.0) |
Affected:
6fbe2e27bf4b4543e39c88a4702f487b15d02a47b04e006759cfb6432d82fa0b
|
|
| Gigabyte | X299-WU8 |
Affected:
d15d9bd6d7980d27bb56848643aecef336c8ff0a695e155071b7dafb1f75d08c
|
|
| Gigabyte | H261-Z60 |
Affected:
826f711b5accbc542c3e33d607f1dd10edfb3486772975f204aa2de43bdb52fb
|
|
| Gigabyte | MZ71-CE0 (rev. 3.x/4.x) |
Affected:
c0c4215e8207d397914a56edf50428f01ad3676c23630ef7b8c06cf36e45a7e1
|
|
| Gigabyte | G292-Z40 (rev. 100) |
Affected:
fcbed542b232be01a0ed2d52dcd3dddc101fafed3da9f3e3aa6b17b652e640f4
|
|
| Gigabyte | G182-C20 |
Affected:
e133210fdecf2d57cde25b0bc706437210318e37655eb22a97000bf27a02c177
|
|
| Gigabyte | R162-ZA0 (rev. 100) |
Affected:
03e23d40902c4e68730e74ddadcc716f46032774001e1b6bc606c5294d4bacf8
|
|
| Gigabyte | MZ72-HB0 (rev. 1.x) |
Affected:
390cd14f2be9ff14cdcc90a9e705cc017bb2535e66b93859eddc233425998937
|
|
| Gigabyte | G221-Z30 |
Affected:
8e8b934cc0bd3127262a9e52fac754d64abe27c09902a78acec81c0daf883f77
|
|
| Gigabyte | G291-Z20 (rev. A00) |
Affected:
8d49dfb69b420390cf13ff8f3a3b3ab88e5dcd46a182c4ac5be9868bc6278c35
|
|
| Gigabyte | MZ71-CE0 (rev. 1.x) |
Affected:
d3b797002d243cbed1182569ffc6b5e5f6243e59ee27bbabae7362fa80be6e91
|
|
| Gigabyte | R181-Z90 |
Affected:
24be564cb337350bd9cbf409cd95f29b760e1ff872f99b27379c40b533e9f2e6
|
|
| Gigabyte | R271-Z00 (rev. A00) |
Affected:
99f913a3f88561d7163bb1ed79380dd346897e577315eef71695aeb861e82579
|
|
| Gigabyte | T181-Z70 (rev. A00) |
Affected:
e42a49d2674808c57b781e8b3d78613a143ba9797d1a856ccd2a62302a49520e
|
|
| Gigabyte | GB-BRi7-10710 (rev. 1.0) |
Affected:
14c74b9b80e71d3302c13aea0dfea3560e1452a55c698c20e457c5b495154443
|
|
| Gigabyte | GB-BRi5-10210(E) |
Affected:
56430f2f4f9aef4e50f503dc8397fdb20b005bf38a8b9029c43e3eed56c39229
|
|
| Gigabyte | G492-ZD0 |
Affected:
bacd1c945c9ff1ecea3e29039ad8b742c6d040e5792bb45008c1b7f664fb36bb
|
|
| Gigabyte | G292-Z46 |
Affected:
31aa7ba19f6edb9472a3da22793803c265a0cb0b7cd7979db56251c37edcfe5f
|
|
| Gigabyte | R282-Z90 (rev. A00) |
Affected:
8cc6129ba23848fbd65b91a9b70999aad19d3b7a6d168066cbe4a0b759fc5a5c
|
|
| Gigabyte | R282-Z96 (rev. 100) |
Affected:
605db3a5cf91d915929488803446e5a51dda16d661e76840b707474d2df79069
|
|
| Gigabyte | G482-Z50 (rev. 100) |
Affected:
9b0c2aaaef88b38db18e4efd44b2582c8401f9a17f2c54d0e1f07d2c94a9a5f4
|
|
| Gigabyte | GA-H61M-S |
Affected:
5fb07e319cf6d523a488d879e7eeef3321e90fbee049efb642b34ad2a32611b8
|
|
| Gigabyte | G492-ZD0 (rev. 100) |
Affected:
25555956322c0eaecf58fd759ed9b0b7857f9dd149b02de55e2f5eedb291117b
|
|
| Gigabyte | W281-G40 |
Affected:
f7c504d3d3907aa4c7f70ca1fbe1fed7e73426eb987b9c5e2f6b31d42e801af1
|
|
| Gigabyte | MW51-HP0 (rev. 1.x) |
Affected:
1190d15905ff8656d2d0601c388df633b1646fd585de4fe871fdf93fc23d35a0
|
|
| Gigabyte | G482-Z53 |
Affected:
f5f61e3f93c7f6615cfdc26efce6a83b3188d697e2243643d08d10dfa9de8afb
|
|
| Gigabyte | G482-Z54 (rev. 100) |
Affected:
0fe0c762e396660fb30aeddcf5a5928af864eb44399271ed975913f36e46190e
|
|
| Gigabyte | GB-BXi5-4570R |
Affected:
3353c109a69e6fdd86adbec899e2669cce724bc35db33a86fb0bf1c81a508c2c
|
|
| Gigabyte | C621 AORUS XTREME (rev. 1.0) |
Affected:
7edc3eecb5d5ed515e06f8130d875fcae07cb0c7bfaa2e4cd8d86862e5ecc256
|
|
| Gigabyte | MJ11-EC0 (rev. 1.2) |
Affected:
3631995d059e336863527f1511894bdfc61361bc0691a430b3896fb94746aded
|
|
| Gigabyte | GA-E6010N (rev. 1.0) |
Affected:
c9c8f182cf3b058d12bddb039d8a3f3686d1c325c9b2719ec5fc8644e066274a
|
|
| Gigabyte | GB-BACE-3000 |
Affected:
2da499751e8a5446ac8445cee5b95f6bf75ded5c8ec6738eb67f5c4ac2081c32
|
|
| Gigabyte | G291-Z20 (rev. 100) |
Affected:
6d6107f0d094fab41eaf6073089de8a0b24bb7a66c5851f534a8f1d26812c3d2
|
|
| Gigabyte | H261-Z60 (rev. 100) |
Affected:
edd3eccfbbc2ef2ac40e723697f67a346fca062ddd6679c5ff8cfbb91d3b6afb
|
|
| Gigabyte | R181-Z90 (rev. 100) |
Affected:
575fc48c70ea9ee40f8016ea2328ebe790e7e556333a95b9b511be466047f668
|
|
| Gigabyte | H261-T60 (rev. 100) |
Affected:
6b636c9fc0ec84737f2238365e71c23e9227695cd5ad52bf40dbe8290920fb60
|
|
| Gigabyte | GB-BSi7HT-6500 |
Affected:
e9bc71596a97741893377b2c52a13b5b2ff0a7b6f985af40725e0755d2c537c8
|
|
| Gigabyte | C621-SD8 |
Affected:
d6ad23c1fab3f0a2babb23e7907385e25a06801c2edd50d108e5b08f923855a8
|
|
| Gigabyte | C621-SU8 (rev. 1.0) |
Affected:
b9017e90f6c47a9d9560cfd92206c4b2e624cd91cd7f0680fb75dd972ef9582d
|
|
| Gigabyte | GB-BSRE-1605 (rev. 1.0) |
Affected:
d72f64d5a25b9088f7fff456d3783c2fb0e7926cd4de6469c6c3f57690830907
|
|
| Gigabyte | GA-Z170X-Gaming G1 (rev. 1.0) |
Affected:
0455dd8b57341d5667d4c4dd71767321c3f72770f84db4e46f93d31e50b376a7
|
|
| Gigabyte | C621-WD12-IPMI (rev. 1.0) |
Affected:
0215ce75b3629651d0c64b0b241095b58f0af921cec3022c524d531c22f1385e
|
|
| Gigabyte | C621-WD12 |
Affected:
f528dbe55aba35bd4e5d55fe853afed41c54d78719765944a5ea74dbc062f4b5
|
|
| Gigabyte | GA-Z77X-D3H |
Affected:
cc7b733f36b027823b3f501864d74397d308f8bc169149cca5307855234a4527
|
|
| Gigabyte | GA-J1900N-D3V (rev. 1.x) |
Affected:
19b4ba1388707838d0de17b6f2e9ce01f70f728926ab7e2dcc0566f6dbce8e90
|
|
| Gigabyte | G211-H4G |
Affected:
9546a8c62b6d285172acc0ca17340040cd18ff76bfe5b9e7672824e948f7331f
|
|
| Gigabyte | MW21-SE0 (rev. 1.0) |
Affected:
60370916ce5edea7899125ad1b470d59cc04b0aeccea1ae5474f78ccf187e4ae
|
|
| Gigabyte | MW31-SP0 (rev. 1.0) |
Affected:
a89940e207a6fdd61170536d0d8fe66b4584c38a804c0df15d23c0cf30d49e35
|
|
| Gigabyte | R121-340 |
Affected:
d2565f697c692df559b665d0b97b3743c9de07c0ffa83b0fbb5b86aa821e8622
|
|
| Gigabyte | R121-X30 (rev. 100) |
Affected:
2ca3df4ff24732338397d64dc81509ea5a7c4b979ca3f2ee6c7446d690355c52
|
|
| Gigabyte | W131-X30 |
Affected:
7fb3aff9b87102cb3535bd80904b7252c40ba4f556d9f355a45fc9003cb29e9d
|
|
| Gigabyte | G292-Z42 (rev. 100) |
Affected:
09d1d8dff99b19615f14413d6ba20891819d481b12667452786510209344095e
|
|
| Gigabyte | G180-G00 (rev. 100) |
Affected:
e32576a5522533c1914ea8aed13f238022bf60eb6fb86ec5393bc8ee56cf5a06
|
|
| Gigabyte | G190-G30 |
Affected:
cbb6d5a01124074eda2161e53a5128e0d0d8eedaffa55b14c1dfdd6fbc5a067d
|
|
| Gigabyte | G190-H44 |
Affected:
bef72cba124fcef35a3ccd67b94707f20c2bfe2a4f4d89f3497affd72b8c2a73
|
|
| Gigabyte | G250-G50 (rev. 400) |
Affected:
9424cd10408253ab228dc2125524340f5ca53759e3ad4e996e7cf0320f41884f
|
|
| Gigabyte | G250-G51 (rev. 400) |
Affected:
c17b5d0b9140f95f5317619866739be362765e6165292cb183f539b6758f34b3
|
|
| Gigabyte | H230-R4C (rev. 100) |
Affected:
59a3fe40e2896be666fd2712f7e5176ab10ca9335b39bd04fa48867ee607c066
|
|
| Gigabyte | H23N-H60 |
Affected:
d4fc77114a472bf1902a66a35f51a11689446c8d0dc18000717a5f74ae6b3a2b
|
|
| Gigabyte | H23N-R4O |
Affected:
a5cda726ef82b73f9c764e39a64ceab32e4d6e238c3019e06d3b7f2218d68ea8
|
|
| Gigabyte | H270-F4G (rev. 100) |
Affected:
934742dd01634ef45d78c2a7f9f3e89a0db2cbc7baf994570cd8b64fa4491da0
|
|
| Gigabyte | H270-H70 (rev. 100) |
Affected:
499d17336ee9e6be59a733507c25f7b343933bd728f296f6ef08af611d0a8ae2
|
|
| Gigabyte | MD30-RS0 (rev. 1.0) |
Affected:
3b9ef069c1c67a9caa29f8eaa915605cd0bbf1edb735d92abf2c4e959ca4a726
|
|
| Gigabyte | MD60-SC0 (rev. 1.1) |
Affected:
473033483d404754621122afe34dc8f8f47432bde116cfdde03ac38fdf2fb054
|
|
| Gigabyte | MD60-SC1 (rev. 1.1) |
Affected:
7213c438e3f07e82dff82a5b6cdeb5f80e8b82ce6e12fc377732a8df2c527bfc
|
|
| Gigabyte | MD70-HB1 (rev. 1.2) |
Affected:
7540b3951f0ddc6c1c1f4eaf062525f55a1c6e862022e4a545530895510d772a
|
|
| Gigabyte | MD70-HB2 (rev. 1.0) |
Affected:
0db641b3a89e75061d6af75e41e365cab69a819f6880d4bd0a0f4ea7960fa17e
|
|
| Gigabyte | MD80-TM0 (rev. 1.0) |
Affected:
15f2bdadf43e6d3731df0693552d4aa4780ed958dcbe0ea4ef80bc27510cdc85
|
|
| Gigabyte | MD80-TM1 (rev. 1.0) |
Affected:
298d5755fa084d9268d09063222030993755cee31f9fe5429323b830c8c3f5cb
|
|
| Gigabyte | MU70-SU0 (rev. 1.0) |
Affected:
4b5caac23e6866a9bbfd7962a5557ddc9b0369cdce09b664910b35bd66e690cd
|
|
| Gigabyte | MW50-SV0 (rev. 1.0) |
Affected:
cde8f07d2e7d14233748df612e113ce348140090694b96c407053fe4e6e1690b
|
|
| Gigabyte | MW70-3S0 (rev. 1.0) |
Affected:
f8c314404f2801dc3b04cce95fa27a97f58459f9d70c8e3b03bbfd45bbaf5e40
|
|
| Gigabyte | R180-F28 (rev. 152) |
Affected:
5d3bf4c8452e70a4ee31e25cfd555694af3cf64eda965fade0b21e8a262a2c10
|
|
| Gigabyte | R260-R3C |
Affected:
e6bc9c983e21a0cfcb2d86a9dc88c28e5ba33387acdff81bccd6caf780e4619c
|
|
| Gigabyte | R270-R3C (rev. 143) |
Affected:
6b6d0ebe479ce082420f5412fc099860ab825450e58d96a6b33c5013ea061864
|
|
| Gigabyte | R280-G2O |
Affected:
efaf5f327a471776f0a75a2b8b7f963c8ab72190be7f606d51a0c04715dafe70
|
|
| Gigabyte | D120-C20 (rev. 230) |
Affected:
cef953fd8883203ef326a6b195a90328ae31ddc10736afa171b617a906fab77e
|
|
| Gigabyte | G150-B10 (rev. 111) |
Affected:
fe702d3ce5fdade4ab194ec43fcf6f0a070123ab547ae49b9cbaec33c474dfb0
|
|
| Gigabyte | G482-Z51 (rev. 100) |
Affected:
4dcab1a378bb4cc541f210917c563b95dd678e185b4d0dc8483b175cbf9097ad
|
|
| Gigabyte | MB10-DS0 (rev. 1.3) |
Affected:
3aa61cde7b1886fab7e60e077bdb39d0a94e3c451593d13e87306b88b4e56a80
|
|
| Gigabyte | MZAPLAI (rev. 1.0) |
Affected:
cd755796109542b3da08826c56951102e5034c76428138d1a6dd4f1ca29955a7
|
|
| Gigabyte | GB-BPCE-3350 (rev. 1.0) |
Affected:
b22a7a1693d8cb2deb608f8e3ab366f5eea0e6bdef6ddb03a86d599fb2efdd48
|
|
| Gigabyte | GB-BPCE-3350C (rev. 1.0) |
Affected:
a42535bbb37725951ac18b0fa9b5771454ce707bcdbeacb8120d0aa0eee0cf1b
|
|
| Gigabyte | GB-BPCE-3455 |
Affected:
03662e2e512cfe18afe431d968d60e944af5f7514f840754864ee4cd97990130
|
|
| Gigabyte | GB-BPCE-3455C |
Affected:
47b54ae65d44b227a3bab252fcd465df6e6d4875cf2511f1261f1c8e5b196e1a
|
|
| Gigabyte | GB-EACE-3450 |
Affected:
421dfe54ac2554e627762ea96f454f95f7232f3f238dc9f5d5fc96bbf284fbac
|
|
| Gigabyte | GB-EAPD-4200 |
Affected:
c6009503816a44e0d4fa7d0d74ac7418b6551e31e58bab97390711055449e52d
|
|
| Gigabyte | GA-IMB1900N |
Affected:
cb4e9aa8b2416ed2fb7593a3c93d5fed07d24d1f349761a1790deb97778a565c
|
|
| Gigabyte | GA-IMB1900TN (rev. 1.0) |
Affected:
93d6ae2ede6573f018ca1dccc5b686a0461a0d662a353511a0b420a10935267d
|
|
| Gigabyte | W42G-P08R |
Affected:
f0d6176199b56171ec12bd663025c664b2bf3f8b844bc90edc8dbc3cc062871d
|
|
| Gigabyte | MA10-ST0 (rev. 1.1) |
Affected:
00f354e79abadfb8b4aea11bb07c3ddc16f00b3055ec8c221ad4d69538bdeffd
|
|
| Gigabyte | MDH11HI (rev. 1.0) |
Affected:
2fdb64f2007196150cda167f3eb121cedba80d75d0b79def30c4d7155ea0b2a7
|
|
| Gigabyte | GB-GZ1DTi7-1070-NK (rev. 1.0) |
Affected:
0d274a7eb05cebe468e07b2e6692a11c90f222d18077b3d058fc02b464046265
|
|
| Gigabyte | S12-P04R (rev. 1.0) |
Affected:
25b628eb776a57d9fa45cffb00f8f3347cb9d7c2f3c33712348b85c3ecad2d4f
|
|
| Gigabyte | R272-Z30 (rev. 100) |
Affected:
fbf652a641fc3d847c148abb65130f7eece7a51a9c6607f1c403a8bbdde6ce48
|
|
| Gigabyte | GB-BNi7HG4-1050Ti (rev. 1.0) |
Affected:
a0c57eb7255f99412b62429f165eeb1f8a297c26a13eb6d7ddbee91e32dbce6c
|
|
| Gigabyte | GB-GZ1DTi5K (rev. 1.0) |
Affected:
f37453e390737ec297686b784da5aad11acbaf8375d377fac533caee996c1d66
|
|
| Gigabyte | R160-S34 |
Affected:
898a0ddce89b59e6993ea651b0a0d4b54752957b63274dda75160674fa0928f6
|
|
| Gigabyte | R181-T90 (rev. 100) |
Affected:
c02c66a7d393e7bd8cf757197bbc6bc22fd9f9b38a8a1068166eba97bc5b4a29
|
|
| Gigabyte | MDH11BM (rev. 1.0) |
Affected:
410a0aebc3826f029ee6a4cd0c5816eb0676fe99a0b112e8ce55e8b2f3b49e6d
|
|
| Gigabyte | MDH11JI (rev. 1.0) |
Affected:
05cb527ef122bbe9ebe54d4678686e6a21b961f16392841f5f0b0bc3882a184e
|
|
| Gigabyte | MDH11KI (rev. 1.0) |
Affected:
945d5b0e567bf5604ea9b12fc7f3f3bb12ccfb1935b9de78c9bc77241632fc9b
|
|
| Gigabyte | MDH11TI (rev. 1.0) |
Affected:
7796142d4d8a09c6f416d5b3cd452caa659cfca40992683d7f8af55cf4e6a7c8
|
|
| Gigabyte | MFH27AI (rev. 1.0) |
Affected:
4d3a05e1006e9d5a1045ea65277cc4fba148ab4533ccb1b6d52ffe54edc7fffc
|
|
| Gigabyte | J4105N H |
Affected:
3d1879acf606abac026703a7fe242feb538192ec6f01642ca33ba6d6de55a725
|
|
| Gigabyte | GA-N3160N-D2H |
Affected:
bc5aa15ece1e486f4b7d31c5ba6d45382204c115e556a6412d751e25703a4a7d
|
|
| Gigabyte | GB-BRi5-8250 |
Affected:
3584936b2dad0ff3ee3d6b167442d39dce8400e1016267462827ff20d15dcdf7
|
|
| Gigabyte | GA-SBC4100 (rev. 1.0) |
Affected:
873e676d25545b3d6e133a2c85cedd5a4627a11f67513e54e6a99e812e7618cc
|
|
| Gigabyte | GB-BRi7-8550 (rev. 1.0) |
Affected:
591b486bba979b64d20fc90bd63a5991b7df16b5aab1447de888e3d6090f1086
|
|
| Gigabyte | GB-BKi5A-7200 (rev. 1.0) |
Affected:
e13105b80056966dee303194e6eb7e2f622dccb80f5fc5780100197d43b871ea
|
|
| Gigabyte | GB-BKi7A-7500 |
Affected:
002c5c88a393a9da6b48c30d64bd702f6b50fef07c32f45b7c09f40fe2f3f2c0
|
|
| Gigabyte | GB-BNi5HG6-1060 |
Affected:
289cffe9f81f1e9a9cd087bc529701a9343084e499684caf4d34bfe8db15f3f7
|
|
| Gigabyte | GB-BNi7G4-1050Ti |
Affected:
9d8b09f7fdf906dff7d92049fa20921927f3cfebf564455eac78ce2518ad03a1
|
|
| Gigabyte | GB-BNi7HG6-1060 (rev. 1.0) |
Affected:
3835eeda7653120a02ce98ea98ba75ebce53ac1efabe3b81d0b6dcc9e611d1ac
|
|
| Gigabyte | GB-BKi3A-7100 (rev. 1.0) |
Affected:
c5697a205b0e85c8f31e3538135e32b72ca60d1652162c30007d94ad079096fe
|
|
| Gigabyte | GB-EKi3A-7100 |
Affected:
2f7481194b1e0a153551fbc9e68fef59f463882e3fc0238673ed6293715366c5
|
|
| Gigabyte | GB-EKi3M-7100 |
Affected:
c1cc2040975c62eabeae3df92e63b2c1a22c690a97edcea1576f83e975355db4
|
|
| Gigabyte | GB-BKi5HT-7200 (rev. 1.0) |
Affected:
47a969af17efdfe04690233319d36d12ff820901d0817ce17846281e7d5f49ea
|
|
| Gigabyte | GB-BKi5HT2-7200 (rev. 1.0) |
Affected:
0aa384720b8e5c0d09b9b0b14cf14a105e4b607681f778bcaa202412e666bdf1
|
|
| Gigabyte | GB-BKi7HT-7500 |
Affected:
f61c63e919c797c1faae135458e0db89f288a1d05402380823562f34452806be
|
|
| Gigabyte | GB-BKi7HT2-7500 (rev. 1.0) |
Affected:
cb0603d8ecac9baf7de500500990ad0a7e9068dfee69f296d62de549f69f9b1c
|
|
| Gigabyte | GB-BRi3-8130 |
Affected:
a74d2353acccf98743271fd296b2bf6f1e047cca1fcaccc2fd9095a7f72fba2d
|
|
| Gigabyte | iTXL-Q170A |
Affected:
fa7e7ca9fd48d608094d5f56ad6f0166db7be91862666abbb6fa631055b98f5c
|
|
| Gigabyte | GB-BSi7A-6600 (rev. 1.0) |
Affected:
6504f61ce57f6caae37cc7c56910267d18a1db46e6681178b6807f0e26ab966c
|
|
| Gigabyte | GB-BSi5HT-6200 (rev. 1.0) |
Affected:
e649eb460cc049ddac440fe93528336fa42bdd9cd7a284ad9a2481647b57e75a
|
|
| Gigabyte | GB-BNi7HG4-950 |
Affected:
b772a8c72de61e4821a04793a16c8dc8ff7b354fa2a0bff189d879df254c9f1e
|
|
| Gigabyte | GB-BNi7QG4-950 (rev. 1.0) |
Affected:
f4426a3de06ca8015af5798b631afe601a78a069be9e70fc818222d9b4f679cf
|
|
| Gigabyte | GA-J1800N-D2H (rev. 1.x) |
Affected:
ee21f7397347f3b42d5229b41f9d9a6b4be739419f6f2bef1c3eec8f5d3a17e2
|
|
| Gigabyte | GB-BACE-3150 |
Affected:
66ff6219a24fb3662b7b3d4fb1fb7937649dcf052cea4364d4c9b178735807f3
|
|
| Gigabyte | GB-BSi7H-6500-LA-IW (rev. 1.0) |
Affected:
9e23a81c581d5e6c351c2cac1a944ef5759271739f6150c3ef6857bfe401ae62
|
|
| Gigabyte | GA-IMB4100TN |
Affected:
5abc359c698cd90030a597105c4ef899e4ef56271b9e0f43c843408b9fb53d33
|
|
| Gigabyte | GA-N3160M-D3P |
Affected:
cf2df7d9f1ff5f087021f7b47cef6aa3efb47cbfd639f730512bc630e0c91f81
|
|
| Gigabyte | GB-BNi7G4-950 (rev. 1.0) |
Affected:
210688036c5ecadc5d764691d511e738ff32146bc69f26601fd45321c65b0c7d
|
|
| Gigabyte | GB-BSCE-3955 |
Affected:
327e84e3cfce4cb086435232d033a20ebcd4b95cd5aa4b85cb92206f44507170
|
|
| Gigabyte | GB-BSCEA-3955 |
Affected:
6e166fd67041801b0481c69bc271ae73e0657f1078442b5740b09f6774128e01
|
|
| Gigabyte | GB-BSi7A-6500 (rev. 1.0) |
Affected:
6662b3f0d921aaee11ecae2893271fe861524620b05540e255d1e364aa65abb6
|
|
| Gigabyte | GB-BNi5HG4-950 |
Affected:
030031c6c1b9422a56ed44f04efa2ec84fc8a2de254f24d14989934f613d12b8
|
|
| Gigabyte | GB-BSI3H-6100-ZA-IWUS (rev. 1.0) |
Affected:
6399b690346ae7ceda0f8dafbca5acd17ac4d796619568a51cc8e50f5b630b42
|
|
| Gigabyte | GB-BSi3A-6100 (rev. 1.0) |
Affected:
e7049738618fc298adb3099074b3419bcf553f0e54acd9ada2d611fe64925026
|
|
| Gigabyte | GB-BSi5-6200 (rev. 1.0) |
Affected:
044e3800c05a232d4a8821edc28aae7927474c8814a385f717010ef9b12a5622
|
|
| Gigabyte | GB-BSi5A-6200 |
Affected:
d86ef77e6d28671ef838b314840a4ff9237798c058244805b3b3bc01010db097
|
|
| Gigabyte | GB-BSi5A-6300 (rev. 1.0) |
Affected:
8ca806b8be055f9b5df84871c469279930b34b89de515068b1cb30bfa9c3cae0
|
|
| Gigabyte | GB-BSi5H-6200-B2-IW (rev. 1.0) |
Affected:
40f56a09ded19979902613399e9d6c84cee02b72b7114cabac53629fe2c068be
|
|
| Gigabyte | GB-BSi7-6500 |
Affected:
5cb60622a0063c6d261c5693fd423d7fa44d826e8250812f50c7b9a28921712c
|
|
| Gigabyte | GB-BACE-3150-FT-BW (rev. 1.0) |
Affected:
c754aa67ba523b595de11270897af05dc22907a4fce3f4880bb372b1e18d9164
|
|
| Gigabyte | GB-BACE-3000-FT-BW (rev. 1.0) |
Affected:
19a209b004631abf16b5f6abdbe22b3e9578e1f5ffc4bb94b6601fb612ae47f1
|
|
| Gigabyte | GA-7PXSL1 (rev. 1.0) |
Affected:
663977d4a882f59c8a8791d427ef4431ca63f89ed5683a4cb6d61006f1b1c8d5
|
|
| Gigabyte | GA-X99-Gaming 5 (rev. 1.0) |
Affected:
4260703c9695e6975438598d85f4046bd34a1f16f77fe797b22cb45b4428f83c
|
|
| Gigabyte | GA-X99-Gaming 5P |
Affected:
e5ddbae819b82a8237740cccc23cee00844fa79a15e18e6187854b29e7e81a2a
|
|
| Gigabyte | GA-X99-Gaming 7 WIFI (rev. 1.0) |
Affected:
b767595393d045e4adb4225856611b3a51848a17495666be273823220a0dd165
|
|
| Gigabyte | GA-X99-Gaming G1 WIFI (rev. 1.0) |
Affected:
d3e85abb0959e87075f3a91e0048163e92c1831edf3c70a4d85f6ebbe5d56cfd
|
|
| Gigabyte | GA-X99-Phoenix SLI |
Affected:
fe510a8d06c948ca3e699a51d8f60bc0411df8056124d5e4a993cd526da8a0a5
|
|
| Gigabyte | GA-X99-SOC Champion |
Affected:
a85cfd3acbec43f545c8586b63aa52622d9fd00303bf80ff3890012032699ea7
|
|
| Gigabyte | GA-X99-UD4 |
Affected:
95eddffa23bfc032d7d65b730d49a4d87bdaa93e349fd9e30dde6a450b9a9bff
|
|
| Gigabyte | GA-X99-UD5 WIFI |
Affected:
36b023bf42423988805835e5b7c48af57c0b487c7308cfaf5a7a0ff75e3ae8cc
|
|
| Gigabyte | GA-X99-UD7 WIFI |
Affected:
f93b61306682c563bb68ecb67dea64f9d5b86a8e1c7cfa7fb2b4ea02a15146e5
|
|
| Gigabyte | GA-X99-Ultra Gaming |
Affected:
90818dd14d621360badea1463f975a367952e2a0d43e7dc73401a7ab0a2d3a1f
|
|
| Gigabyte | GA-X99M-Gaming 5 (rev. 1.0) |
Affected:
e3b8e6db2e08d8cf93dcd44adf437d6a6fabfa7b309702b35f7ddd4c1790734c
|
|
| Gigabyte | GA-X99-Designare EX |
Affected:
71337bea704f642aad176d64c9f64fdcdb9f38f8107294a417c9bce7a104cdd4
|
|
| Gigabyte | GA-X99-SLI |
Affected:
0307e5ffce3a9981334d7eb19b13caeed61ab8074212943438b4a423b5d2a9b8
|
|
| Gigabyte | GA-X99-SOC Force |
Affected:
678f05bab483e1cb9cc2cd51415c920bb4307b31ff917dc46cc44c6c2083b5bb
|
|
| Gigabyte | GA-X99-UD3 |
Affected:
295417e80fba51a322a02a7e4c35ab04af54a48355711066339743e88e3922f1
|
|
| Gigabyte | GA-X99-UD3P (rev. 1.0) |
Affected:
51c5cd38074336d75c166ad86a2df881b53b4fed849b538e3281d1bcf0502094
|
|
| Gigabyte | GA-X99-UD4P (rev. 1.0) |
Affected:
27abdc6ac0e50d6d6ca0e937c0a7ab1efe8d2c53c46532b68f0cb1a5fb955517
|
|
| Gigabyte | GB-BACE-3160 |
Affected:
9cd9ea2490848b03659e0e7dd7871ac815c54080e5588a530afe35cfc1ed585e
|
|
| Gigabyte | GA-B150N-GSM |
Affected:
01b2fa505a7a377587ea64b20e1a1570eb7f6567a9204ec972ae478998236a0e
|
|
| Gigabyte | MVBAYAI (rev. 1.0) |
Affected:
86a0a4b3efcbc51e14a0a307a0efe343c7a7e3e2bae3a6e0502869f610034ead
|
|
| Gigabyte | MZBAYAC (rev. 1.0) |
Affected:
073a6246ab57b038afd9050e2dd017aefdde6dfad5d61b80bb2d5c3c71134b73
|
|
| Gigabyte | MZBAYAD (rev. 1.0) |
Affected:
be9c2feced70f810a5d08ec03dd8e7df75f9abd066a2ee30ad82136f355ceaf7
|
|
| Gigabyte | MZBAYAG (rev. 1.0) |
Affected:
305b23937168ebedc60ac6756010c07e4588c48e9fe4694fb935945dbf4be6ee
|
|
| Gigabyte | MZBAYAI (rev. 1.0) |
Affected:
4ab2b4adb933a22cc5b3b3739e315a68c9a9a3dca20b1ae7f27713c0279f6670
|
|
| Gigabyte | MZBAYVA (rev. 1.2) |
Affected:
f96a77ebf7806cc05507582f25810237aeaea30ef819dbe90ab2227f8a36ce8c
|
|
| Gigabyte | GA-H110M-S2H DDR3 |
Affected:
8bc76dc04271ff2014eaab3560bbe3177cc08eb3337f4f512c7d44b98a40d1d9
|
|
| Gigabyte | GA-H110M-HD2 (rev. 1.0) |
Affected:
713c6e95151ae02f075d0391a12e47fa2aaeed199379377bddc00590ceda1795
|
|
| Gigabyte | GA-H110N |
Affected:
b66a10f650f73f5497b22a2d45d9c0bf4df9a987668c4d617e62925c5c26c388
|
|
| Gigabyte | GA-H110-D3A (rev. 1.0) |
Affected:
447d66dd22c3af2bbdeea4b2a766cb3fa4442466d0c02d62647de9f3683cd6c2
|
|
| Gigabyte | GA-H110M-A |
Affected:
a04064b45ec7d0c5b6ae123d779095e23315e6ac1a150d4b3190909a2237603b
|
|
| Gigabyte | GA-H110M-S2H |
Affected:
b1276f7ad8788d3db650a672e6ce6785d5c3922d2bc5aae554ad1b48b62dec5d
|
|
| Gigabyte | GA-X150M-PLUS WS |
Affected:
3ba7690791f1adeaa12e45dc9adca1ee7f08c99bf5f1c51961c6975d1cd14770
|
|
| Gigabyte | GA-B150M-D3H (rev. 1.0) |
Affected:
efb150fe9825a88101d934fb5a9801f970f6e734e758344062d37152e8baa1af
|
|
| Gigabyte | GA-H110-D3 |
Affected:
f5f374f38948ddbde29b9673cd70ce05e27af9f3be23a7bc086f37f35a68ede4
|
|
| Gigabyte | GA-H110M-D3H R2 (rev. 1.0) |
Affected:
ec7f01320c848a88e89d3db821f462448f62e5ae65fb4fd02dc3a5602ad1eac0
|
|
| Gigabyte | GA-H110M-DS2V (rev. 1.0) |
Affected:
577535df524a000747a1e15828af3de0cfe6865b0b20170d024974d6b5b81160
|
|
| Gigabyte | GA-H110M-Gaming 3 (rev. 1.0) |
Affected:
901396591f3682b308f9cfa279cf1a7f8d4cc6622a9ca799e6b5e1d5bf769f2e
|
|
| Gigabyte | GA-H110M-S2 (rev. 1.x) |
Affected:
6a24bb276e5c9b05ac4cca0da01e1b381245a0d217efb5190543de6ec41b2505
|
|
| Gigabyte | GA-H110M-WW |
Affected:
b565acd86a3f4e294d606bf6c0e42eedc4b7361f4adf7c31ee4a806b54767cfb
|
|
| Gigabyte | GA-P110-D3 |
Affected:
c544cd0b03384834b08b784ec0339e2b91a129ee56e7f4881101a10af567e6a2
|
|
| Gigabyte | GA-H110M-DS2V DDR3 (rev. 1.0) |
Affected:
8b02d988ee00fe78039974032b856c56e741a4594744b4f6376cbe1df8271226
|
|
| Gigabyte | MZBSWAI (rev. 1.0) |
Affected:
41bbe9daa5808a1c5b9836a654d6c6d312ed7034c304f963af28d13eaad84340
|
|
| Gigabyte | GA-H110M-M.2 |
Affected:
18216a9c0fedbfa3a8c8cb3380845ff086beaec130296234d58d02d24fe051a2
|
|
| Gigabyte | GA-H110M-S2PT |
Affected:
210d858cd9ce7dbb1b76277fd580e1c71214d1f7ceff46788efda64e817fa95e
|
|
| Gigabyte | GA-H110M-S2V |
Affected:
c80df47ed107f7ea4eca4e15a55fce37f1578b985ed45131b8c67dce9ac2bdad
|
|
| Gigabyte | GA-H110MSTX-HD3 (rev. 1.0) |
Affected:
55099b8c517078f75299dc02afe1f09167bcd7760c0f46546cf4f8274b54c465
|
|
| Gigabyte | GA-H110TN (rev. 1.0) |
Affected:
f5fa2136e6ebb55d5aa3c0bcee64bcf4506a7854ca10fb5a43b8141ff4bf1275
|
|
| Gigabyte | GA-X150-PLUS WS (rev. 1.0) |
Affected:
0bd8853cb934be142b7edb2ef31a2031fb348a6ecea1db37e466dce25bf7fd6a
|
|
| Gigabyte | GA-J1800M-D2P |
Affected:
a08c05bf56e1c4e4d180d69266bbcb244e7e2f85259d86c05bfcf5593cfa33f9
|
|
| Gigabyte | GA-J1800M-D2P-IN (rev. 1.1) |
Affected:
98372c6dea313b0660ae2f1b1c80a8a5d7e93ce07010621392faca75818c0fe6
|
|
| Gigabyte | GA-J1800N-D2P (rev. 1.0) |
Affected:
af4026ab4defc142e75d57ae35e7ef4492fac8ab6c0cc55c6de47f3e21f5ac24
|
|
| Gigabyte | GA-J1800N-D2PH (rev. 1.1) |
Affected:
b2977acab6438edeb2af8a4e3d0c353fd89e9b2d47082b528c3c23fbddbdcbe3
|
|
| Gigabyte | GA-J1800N-H |
Affected:
464be29c2ee1a3f706063374be13365d0a296776aed73fd0c8506f1cdddb568a
|
|
| Gigabyte | GA-J1900M-D2P (rev. 1.1) |
Affected:
f89741fdf7f21d8670407a4b8038e75319d73486009e08a795632e94fa27df82
|
|
| Gigabyte | GA-J1900M-D3P |
Affected:
5641071fccfc0169979343e131d614caa71a2b334ffa45d1ee10817ccef73d8a
|
|
| Gigabyte | GA-J1900N-D2H |
Affected:
ed85051f384bd7694f0a86322c705f819cc18a0ced71d4e3c3946b37d4f3abe7
|
|
| Gigabyte | GA-6LASL (rev. 1.0) |
Affected:
2c0e4341f91bcedf78c301778d52492fa304380cdd15bdda725910cc6709e033
|
|
| Gigabyte | GA-6LISL (rev. 1.1) |
Affected:
9a8e636b33372a34e9719b8b20d2073bc56f549b64e5af83fe617187a51b97c1
|
|
| Gigabyte | GA-X99P-SLI |
Affected:
fa52c6150c49a84699bec9739b84f5a2c073f4f69b1bc84028f3b2cb15b2167f
|
|
| Gigabyte | G1.Sniper B7 |
Affected:
92311971e888a24238c48086febf47b2d0820856e514dd6308575291b6de4e48
|
|
| Gigabyte | G1.Sniper M7 (rev. 1.0) |
Affected:
6051ccb31aaab7240147a1fdf9b8f444c7ee4bde73ffb4baca63b02bc77dea81
|
|
| Gigabyte | G1.Sniper Z170 (rev. 1.0) |
Affected:
3df7b53ef2284dd2f3385aaa589f87f2e3fadc93d2755e28781452a273d999ec
|
|
| Gigabyte | GA-B150-HD3 (rev. 1.0) |
Affected:
878450f31de9dd84201895e81547ada2085ec94608d7fb6bdf84d73dc3b98538
|
|
| Gigabyte | GA-B150-HD3 DDR3 |
Affected:
d1d3adca998106090f4b2f08d6c50769e88e944ed640518d23f8865102c2ec0d
|
|
| Gigabyte | GA-B150-HD3P |
Affected:
4cec11820244f485baa7f61d50e60a514b0c5aedb87d1a26cd6b6fb153fdf9ef
|
|
| Gigabyte | GA-B150M-D2V |
Affected:
fdedaff9a18229027689f23bef37cd8424e248412137bbf710fb6163eac6ac43
|
|
| Gigabyte | GA-B150M-D2V DDR3 (rev. 1.0) |
Affected:
da480d23fe57a6003e41f8c88e2aacbade99186f0b62ba4561663b346e9f96e9
|
|
| Gigabyte | GA-B150M-D3H DDR3 |
Affected:
5fd1eb03f29343e1ba70dce50264a7143129fe60bde396f6e3715330623db8de
|
|
| Gigabyte | GA-B150M-D3V |
Affected:
f2da89fe72acf6892b139fd4f7a047c30eea75cf5c572da6f901511658ae1522
|
|
| Gigabyte | GA-B150M-DS3H (rev. 1.0) |
Affected:
b3148d78c2efd368e986a43b19e209f2ad4817e8a4ef41bb79c57ec7b9dc09f3
|
|
| Gigabyte | GA-B150M-DS3H DDR3 |
Affected:
086d80a421ed4cc907120e6c96117c3b69b9edaf2ef6951fde7d3dbe6ea4c878
|
|
| Gigabyte | GA-B150M-DS3P |
Affected:
e69ba3bdca3335f01b749abb84c702f6f926eab3e4d6ca70dd5ab84c3aee24a2
|
|
| Gigabyte | GA-B150M-Gaming (rev. 1.0) |
Affected:
639cd1a8d45af689d2fe1aea44b62d2110146b314f39be8a5d472e412842e61c
|
|
| Gigabyte | GA-B150M-HD3 |
Affected:
94a5124370c2d66b38a568b3d8be4a98dd8d2e25313b68506f7753c4d60be97e
|
|
| Gigabyte | GA-B150M-HD3 DDR3 |
Affected:
825b4bc9bf807631611cd33434d1455bca3d412b9a03463fdd1092c54d5ebbfd
|
|
| Gigabyte | GA-B150N Phoenix (rev. 1.0) |
Affected:
12886ede3cef3c93c4602ff26519a04c9143e903b103006ca3805c3df2744c8c
|
|
| Gigabyte | GA-B150N Phoenix-WIFI (rev. 1.0) |
Affected:
330f761ad2d43d72a4a09776d76bdffdfdd88d4ddf6002e0056e2826828372ab
|
|
| Gigabyte | GA-H110M-D3H (rev. 1.0) |
Affected:
fddafb4af375516cb2f72c9308852c88738a66d57af9deb08e9a10f1dc983499
|
|
| Gigabyte | GA-H110M-D3H R2 TPM (rev. 1.0) |
Affected:
4ecd2f653fab0c6dc0ed24c68a8f04c454cf8dea68b58d149e9d79758aac2c54
|
|
| Gigabyte | GA-H110M-DS2 DDR3 (rev. 1.0) |
Affected:
f71a5cfc0646d85af2847e6816752e81f3b4d2a3ea5fa94516aed9464eaa4024
|
|
| Gigabyte | GA-H110M-H DDR3 |
Affected:
a402dd098614ebc89fe70642661c52da9ed9ba0b21627cff4868defc97db0274
|
|
| Gigabyte | GA-H110M-HD3 DDR3 |
Affected:
2e24220caffd6ba7c7e1835f12740073a9e3a826a1ffb9bca210756c224eb99a
|
|
| Gigabyte | GA-H110M-S2 DDR3 |
Affected:
7802bf1fde1f8771ff7165acab0474471598a46df398d7db84adf911d2d37260
|
|
| Gigabyte | GA-H110M-S2HP (rev. 1.0) |
Affected:
4b0a77259b2af63a9704b094688237ff3c29fac1c011a373a0f2537a8a543d1a
|
|
| Gigabyte | GA-H110M-S2PH DDR3 |
Affected:
b73d5f184db4524883fae5f01e681f52371964740bd6fa957998ab4d65537732
|
|
| Gigabyte | GA-H110M-S2PV DDR3 |
Affected:
ebd6b43db01ccccaffc4a08182e03cf6633d5371aa69c82f7300141277fe7d7d
|
|
| Gigabyte | GA-H110M-S2V DDR3 (rev. 1.0) |
Affected:
756777ea660defef2629b8802bcbdd29b61020fa8ae8cb07045a7d5f991f3508
|
|
| Gigabyte | GA-H110TN-E |
Affected:
879f28f51c3b235744352f0808b6267258131f2594f3ff85a6938401e73eb9da
|
|
| Gigabyte | GA-H110TN-M |
Affected:
50f77912004b73bade539e1c3983a7ab78984b8590a64d3e030ade4352c49eb0
|
|
| Gigabyte | GA-H170-D3H (rev. 1.0) |
Affected:
e4a209b19361c13d7a18fa41d8a257a22f6c806bd62f04dd24cd77abd7d3134f
|
|
| Gigabyte | GA-H170-D3HP (rev. 1.0) |
Affected:
2e1be66c511bc8367a2b1ab41a3ca60cfe46648bcab2d5f1f5bdf5df14de1c05
|
|
| Gigabyte | GA-H170-Designare (rev. 1.0) |
Affected:
6ea3c21e1aadbadfc2e9ac0860d94eb87e6590ab37f98326e00b9615a13a6208
|
|
| Gigabyte | GA-H170-Gaming 3 |
Affected:
2cb69c081c6413077fd076d7230ff816931ae65bbead2f94f0b12d33e1861c9e
|
|
| Gigabyte | GA-H170-Gaming 3 DDR3 (rev. 1.0) |
Affected:
eacba20ef05b116d70c6344a54486bb7c23a131d7c897f5399b9a084a5bd5205
|
|
| Gigabyte | GA-H170-HD3 |
Affected:
38643b383b7d51cc53298693e108cc293779dc43f254b2e2b17f66a80f9e4175
|
|
| Gigabyte | GA-H170-HD3 DDR3 |
Affected:
b3cb86dfc649346ea7ed4c8ff117ca91b59435b9baa9bdd8e6f2bde1dc1b1124
|
|
| Gigabyte | GA-H170M-D3H |
Affected:
60a230b0a5722bfbb364b6d64ae3e1b1cccb6161bbd6f8cc034977f4d283b4f7
|
|
| Gigabyte | GA-H170M-D3H DDR3 |
Affected:
1c6801b8a7920939facfa379b6141016651601971156e426db947ca40b6f1708
|
|
| Gigabyte | GA-H170M-DS3H |
Affected:
b9ea15324d90a1b750cfcbf964321370a56b116b44a0cbee2035cf11ffcc0ef8
|
|
| Gigabyte | GA-H170M-HD3 DDR3 |
Affected:
78bff3425a6b42b846508850f03a040c22c43566947ac1d039b431fb80a31451
|
|
| Gigabyte | GA-H170N-WIFI |
Affected:
03299dee42886b0856629da99bce9cedee322b80bfbb89aa6943913d2da15e03
|
|
| Gigabyte | GA-Z170-D3H |
Affected:
523817566d04fde3f7fc0215b4c4758243319affa5c1819e4f041c290a36970f
|
|
| Gigabyte | GA-Z170-Gaming K3 (rev. 1.0) |
Affected:
db4668c191b9266a2afbf974c348885a9d10a3e1750d1e100418aaa896a5a103
|
|
| Gigabyte | GA-Z170-HD3 (rev. 1.0) |
Affected:
bf0aac3f13b0d68c6a255735eaed4000c7e5f09748818746b4a1038f0be34f78
|
|
| Gigabyte | GA-Z170-HD3 DDR3 (rev. 1.0) |
Affected:
bceea4f950f07347b40c579223456984c0515a2cc94c4cedbbea3c17e1c459eb
|
|
| Gigabyte | GA-Z170-HD3P |
Affected:
20607b0f670b297b45523730d2204e46603cb3c65f47e6cf8293b07b7b1178ec
|
|
| Gigabyte | GA-Z170M-D3H (rev. 1.0) |
Affected:
a34cb81eac53b0800c2c02d2984c0960c0d68a22707869befd4af3996be42e7c
|
|
| Gigabyte | GA-Z170M-D3H DDR3 (rev. 1.0) |
Affected:
fc0eb68179f1363c19896c7cc043021a57cd45a3492187829b329474c361722a
|
|
| Gigabyte | GA-Z170MX-Gaming 5 |
Affected:
b87e20d143fef2fc32233444070130834ce5dbbffe06409cb537e59c911f49cf
|
|
| Gigabyte | GA-Z170N-Gaming 5 (rev. 1.0) |
Affected:
209045f2bba172fb91679d4319cfe548c24921f1e28dd9f887e3a78bce515e7c
|
|
| Gigabyte | GA-Z170N-WIFI |
Affected:
d67b82421d81df8f3d64966609e3c963be6d0dbd87df531ba5f3ef0bd61e5353
|
|
| Gigabyte | GA-Z170X-Designare |
Affected:
c061fffcfd8d7e38afb97fb434afc78d39d22bf9b02884c7c1b04487cbb7dea7
|
|
| Gigabyte | GA-Z170X-Gaming 3 (rev. 1.0) |
Affected:
7b1cb9593c0c1890a7f1e922777c206012f2f1ded7b3339d66fa49efaca44c74
|
|
| Gigabyte | GA-Z170X-Gaming 5 (rev. 1.0) |
Affected:
438bf66c9433bfe1ba92452f5f7eb1d46cbdf9af9ab3c3d1d4354e902fb0f257
|
|
| Gigabyte | GA-Z170X-Gaming 6 |
Affected:
25917f5dcd5f5a4c2daaa9fc0cdf991b365e226856202b4e5e987d406e6af95b
|
|
| Gigabyte | GA-Z170X-Gaming 7 |
Affected:
75468e84df86d3133927f5c08028dfb6dce55168c99ec9fde08397f5ab0865ce
|
|
| Gigabyte | GA-Z170X-Gaming GT |
Affected:
2d40ec6b83d08a885cb576844e609105e15fdc4e48181dbc861e2bce0b657b59
|
|
| Gigabyte | GA-Z170X-SOC FORCE |
Affected:
5c25f790a4eb79b4ad3c4ceae05329c0878337257a6e31c276ff7aa5c18accc4
|
|
| Gigabyte | GA-Z170X-UD3 (rev. 1.0) |
Affected:
d6389e5f47ee85c43b2d9aebef2e0c8a9f06856fabb148496a8acf251cdb3c1c
|
|
| Gigabyte | GA-Z170X-UD3 Ultra (rev. 1.0) |
Affected:
a01bb5e701b3b847766d027e7b9bed8e7bb05403ca0160734bc73c93fb77b6fc
|
|
| Gigabyte | GA-Z170X-UD5 |
Affected:
260811f239a5a92f4a894f52c5b7218faa75c5765e3db17a4ee33530bbfc1295
|
|
| Gigabyte | GA-Z170X-UD5 TH (rev. 1.0) |
Affected:
ad921f429c443cd2a73ba3373fb6407a81b4b8d53b3fd5cbea07ca847ddc75c9
|
|
| Gigabyte | GA-Z170X-Ultra Gaming (rev. 1.0) |
Affected:
464643065d45eeb1c2566dcce90bd868313319547c91d46e3cea78126109d374
|
|
| Gigabyte | GA-Z170XP-SLI |
Affected:
32d8482434dfaae6405eca2bf724939194c8740da638c9e3e8b760489b2a1128
|
|
| Gigabyte | GB-BXBT-1900 |
Affected:
6b0b62e4ea23df186b7bbf0fff342ec107596e1fd249721eea75375982054535
|
|
| Gigabyte | GA-N3160N-D3V (rev. 1.0) |
Affected:
e03efb41e61ac04cb14a63c5ee5a71d3deeddb29426e38eab1c68946d60e26a7
|
|
| Gigabyte | J4005N D2P |
Affected:
bae6e219e1ed8e8164382c4f05db847386c5f2908fb2fa453066aed4531310b4
|
|
| Gigabyte | GB-BACE-3010 (rev. 1.0) |
Affected:
aecee44ca1c8bd43d65abeafcd5f0085e1165d42baa953808d566005189746a9
|
|
| Gigabyte | GA-N3050M-D3P (rev. 1.0) |
Affected:
2d4c55cc53de9adaaacd9e70527becc4de1cb0b39a605791601fefcd0156ced4
|
|
| Gigabyte | GA-N3050N-D2P (rev. 1.0) |
Affected:
c717a5d6b61b22bd458dbb497dc5abad9e30fedb668810e558a46f994a656435
|
|
| Gigabyte | GA-N3050N-D3H (rev. 1.0) |
Affected:
63cd7d4698c89b720c73125900f4cba4b8b1c2b962064280a93dc9ce2a0e9549
|
|
| Gigabyte | GA-N3150M-D3P |
Affected:
1c4cf96a2ce5bae121b0594c2b41664510cffcdfc4001072f2275964c20fe12e
|
|
| Gigabyte | GA-N3150N-D2H (rev. 1.0) |
Affected:
4685e5a58d4cf84102460110a5fad72931b1b46eb9f71650811832f80580bc0c
|
|
| Gigabyte | GA-N3150N-D3V (rev. 1.0) |
Affected:
b0474259effceedf7aedde543afa096fdcca74d9865eac223b6a91b4ed922310
|
|
| Gigabyte | GA-N3160TN (rev. 1.0) |
Affected:
5f53230a65454b8805179f246ac3c8b36bd274ae0051d900cd04890e7b765555
|
|
| Gigabyte | GA-B150M-D3V DDR3 |
Affected:
8ba0474e2bdeb945adf9a819854cde336f3cca848e1ac41e381aaf03d397c7d0
|
|
| Gigabyte | GA-X150-PRO ECC |
Affected:
c6ed04464891a4cdc3a25ba34d3cd44599bd118ed953c68c8b63f11be2dc83d3
|
|
| Gigabyte | GA-X150M-PRO ECC (rev. 1.0) |
Affected:
764d56cd4e5b88fa97313d5eef173bb426aa27aef5d81794eaf5b9c1fdf38375
|
|
| Gigabyte | GA-X170-EXTREME ECC |
Affected:
35f6ab275afa77bb30a5672f32b196d8c76208e48500d7f381e05f8f12e400e6
|
|
| Gigabyte | GA-H170TN |
Affected:
bbb58a67574c989b095f38c9fe031cadd5a709235d6e0bfc9a206f98fd5318f0
|
|
| Gigabyte | GA-9SISL (rev. 1.2) |
Affected:
493437a68a7a7b46b645d46660e17c3b6599eee86cd06f592683e56963cf9a8c
|
|
| Gigabyte | GA-B75M-S (rev. 1.0) |
Affected:
554e7be483afb47c81760179da5199ebe2f59a97b7146e50ed42f35728df9c5f
|
|
| Gigabyte | GA-Z68MX-UD2H-B3 |
Affected:
5bbd2f88bf68b66e974356e0e49f63b83fdeea8d148da445e24073d8012c0c3a
|
|
| Gigabyte | GA-Z68X-UD3P-B3 |
Affected:
b7981e34bc8994973c48a18ac01d6b075f092de47d35fc62fffdc503ecf081ed
|
|
| Gigabyte | EL-30 (rev. 1.0) |
Affected:
485b963baebaf9e0d0d3f0438da8fc3a5e74cac6fc7781e732df5ad0a3be3eec
|
|
| Gigabyte | GA-H61M-S2PV (rev. 2.3) |
Affected:
9e2baeb611484b3c3460fbabe2b48ad91111e9a0cd7d1f189ab2d0438a69b3dd
|
|
| Gigabyte | GB-BXi7-4770R (rev. 1.0) |
Affected:
73f5c64009c9b8ce26c13399584a65b73b3b5201475b04dd9621f5433ef959da
|
|
| Gigabyte | R130-134 |
Affected:
923e61ed9ecf1c37848cbe56822ce753f455fddf25c1eca816f3ac04aa46daa4
|
|
| Gigabyte | R270-D70 |
Affected:
d5844b2dc05f8374705493e1d67700d0421f63c27ea10070c60f1871dcf540c6
|
|
| Gigabyte | P15F R5 |
Affected:
e112ae0d90739fa839e6e29687412b5669a2f23bbe2b418d96b65ead135ec349
|
|
| Gigabyte | EL-20-3060-32G (rev. 1.0) |
Affected:
8e0251d4518373ebab7aa1dc037d732b5c04e92306e16a8e8ca1479df0a9ae88
|
|
| Gigabyte | MP30-AR1 (rev. 1.1) |
Affected:
586ca26deb275734620c0b80c8d16dd86538bff6116f5d7db1fc10230d775eb0
|
|
| Gigabyte | GB-KMA1 (rev. 1.0) |
Affected:
5b5b834775e9fa3cb50db4d25d9df7849cf0f13011a209fc53c51245aa963856
|
|
| Gigabyte | GA-6LXGH (rev. 1.0) |
Affected:
984e1178ed45439578fc0b3cc2787cc8f972987c087fc5b4762ef5f421cf5782
|
|
| Gigabyte | GA-6LXGL (rev. 1.0) |
Affected:
240c0e6220a07f27d4debd867f2a1774a50be1b37c3f53a2dab272a71280af4e
|
|
| Gigabyte | GB-BXi3-4010 (rev. 1.0) |
Affected:
10cef05010197e635c330548e99ad98827223f0c8eada8a6e5a95ac7dc2880fa
|
|
| Gigabyte | GA-Z68X-UD3H-B3 |
Affected:
9387c8f1b5d856bdf0ce43c88413c22f98214768708183bc610381363dd269d8
|
|
| Gigabyte | GB-BXBT-3825 (rev. 1.0) |
Affected:
6775386a28b32b93d1853880a8ccf1b916a3bedaf7ba4d34f2a64904de792417
|
|
| Gigabyte | GA-X99M-Gaming 5 (rev. 1.1) |
Affected:
d11d8f85507e54952adcfbb82d5d58ecfeec7674b756ba62c8e1316d9a1500de
|
|
| Gigabyte | G210-H4G (rev. 100) |
Affected:
dd75c90a2a81a34fee2c17a6e72b8ec2c93120fbd98c437c4648ac5fd78b6af1
|
|
| Gigabyte | MSQ77DI (rev. 1.1) |
Affected:
030615cdc1d2e52fe185f8fa8e6e1c1028beca283a6be9215482a39df1418622
|
|
| Gigabyte | GB-KMA3 (rev. 1.0) |
Affected:
dcac97ed60b61b1991fc9f499fb3bf0e8594d49d102e76a988ea8933d099d396
|
|
| Gigabyte | M9M3XAI (rev. 1.0) |
Affected:
1d3295cec309f0649ecec6952824abfad776ecc1f46199a080932b5e99ac206b
|
|
| Gigabyte | GB-BXCE-3205 |
Affected:
a080c1d64fb844389bad75a733e3b4c5483b07623276b114575d5cba32170869
|
|
| Gigabyte | GB-BXi7-5500 |
Affected:
14dca67fdba7b20c48d3c16446db2a648c79e5f94712afba6e720ecf04ba5223
|
|
| Gigabyte | GA-B85TN |
Affected:
2d817d05c86c92a00f00e286c6c26cc52e6a50019970a71d98aa07c53d9690c8
|
|
| Gigabyte | GA-H81TN |
Affected:
5ebbac1eb55e763bd4efa47f6232ecbcc62d73645c3291e00a3d5cd880898ebb
|
|
| Gigabyte | GA-H87TN (rev. 1.0) |
Affected:
e555305c3219cca7d7b8d5a667ae2ef454aca7eb84341f07e1fa8288cdb38359
|
|
| Gigabyte | GA-Q87TN (rev. 1.0) |
Affected:
5f237b90cd70e0f63c0414262a0af2fbf8456ea78252750ccc6ef7fe59cb8774
|
|
| Gigabyte | GB-BXi3-5010 (rev. 1.0) |
Affected:
bc4bcea45075ba867a4aadd97494ddcbbe693b23131bb52703d3c42b41340719
|
|
| Gigabyte | GB-BXi5-5200 |
Affected:
39b90d14141556595814f43afeb015cc34e75acc31d23b0c505ba00d1c4a6a7c
|
|
| Gigabyte | MATMH81 (rev. 1.0) |
Affected:
dea93336a790f6ce8a80f451d1dc454eaf29b034a38a802140937b3166c4d450
|
|
| Gigabyte | MZJ19AI (rev. 1.0) |
Affected:
51ebb3341dae5033164b3b45470115f49f327e5dae5ab111df2a59bc04afad8f
|
|
| Gigabyte | GA-H97TN (rev. 1.0) |
Affected:
882fa77c019e12dc61165308318657941c1b15c1259213e78aa035017fd50445
|
|
| Gigabyte | U21M |
Affected:
6fb97ce4f81eb4d83364b9377cf654a6f0e8d9271bd8e1e9f45f78b07f838172
|
|
| Gigabyte | GB-BXPi3-4010 (rev. 1.0) |
Affected:
8a4342c4bacccf07bdaf52b9cfadc8789c37092ccc0c414e1848e4d0317d01b4
|
|
| Gigabyte | GB-SIOPS-J1900 (rev. 1.0) |
Affected:
ddff03dbd491004d20587de561e976bc8b5b5366723b51d3f59dfd1892b9dc25
|
|
| Gigabyte | GB-TCV2A (rev. 1.0) |
Affected:
70c80b940abbafb0d631870322b5f7c8e306a2063097493ab471f0ba8ddd228b
|
|
| Gigabyte | MQHUDVI (rev. 1.0) |
Affected:
092c46188af77b69b4c19e349712a23244ec7cdc885c2e0150a8209c1693c95a
|
|
| Gigabyte | GB-SIOPS-4550U (rev. 1.0) |
Affected:
d3d7862eb46bcec3f0eecb5ec94caa94456def40792a125cb9b7912625be5973
|
|
| Gigabyte | GB-BXCE-2955 (rev. 1.0) |
Affected:
161c97b5c0ce6cc90a70034d8de30b18d07c43e50d5566c1802dadc967cb05eb
|
|
| Gigabyte | GB-BXi5-4200 (rev. 1.0) |
Affected:
05001b41f2adc9d6c008f12f9d1d9669225a2366c9a05f6bd19d420cd5b13fc3
|
|
| Gigabyte | GB-BXi7-4500 (rev. 1.0) |
Affected:
6f6b51ad77bb7963ec455923fa731323ceb72af167a0a40b8c2b91696301bae1
|
|
| Gigabyte | GA-H61M-S1 |
Affected:
19e2a33d2a28a825fb89e7dfda9609776110876b204c5ff760edf716cc7c390b
|
|
| Gigabyte | GB-BXi5G-760 (rev. 1.0) |
Affected:
faa729af295c234dfcfc5ac4ab91c8c255c1b054c612b9cbda1fce33f88b4d51
|
|
| Gigabyte | GB-BXi5G3-760 (rev. 1.0) |
Affected:
718662066149651d1b7506c7582df2252c555428481b1821829b4db25e2a836e
|
|
| Gigabyte | GB-BXi7G3-760 |
Affected:
7452bdc99e762f3b54571e03c1b6ab0873529b798275149fe0a8bc057929f8c8
|
|
| Gigabyte | GA-6LXSL (rev. 1.0) |
Affected:
3448017b88b33e3949d6c18876be32e506d827f65de6c425ebf82f33a2c3f502
|
|
| Gigabyte | GA-6LXSG (rev. 1.0) |
Affected:
eb08694cb68b19cc7bd0bc323a46e8ce6de5036078a61dc8827ee480269c88eb
|
|
| Gigabyte | GA-6LASH (rev. 1.0) |
Affected:
d7f1a6c78df7317f866866e74e881d91485ef816e492fdf2a6fa02b940629494
|
|
| Gigabyte | GA-Z77X-UP5 TH (rev. 1.0) |
Affected:
f0e7e5b4689bf7e81db1b56185b2a1186d31a50f1cfd1c9863a0746f490ebf3f
|
|
| Gigabyte | GA-6LXSV (rev. 1.2) |
Affected:
cc9b6fc8540a6abe60b8966ae6c4217180cabbb3471d12f93e3c81dc206c8bd4
|
|
| Gigabyte | MSH87FI (rev. 1.0) |
Affected:
c19f30c4c9a444922cb61cf136cd48d9674d2134b98e618f6e7ab9654eb7a7ef
|
|
| Gigabyte | GA-B75M-D3V |
Affected:
ac8e4d6a033b6a2d130404eb06e193b248a76308d4a82eeb5736d4f251af6826
|
|
| Gigabyte | MSH61DI (rev. 1.2) |
Affected:
ccb5cecbe797ba2e130f297ec86bfbdc629ebaf919065e50d3f8911cc05b3a1d
|
|
| Gigabyte | GB-XM12-3227 (rev. 1.0) |
Affected:
c67607819bad2d7abfd1d47eebad947f9920352c33b96db61f9f25c05bddc7c5
|
|
| Gigabyte | GA-H77M-D3H (rev. 1.0) |
Affected:
f5502f7f96b9ca121d3b52a1a804c877839e76e3dbb45beda100bea672067d26
|
|
| Gigabyte | GA-F2A85XM-D3H |
Affected:
104c3173aff7cbf07c72956516cdc7c34e6169604293aec90e86bcc4384a799a
|
|
| Gigabyte | GA-H77-D3H |
Affected:
d4c6ce9d730179b7a5cab37a8744a2ca588c9a2a8b8462b62d2c96757adaee61
|
|
| Gigabyte | GA-H77-D3H-MVP (rev. 1.0) |
Affected:
1ca64768668cac95b2c49594df5412492fd3e84a5ec279f5e5782d9d08d641e8
|
|
| Gigabyte | GA-Z77-D3H |
Affected:
0d28128151819a06848aeb241f3dc4737d3a9b3918b739f8c512085af375b368
|
|
| Gigabyte | GA-Z77MX-D3H |
Affected:
32b1eee6b2e1553ceb902d17d0ecf5534034685dc8c2863f9ec99d2dc587bb72
|
|
| Gigabyte | GA-Z77MX-D3H TH (rev. 1.0) |
Affected:
26778248ce3156bc2d3e70461f079d1292435aeca9ea2c6ef0e536c979845164
|
|
| Gigabyte | GA-Z77X-D3H (rev. 1.0) |
Affected:
b51371864d4322ca5c584cded0f6bbad11dd01cf498b841b270ede1f03497137
|
|
| Gigabyte | GA-Z77X-UD3H |
Affected:
c27a0ca23c6d3ee9eea18c0e700f33f13c568dc209341b8ab4b64148a235c70b
|
|
| Gigabyte | GA-Z77X-UD3H (rev. 1.0) |
Affected:
023f4c9928786909d9fcb2143edcb1ce9a20d1b15cf281559996f21617503f91
|
|
| Gigabyte | GA-Z77M-D3H |
Affected:
eeef50c6dbb27c9ae8bbca0e2be73384ba60469957414bc2943892ef28836b4f
|
|
| Gigabyte | GA-Z77M-D3H-MVP (rev. 1.0) |
Affected:
3c50ff8443f151a8022b4934dc0e87cd74d500719b586c82bce2184bac3ec2d3
|
|
| Gigabyte | GA-B75M-D2V (rev. 1.0) |
Affected:
cac095d827e58ed8992e3eb2bc4285823c8378247de15d7ddc3f97c79d275f8d
|
|
| Gigabyte | GA-B75M-HD3 (rev. 1.0) |
Affected:
c3d754d426defee4e705ab9b72862764a22a64f316a1f8a2563a72cae308c31f
|
|
| Gigabyte | GA-B75N (rev. 1.0) |
Affected:
4a901cc6ab10bd1546d8453bd1bcf75379880ee549329c03ecfd4b445b52de99
|
|
| Gigabyte | GA-H77-DS3H (rev. 1.0) |
Affected:
58d19c2ca76b765809a99f0eb2227291f4f51860723d303f9ef0cb20d4d19dcc
|
|
| Gigabyte | GA-Z77-DS3H (rev. 1.0) |
Affected:
98d605b3578ac3b7518f151c24c937455b204441ba806ea244f22e54c03af2be
|
|
| Gigabyte | GA-B75-D3V (rev. 1.0) |
Affected:
8222535124cf1bf77c3af3e6ce3b3a942390794440b01f8d2fd44b4e416b049b
|
|
| Gigabyte | GA-B75M-D3H (rev. 1.0) |
Affected:
33793d37f2415d724c58c993c2ad6cc67d661253b929165f6f0ab0c88c8325c4
|
|
| Gigabyte | GA-B75M-D3V (rev. 1.0) |
Affected:
235c6f47146d2bf5dd20ff3971421489c69517be3b467ec1a2b6f7dc0f2d8a94
|
|
| Gigabyte | GA-P75-D3 (rev. 1.0) |
Affected:
1859a1e462fbb1db039e99f7cfea16e6da59188ad37b313181211ab2c3d70150
|
|
| Gigabyte | GA-P75-D3P |
Affected:
901658f7361b4d15145d07de99b9d921d7293699a15479f086f4d1a00fedf089
|
|
| Gigabyte | GA-F2A55M-DS2 (rev. 1.0) |
Affected:
4be0b29ff5fd55d855e5529912b92acea24740eb7fa0250ba01a44824c4685b3
|
|
| Gigabyte | GA-E350N WIN8 (rev. 1.0) |
Affected:
4fd09df247091f6c6ead14d012325d14055ab38095f5c4d8c258352f48c2052f
|
|
| Gigabyte | GA-H77N-WIFI |
Affected:
7e95d1a64976573e5ed1c8c3466e24037d33fcfbbd9f02d1ae69643fdaa44d7f
|
|
| Gigabyte | GA-6UASV3 (rev. 1.0) |
Affected:
00d23573a79d5737cfc6a1094b12e22c8a8601618934193dba2242f0246af559
|
|
| Gigabyte | GA-H61TN (rev. 1.1) |
Affected:
f19c7fe7e25a9a41b4065791fa390b8d79ceee0cc7fafae702a92a6ec0e86696
|
|
| Gigabyte | GA-B75TN |
Affected:
506f5abb01dade2137a4b8d3ea42d1127f24f59f96339e77c59883571ae63443
|
|
| Gigabyte | GA-H77TN |
Affected:
1ffb3921b21ffdb876b2cbc7b6ff939fb5168efdf5ceed571d2d220e195fb150
|
|
| Gigabyte | GA-Z77N-WIFI |
Affected:
25c38be153f85659377f63b4968f5425bf7e8d6c99fb695eeaaed973939bd943
|
|
| Gigabyte | G1.Sniper M3 |
Affected:
bcd286446cd358474b492a2c9a4d49eab652aeda52c0e69ef94b1cd12b7579b5
|
|
| Gigabyte | GA-H61M-S2P-R3 (rev. 3.0) |
Affected:
0e26169fbddeb0ca9b8283dba44d571b554487b5dd9348caf84fe9d7a6a20dcc
|
|
| Gigabyte | GA-Z68X-UD3-B3 |
Affected:
c0adc82a52cbe367efed31279d6e1ea3ab98311db49a68ae149e4af9a70ab67a
|
|
| Gigabyte | GA-P67-DS3-B3 |
Affected:
ff5f5836457aa7fd0f02d037d0dc23b5c5a49fef8f7360268d7276e577060256
|
|
| Gigabyte | GA-P67X-UD3-B3 |
Affected:
b8fb25742a7753c0f7ebac50e9e3d6186ea123dcd0e33eb0a64abc111eaa7728
|
|
| Gigabyte | GA-P67X-UD3R-B3 (rev. 1.0) |
Affected:
435e0ba0715afef2a466835c19105c6480a35f921af59b863f2c29ed2d1de0e6
|
|
| Gigabyte | GA-Z68MA-D2H-B3 (rev. 1.0) |
Affected:
e8d1572bf6bb0b658f618c735322e6c1aa20d01b79c9100e3d177b6c27ced480
|
|
| Gigabyte | GA-P67A-D3-B3 |
Affected:
d36182899b2c912ba34f51b50bbf228e1ec367b0fc009d20d34e4f011f4e9fc1
|
|
| Gigabyte | GA-P67A-UD3-B3 (rev. 1.x) |
Affected:
c46c76138b4cf0a3407c3fe2844c11fdd5c0c2c4d335ab58aa0b0617a6f13f33
|
|
| Gigabyte | GA-Z68X-UD3R-B3 |
Affected:
50d3dc2e80333527177e5f5e1dbc06357ecaae3fa2dd1d51272a906ade3cd7e1
|
|
| Gigabyte | GA-Z68X-UD4-B3 (rev. 1.0) |
Affected:
beedbc9f64d20973229b584d965bcaf2f8fdc4a88c4bc202eb5e9f5565c85fa4
|
|
| Gigabyte | GA-Z68XP-UD3-iSSD (rev. 1.0) |
Affected:
f615668a861c9d430afe7b40f42f352881132d193d16426951563997fbdc81da
|
|
| Gigabyte | GA-Z68XP-UD3P (rev. 1.0) |
Affected:
1d3552918dfc84151da3dabc0687a4513f1dea9d6879d53a8b8646398fc462e5
|
|
| Gigabyte | GA-Z68XP-UD3R (rev. 1.0) |
Affected:
e4f33b57947d45b3e43bdd7bafd68d2f4c799fdf0b72a8a2ca61319ab760ae67
|
|
| Gigabyte | GA-Z68P-DS3 (rev. 2.0) |
Affected:
5823dc1fbc95d092e02519c069c4fd111783428757b969fd8b9dbac1009fe91e
|
|
| Gigabyte | GA-Z68XP-D3 (rev. 1.0) |
Affected:
384d9e1e3cad82b7841f33115dbfdf38589420716c8c0aa5a190971a44aa39e9
|
|
| Gigabyte | GA-Z68A-D3-B3 (rev. 1.0) |
Affected:
2065b895916edbec17057603ba98779b4bd10cbfc3477a87c767a36fb027b76a
|
|
| Gigabyte | GA-Z68A-D3H-B3 (rev. 1.0) |
Affected:
d6c9d4c8caf3307da9b1d6543e00682a3cddf1dc06c41f0f973355cb9c8554bc
|
|
| Gigabyte | GA-Z68AP-D3 |
Affected:
7013aca3c062f040cf9d0448f7e2892101b30e5956915c8dc3a53c3c2aacd13d
|
|
| Gigabyte | GA-Z68M-D2H |
Affected:
d6d451499ebe6d8dd621f1c2ebb00b87dd01f7870b791e682b66d5f33eb01d8b
|
|
| Gigabyte | GA-Z68XP-UD3 |
Affected:
c676efd7e6c8bf4a7d3da8aa51b2b564d77c67f6d2be68b25232326166e0c20b
|
|
| Gigabyte | GA-Z68XP-UD4 (rev. 1.0) |
Affected:
4ae3a48e1a715461671107f9e8e790cfd1c4ee4d2b8ddaa50b140d67622b920f
|
|
| Gigabyte | GA-C1007UN (rev. 1.0) |
Affected:
7b2aaaa9f92c0e6fa23a59bdda27d5cb26e8fdece26bc756893490d3ee657a4b
|
|
| Gigabyte | GA-C1007UN-D (rev. 1.0) |
Affected:
fcf7c3d07e1bf9f1347e48dd3ac6e45fc9492648985a06394ab6568a7a71e262
|
|
| Gigabyte | GA-H77M-HD3 |
Affected:
e3b619d396378c2e6bc2f550cf1c55cd17e7091fa4ab90761f32582eba28884d
|
|
| Gigabyte | G1.Sniper 3 (rev. 1.0) |
Affected:
cfa61511dad005aeb4ab01678f87169c7d509d59042b2fd33e8b58bdb34febe6
|
|
| Gigabyte | GA-6UASL3 (rev. 1.x/2.x) |
Affected:
7196b64c2f89763d2ea7f0f106d06352ae2c0e17a83fed2d10548e1aefa39245
|
|
| Gigabyte | GA-Z77X-UD4H |
Affected:
3ff3a0cad413c0b862ba515d60cac0e98e373e199f0d92c79a77ebe6fa6a2247
|
|
| Gigabyte | GA-Q77M-D2H (rev. 1.0) |
Affected:
43216a565586f1c49090c7982e6f3c1e41b179e430d7ac0c47c8ad07308a5bc3
|
|
| Gigabyte | GA-Z77-HD4 |
Affected:
f6cd8446d78da9720f06cd360a48e9b6bdae33e342e18cb05420adb78fe05858
|
|
| Gigabyte | GA-Z77-HD3 |
Affected:
c1209a2eb0b5eb9324e1a8ce11c77ca141023b94b988bd1df4db390dda4c275a
|
|
| Gigabyte | GA-Z77P-D3 |
Affected:
00fa676c6d12df8a48049f39b87e3343769356e880d2abcaf04ab1b679c450f9
|
|
| Gigabyte | GA-Z77X-UP4 TH (rev. 1.0) |
Affected:
c5310894b9a2bb510f37c49852d743d64343a698436ca22d9b7a44bcf20e447a
|
|
| Gigabyte | Q1742F |
Affected:
350cc51e5e7fa472e95460eed374eb1f9a43ea4e615e2654c26a9da4d83bf529
|
|
| Gigabyte | GA-6UASL1 (rev. 1.0) |
Affected:
f86f7ad9ffbc7437bba6bcf99d08b8de38f945bedff00c2d35362387077eabea
|
|
| Gigabyte | Q2542N |
Affected:
3d6faf2792722d1b9fbff087e4d85ddd2a4f9922a7848ed4db99284687df3b23
|
|
| HP | hp-proone-400-g1-19.5-inch-non-touch-all-in-one-pc |
Affected:
642290f1b37e616b64b3c6b60921e24ddad599a38e67cd46a281b24c1ab62bb3
|
|
| HP | hp-rp5-retail-system-model-5810 |
Affected:
2a090cfc69ebd88dbe2e2e9c52a7f3a75b8b150478e30a752c5c0f09129f3bc9
|
|
| HP | hp-z1-all-in-one-g2-workstation |
Affected:
d0a54ae69192d2d0289b2c9ae33a6ffd0a0db78189b41b032e18a3452c878eab
|
|
| HP | hp-z228-microtower-workstation |
Affected:
5174331d57cf3392012b00a6de381ee7a873f7fbd217bfa3e744b7dd6136807b
|
|
| HP | hp-z820-workstation |
Affected:
b02cdd16e398c2f31e9641d27d99865c404357136f857a1e2dcf2f7479b9457d
|
|
| HP | hp-z420-workstation |
Affected:
05e89382e73afb280f637acbfa1029e9107dd30c78df37b6a00f184657f5f2c3
|
|
| HP | hp-z1-all-in-one-workstation |
Affected:
b6fd5cd3364bdfa459f040c1693b879bbcf508513124bb95b5f36743efd8e73c
|
|
| HP | hp-z220-convertible-minitower-workstation |
Affected:
cc5a9c2d4827e9b1501c2dc0a464f580d4a2d65e4ff83dbab548e51839339d06
|
|
| HP | hp-prodesk-400-g1-microtower-pc |
Affected:
289f0fa72150a52f2b71bc6bf23f343ad9c1c412aa5977e89ffde7474562cb18
|
|
| HP | hp-prodesk-600-g1-desktop-mini-pc |
Affected:
a80a5c395fd3b28b0130d4579dd3e462f9e38bccb2a42cc5245cedd70b27ff0e
|
|
| HP | hp-compaq-elite-8380-convertible-minitower-pc |
Affected:
455164a23e14f8cc9567b458dfb85106294f149f0e446d2d8b4036551f894cf5
|
|
| HP | hp-elitedesk-705-g1-desktop-mini-pc |
Affected:
1650cfd06bb698ad3cecd9e0c38b0de04d29f9c397492ba70b985b033e2458da
|
|
| HP | hp-compaq-pro-6305-microtower-pc |
Affected:
44988d41019bf5c7989b71e966b97752f60c835ba2300c7d55323eded97c21e6
|
|
| HP | hp-elitedesk-800-g1-tower-pc |
Affected:
659078fcdff1dead57cd05eafa0af4de667b52e981d1b907f0d963b41902dc7a
|
|
| Lenovo | lenovo-10w-type-82st-82su |
Affected:
69dae6e64125b37fa0ee09f5cd9bf3581b3244e99d9b4651395834f9eef021af
|
|
| Lenovo | thinkcentre-edge-62z |
Affected:
b04cc879ac09941e714a8ccce371111bcbbc8d7b1dd1ecdc823de09fd2dad7b3
|
|
| Lenovo | thinkcentre-m72z |
Affected:
4438137139edb1e04de7e265e94444e1c87316b0821178285d87763f00bcc5df
|
|
| Lenovo | thinkcentre-edge-92z |
Affected:
e37c7b66aef1c9702b08f3d08a41edf3e4617fc94a17f318297506868e1d254e
|
|
| Lenovo | thinkcentre-m62z |
Affected:
76c5461e86a33095c4191aa02ccba85cdad5f24ac9c816fb8ab6f408cf32dcdf
|
|
| Lenovo | lenovo-62-desktop |
Affected:
73a8fdf89ed1a2d0af45142f4b4498545ce4182ca704ad2b292490263480b1fd
|
|
| Lenovo | aio-510-22asr |
Affected:
47affcc25ded66333920985902473398438b49dac28be82542062ddabffec3c8
|
|
| Lenovo | aio-300-22isu |
Affected:
a6b6a2940a5f4c98e2f531624707fd8ab7dc61f4b3d3de0457fe00ba3cc5c135
|
|
| Lenovo | lenovo-c460-all-in-one |
Affected:
1235ca01cc48484db1157b312ec1632c45be511cfbff28d25404df0a3df47148
|
|
| Lenovo | lenovo-c365-all-in-one |
Affected:
7cf94927f6826886883baf229f3cc2f2545588a564ddb7583f2b52853aeb5b21
|
|
| Lenovo | lenovo-erazer-x700-desktop |
Affected:
8dbcebb69c00242f0a346c34776171061d606262f412e92f84be99301d413c21
|
|
| Lenovo | lenovo-h520e-desktop |
Affected:
0ee94a5c0d4b93a2a1618d144bb0a505865a5d308c484c80fcf26fe31f23617a
|
|
| Supermicro | Multiple |
Affected:
https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024
|
|
| Fujitsu | Multiple |
Affected:
https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf
|
|
| Intel | Multiple |
Affected:
https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-30T16:02:49.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/455367"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-8105",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T20:18:46.069299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T20:21:06.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vz2694g",
"vendor": "Acer",
"versions": [
{
"lessThan": "0",
"status": "affected",
"version": "d61d0e09d008bfb29bc32532b1b94fcc4ee2af5e8372c6d38722a4e73ecc71d6",
"versionType": "sha256sum"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire s 27",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "2bd2bfaf79a72eaca45e544e5c6a5bb842b292bdc229b8975b3101a4013e0d5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire s32-1856",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "29837e239487cc83818a7f40f9280d9692a50376487899edd603494b0f30e4c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire xc-1710",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "cdaa406bda1a58fbe9933622dec218a26f79871d42f0d3576fbf878e51a16201"
}
]
},
{
"defaultStatus": "unaffected",
"product": "c24-1655",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "399f68dc94a6c42030efcd57fd034ff721f860b7b5d447779e7a6a6c99aba34f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aspire c22-1600",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "d938d08543d35d4249a51057c1d9c62bb1f6440af19913c5feffcea47dd3de95"
}
]
},
{
"defaultStatus": "unaffected",
"product": "c24-962",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "3d525f96f63995c51ab1bcd2c50ebb71661ffeca9f78f97cc97e851d0e2bbbdd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "altos r680 f4",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "a2679a9595a104d70bddc024dbc4f65f0dc9d906f30a0d1ae6b996b14246a6c2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "altos r680s f4",
"vendor": "Acer",
"versions": [
{
"status": "affected",
"version": "e5fdaabf11b236c5c7b040d674936e84db746a180ab9999317e16dcb77aeeba4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iAPLx-DE(TAA30 TEST)",
"vendor": "Aopen",
"versions": [
{
"status": "affected",
"version": "94c6f84946db100b505af8a308f69ef6cddc2e310b50641a6e2e63bc9aed54e0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iKBLMUx-DER(Volta Charging)",
"vendor": "Aopen",
"versions": [
{
"status": "affected",
"version": "fcd339e12730f057e41ad41228f9612d4954f2d0dbcfeef37e14dcdaf2866e05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3510-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7fbfd8b03d178e074572dff764f28af98c87c7556ce3837ccb8dfe993efa1940"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x17-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "65f5939878deede2e1b24a6412ba025b78f45b1562e9d365d97e1c76a32a1832"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m17-r4-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f75b595b9ce5e1e25a5d64e54edffdf696251b4f4e860c0d3a03a183631f090e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x14-r1-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "620848eeadb74a572d6400672aecca35f46dfdc7b5152bb028fbcbf74ea7bccd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r15-amd-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "6348442334e85e8374884ea848685771053a7cf274ccb77559c710b5a00f61e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m17-r3-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "413a04c12bde19f1f97d9d334ed57197f0405f9f10ab7154d2b71e5471577c97"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-area51m-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "253743e7a39d0b709122c5329799f4c4608536eeb632218e7f0cbe1f6e8b5db8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-x15-r1-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "4fc54067f263791aed2fa4b57b226ea15c4eb0f55b3797e002bb62aa936bdd8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3521-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e2242e4aa3a284fcbbcf2f38a10bec24408f1eff74bb307e699ea46f483359f2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r11-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "8f79d9de33f5f131226a78ccb10bb16218a5be51b2105cc32e38ceb0c8c30e9a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-3502-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "62c02a9b5a4d4328ac41c3e3aa7757e64e6c5cd52b9e047333ad18e60d17fcb6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r13-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "dc5912033c5ca14475f2d59ca47f25c8840f362f0c8553d13bb06a8e47c42abf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "xps-8950-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "6982be0bd8e1aed1251fe5300eec2b515b7cab70e761cfb72074f5d658d092d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r15-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7e310dca802db0f7a22d39bb2d7d5b79c7e9df8e5698f0e691942ec334ce5794"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r14-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "26a447a94e96fa8d9c590888cae490750c32d5af95faece3595f21efc41c1f2c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-aurora-r16-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "06a9dffc8fb3edafd1b6377cf38879860a0ae3c87f97258e09d189d291f64ead"
}
]
},
{
"defaultStatus": "unaffected",
"product": "xps-8960-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "0dcd7494f4926fb04b56e9713f0b62eff3a345b626fa2adaf47636bf0bb4c3eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-m15-r2-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "69da86e9cf24c49496529f3041604a6bb1c0c0ab86c192239d31d3a9b92467cd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-17-3782-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "602a23f43b11817ad5439579969753866a54b836f34dfe19342e5188cf088d85"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-15-r4",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "608e410d1c0475dac58b1e8f36b477aa8d9e9f28d30ec89d44b550e36bbbaf47"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-5680-gaming-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f1075841f54237735c1135ebf92baeab9c0c3f8b051229f898520f5b0f265353"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "d4ed519bd5e5ba2f027d00635494d485f19f3080d8baf6d711b190323294e216"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "cb25317443d65ba126174c8b7547c7d2f6c0288f859e2063436eb7b350d9bf62"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3472-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "02877ae1ee43c787fa980d6e897e14546ac193100395bbcc6bc26fdf3077e860"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-r3",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "003130dabf11c8b5df286d9584b3174faa9529cd6149513d13c7ce85d63d97b0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13-r2",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e6819bd24e063807336994f36e1b7cafbbec46c2679a365dde1b54b720a049e4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-24-5460-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "d54e560849c716d0ded4b25d9aacc746f77174cc6d3eeb3a50424eaf337c92aa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-20-3059-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "4b4fd4cc68e48cfbacaf1279ff42ce6e9d37aa7706efffb2a0bb84fbda2aabd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-5459-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2c6a0bd7b3a91b9e1b309bde7d405812a42abe40001ce661252d81e7cd009650"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-22-3263-desktop-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "13deddbbdccb6e5411317e96bdb045e28c0dcbb7e86ed5f32e5d24b4b54a5657"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3250-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "95446bcddec63d36a9f5554815892c104febb73c676a075d789e4b7c69979fa6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-3464-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "3ffd081959db4684563f0044cca9ac16d5467a42d40913f503bad8d171bf1c99"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3662-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "5a02b9214bb7ca03030323835a85efd84d369ff02a6baf9193083e2b22e8d0c3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-13",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "fe9e2b75babda09ba22a3e99494198e125188d9345bda2b961f10e98e6c2b784"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-one-23-2330-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "374f19a62abe5b7c195038ebc945528046478ba7fac2b7b429edfaa47122e6e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-17-r2",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "e94ccb36573d53127cfdf1f6d617c31ba8562fbdd4b43e48fe1fd52325315756"
}
]
},
{
"defaultStatus": "unaffected",
"product": "poweredge-c5230",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "52dbddaf0c9803e7f9dd389519b829515abe97dc0fbd9b979230de28880f595d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "alienware-alpha",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "f1d2c02737ba96e93892f38c161b3f35fbca79a4302e439e8405d3434ed88fdb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-15-5552-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "73e72a45f92daa7ef76dcf82e6d13113cd9acbd2250d78d2e02232535f83fbc5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3646-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "081c82a0748297ca5841b1772330fb6e776c678d425789a66e3072fb73d072d7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-24-3455-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2fd0f72190810fa5c4a2a3f57a7bce51dd0baa47584b59b7cba4752a92c66ee5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-20-3052-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "c4574a6a5e1e6b4f3b4a3317b51d75c3764395775f900b9ede99dca5e76849f2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-3252-small-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "9cc04e65928cf4852d0ae16d55808b42542387ae389ebbd3e42f888638909932"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3655-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "31a7af2885146a94a82ce214a26e4dcdcfa36969aa47a7a1eaf3725fa6a2198d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-22-3265-desktop-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "7c0c8fab8b15d6de59936a3921f85d9e79f710c6c6db6459804b679d82760e26"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-17-5755-laptop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "19967c4eebd851b31936c8cab20f86008c7f065cf93217f6cc82350521cc640f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "inspiron-3656-desktop",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "a0e12007dd08b6d9a22fcc6548d0562ea3a966b2030ea9d00c739971e02b6c9a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vostro-20-3015-aio",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "05b03dab647098c957cadd2a66ebb1401dc5dae51f267351c0d076c239d5856b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Studio Sys UPD",
"vendor": "Formelife",
"versions": [
{
"status": "affected",
"version": "a451ed9d6359fd109f495c75bab2678285265a72be64b3e5d0d5447a0e167cd5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E152-ZE1 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a9638651a2475403924f124552dc199689a45d2e2e59e3dea2b223667dfb63de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AU47 M1",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "d3715136d50fc486ef59fb4aee1d7f06552fdf98423809939538fe905a1aa0b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY TX100 S3p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "bfadb1d20541d4c39857e7b295b7ad20ce81d393f014eae27565bc173c1880c0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY CX270 S2",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "e44c2088ee54191192cc690787d74d8ddbfe3fc97c58fb2c42cf8a952784c94f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY CX420 S1 Chassis",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "c27a0e267f18a89c8ba8aadd37786ef8fe18162b60b45fc209bf992b570837af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY RX100 S7p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "e71744d4e18cbee18a1fe381a8a83350487baa6cfbf3729d999f85d7b650610a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PRIMERGY TX120 S3p",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "51a9197d05b1aad84546d9469b2c400bd7536eea62b2760a308e5bf84e71d74b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G152-Z12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ad457250d51a0638880d9cf1df9dd029ab34b36265eda73c5459d8d0460ba3de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ab6af312a78886a13144814ce766a771604755f8dd303381658026304415280"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eef3fd99672410b85e6342c5757723d0d3ccecef9805237955baa20780de8b4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-ZR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f21b8f836105cdb4051d8bb29302dcf86836b640bf048b24f3c76e930b513b32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z20 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "62bb737d55f4caa082b7ea2aa6f8a59c8efdaf9d5ac5b158cbfb32a6cead8164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z43",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1b6ff7d60400c7c21a5b28f947475e61abee187627c1ff12cddb25b1ce59ecb3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z45",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "18def9ce5aa6551c1d7e77e9f53e34701f77b89d6b32d41ea050cc94d52941e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z50",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b14d2e3fadc16c97684a4ae947798bb3a67372441dd7252568f71fc86e98ae9f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-Z52",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "062e3100bfbe635c66feed863141f7a6f2bfcf0b887a5b3d7ae31fb610d17cac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H252-Z12 (rev. A02)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac416150a9752dc20107bef240e73c6054af4992348003429bfd97a7373f4f27"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z61",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "340cc5c8f4468eb2d36b684dffbf139b4ac4504b5db3993c3c1b5145858c5131"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z6B",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0e761b6f3c7d3a1407addf499ff848c493a9d0b0197368cbe858bbc4fa5a4702"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H282-ZC0 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b739af751913ea6ff42999069963dcf6a1bdd58a3de800ab721d9bdbd59bf0d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ32-AR0 (rev. 3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a4102b19258804214beb838f61699a7623cc654341e6f60ad986dae805935c14"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 3.x/4.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0a3837abd91821c4ad98687d2dc6456b7fcb05c8b672c48f242ffeabfa3e9b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB2 (rev. 3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7678e64f7728c059b228ddec74f0918f0544d5193f7b8efe0bf03e8f36c2f5c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "122baff0bf1243b945a7eaa9ca55303469d624d6150d4da136d697878177f1a8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9d318d27111a3c5a2e3a6451103750d70dec9d6e9d048f7e98fcd60066b98aee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-Z90 (rev. A00/B00/AT0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dbd77ee47e4bccbb2b8af2883765641e9d7c404937da2942637fa1b4b6d4d635"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R262-ZA2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c7f73261e85bdc43932e49254cb8654ed2ce0945379592cecb081d51e5834289"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z97 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "076310804e591d1c2d4ab1d53cff0866c04a4189e03e6964b528b8a94faa7991"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S252-ZC0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8927ee41096d71b75bbef2672e22f640a22ae3588f4f44786fff92c70b861885"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-CE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "79700c28616b906f5534cf45d4582878a73f96eff24f1f894bd04b24c00eade8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-PE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac5ec67cafd72fd7f497c3759b0dcf359de8b7db6941120c0c69d5f3eea4bcbc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME33-AR0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8bdf9b526d2e9e65f23ded60745006c65678d184a258761666d3864432cc0cac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-EG0-AAC1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "630321979d80b22e20ca5fc713b2e3e1a8d9ec9ecaa6e2f814193ab8471636aa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R243-E30-AAC1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ae9c0a6e84b0c2912eda99c2de4e95d45c0c8feb2a097e02832ae03c74796f50"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G191-H44",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "28068e88e5041161f4485f958f49060d6a865e4beb0b53bafc8f3c5e5e3923b9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G241-G40 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "912834981a1de06dcdd4f8cfd11e7db46ac691e5ef20616d76d859e889c303be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-2G0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0dbbb711ff0879479dc30b9a7116fb94f093e0225b74916f6b79edae90d8fb2a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G591-HS0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bce2bb4589e9ba8bc8029514a887f3f3bb4ded3556bb5d77dc1a38bad564b435"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H231-G20 (rev. 100/A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "819cf98fc21e036b3ae7e6390ae09edcf6fc6c260b22bf6ede0852029ef2495b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-H61 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "190d03dff0cfed20b38ae3270c8bb197b024765963dff6b7730d96bfebcbb24c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-NO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7eab23785afd939c2abdf53e001e896c67216a6cc75b646d990fdf92ae226748"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H281-PE0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9f715f7b4128701de97332885c28547fe89ca4214de5af85623ab90670fdbbff"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD61-SC2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98c90d7d56e82fcf28b362fbf659c3dfd3f987de96d997defe2ef2e78f33cecf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD71-HB0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "82bbbdeed52e95c3f19ad09cc8fff5ea17f9f5341fbef5f88fba478c24e9fd66"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD71-HB1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6957244c7417f2ea28889e02d23b63091b6049b82263872ec3a952765becf9c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU71-SU0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "67c4f4ad83e151ebe6e61092bec3153ec269e7be1945dbba0c61091a345a885e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R161-340 (rev. 100/200)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1bea20b7f9327d743487da2db53e5fb89ace6d22f56600b58918737418e716ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R281-3C1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "aef16fc11c0f6ddca64581dc5b42b9d6e4ab66807ae7c5a30ccfd8f6774a2b18"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R281-3C2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5077c5d90bce52e6e22371dd64910f30aad69c42aaf9a144165682fffe23c3e0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T181-G20 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c2b46f65550950fb75d45f5bff54bbed8d4877d803a9688739abd47909fc5f6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC13-LE0 (rev. 1.x/3.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a1f593c61f035734a87dddbe547a18a52d641785c40cfd320b0a0802be57a1e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R123-C00",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ddce5a86b35fcf3fe494169bd1834b1f40f24b1a4938e5239bba011dfb981949"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-C10 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a09c15eaf24a7804b16fa6fc8e4d16c8ebbc850d070439b2c1ead835f4626dc0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z23",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36b879d3be098143f10fd76db48424f3c3470ffffbe2f828ec7462bd8ec73dcf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z42 (rev. IAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b98e94dc0b78131fe59ca6a9c0a142037d412e2ce5fcdb9d0d6d10f102b1d5fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G363-ZR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b2bdfb3a454065b92210cf8a11ef836b45b1db8679d31b45e65a71d1f5efdee8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB4 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "930761233953091f36c6f92e069229f7dd6c86555c03315e1cf51f9fd349ac79"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZD1 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c564d83ca92af69a296c473cf748d2a6062883164794856c8be429a652e421fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZD2 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "74e19d515a7d2d4644f026bd8ea3ee5035b1d325189d9ff2184892a62a7cddc2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G593-ZX1 (rev. AAX1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "637be0a8baa2b2a07788add89178c5ff71b837b0d7313d31252293e87a8c3734"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H223-Z10 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d2868fe9d5c6ff7e0397d929f170cc6ff006c5d1b5f7bd99d937de8f93dbcd5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H233-Z80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5bcc229773a51f96a3904ab181bc621231f881b88a9f59b9427555d9bc868045"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H253-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4978fa8b487795206594ef340a6c846814e02e248aaf6d6d22e21e58c194fc00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H273-Z80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7d216a628dc15d65ad64ee6535a8c190260c9616945108237dab43b3fb1ed549"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-AR0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2c185f2a4900213d87796a8f1b7ba719d3506961c3587cc6b6c39ebae2067e93"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-CP0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "13b00bbbbe69eb17f726a086841770b17b9b5b02c903d165e5dcbc371b87e4d6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM0 (rev. 2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "140cae90bff7b80c41f0fc69c6439ec9ef3e7b54e408a29dcb9b41bcdf07bb3d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36d2df2564747908c8f8b28df00ea5504783b9308fc76899d0a5ac1b57f43361"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z35 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6e276e4fdfd0ddecdf0c1df49718595d0c4bcb28850897215b88fa01c239b62d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-Z90 (rev. LAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9bb0e8c4030538d2b820b333ffa1b211a7930953f30bc9ba206eb26adfa45741"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-Z93 (rev. AAV1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "44c75c03ddbd8689b7a5df96689d730f002367d428da0982bf089c8f6909a75e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z35 (rev. AAF1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4f59fb01703b0e6cd5140683e9eb6d98c452b3acb64ab642004276daf49e1ace"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z93",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "59c838f97265422664d3508ad13e370351e9f482983d942dd7fbf33bbbf00587"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z97",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "42329f479e5572eadd01b94fa8f3f3ae16b7fb4452ac2111f886855e4f52597b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-ZF0 (rev. IAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3b999a0a4b3a7336597e7373e3317dd29b91f5510fdfcc8323988d1edab6c23a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-Z12 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "920c4d1c705e8b80e94b19f2c690d1fa4f25f0f6954db6209ed5118d7927fc32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H223-V10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9387dfa08afff4cd1f875331c6eb24ac6758d608976603c7398c039dde35890"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "76f7ae620a91ff5e8590a2f22f59018e613aeb12b626b886d6ce2f5e4276fce9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "57be6485a091b1f60afa9a2af34cff051e293d03696c04ba578f97ac38a34d4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-V60 (rev. AAW1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2221d582286ebe04101fc5bd7e353e3f8826c86f948defeb8ac265b8c7ceb8d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E162-220",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0c8eb9d218ca1706bd15989efc2915e792918b52cdcac38a4845913631f6cccd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-IR0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ebf41cbd3da1701755a788922944f1ec7e13aa8396a03611cef2e3940da4cc20"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-280",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5caad5c1ff5d9518017d64a2dc8cb2a83e294520ba6460c0a1b14212688f39a4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ID0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c2902ae30064150ea9236e92b819a2cf96c47ad73f0439233471b89bb04cc13a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H252-3C0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "436d56f15a1373c341638cc0edd950866bd519e0cb1e0de07ab7df2c59fba5d1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "83eeeab2bc322fa12b1ab2be69ba64ade98d999f8e1118ba1d6957c45b52a6c7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC1 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "083289beeb6b2d85285084059994d0ae833833cc7284428b6eea303099d99090"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-PC2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "db38dafec56ac3bb8948390f699fddf5a3f3f2b33d0a696d41c803c059a5b940"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB0 (rev. 1.x/2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eff883c442f1805faa24a44e645413d9c9d3d95e6e0bb5c227124f7eac8187b6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB1 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43eacbb8f8ffe499f4d0715cf6f798cd81351474abce0e410ecfeed7071740e3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ede862fa7c647cdd18ab5b2cc90aeec53c35e7f2a9e8d3cc9bd4f1f4e7837b30"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB3 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ffc9128e64f5a30a78f594923301a6110a8a97c236665f4d4ca7ea28d8a8d21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU72-SU0 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "776719490d81637a1604081fa3e9ea7fc975020cbb45103bbe4efc70ed69c6e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU92-TU0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6c0481e584911e1758040140b89593d1839956ef379a6d45d5ac37d0666b866"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU92-TU1 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "80073632c479a5522a64e14cd9bdb4cb12c3b86eb8eee5c36f63c40c96865334"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-34A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "da898f000b47ebe799f88868276a9f9a0744ae283480c70b4506f17218696a52"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-NA0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b851b25b7dfd2d50e710016c21c06a5aab78fcd64597ca631669b7e6344db6d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-NC0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "75adec4e87cb200578f3899c3bd7435bbdadcc4941e5edcb5a3fe3055a8ad190"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-G30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee788077e078691ba0f587f2f9f044667b3463f794d8f38fa0c96e8b68550703"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB1 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "64c336027bad7ec398c64d31ec444c47ec0d0b60eaf89202547967cc1b21fed3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ33-AR0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4270e08e2fca65beb36f8adaf338c4b94d248a98eb3d205d0fcf6a1cd2d6ca6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM0 (rev. 2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "29ed1fb8fd445c86fb30ef02e78db0b5be5213ece5edebf5f9702daaa94f5ed2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ73-LM1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5be6bd89d0e644714c6c98502efcb6e5b90fbdf3101f82cd821d04d2fb11e60f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z34 (rev. AAH1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00089e4dbac3fcc36ba347ac7d7f9067722601a9a55c2360bf9cae439a52c010"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z35 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ea3e4c728b066bf6827adb0497ec6e32ab66c546c4ca89fca8f3113c3d74e950"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 (rev. 1.0/1.1/1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5e55411efbcff6e593a2de57f46b6040324f35c1ed14f902333a71b6cea38930"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E251-U70 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6c404dfcb9550bf9080bb679ccfba607c96b149772c345ddeab0f881fdd16f8b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "84c011953dcd5981156d4d5488c82f53ee73cc839d3359004d491b0f1fbf2808"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-ZB0 (rev. AAP1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c4dca3104af399295b160bd3ad7d01d38f9dc86e7143dceae68403480d7c19cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z94",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47da1b96a4296aa07edf9e4f54df7dc663e8c8134477ee8718319667073a5d7f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-ZF0 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0f77013fe1a7795b311828614ab371df89c88dd7ddd165d17130422289838731"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX34-BS0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5b7f646ddc82ab730c91e13b52d86d9fa3c28d0b0cd1569fcf0a9b77509d7c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R123-X00 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "876f82d1e8632fff9b24a04be60fb1486a1e4eefb8b20183580874680fc06150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8567d8f2fd8a32c33c81aae33ef21e34f818159199f0beed6c10dd6e2283351f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G242-Z10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c7e9eff716b9e7000c89692637c58014ee0be37d7ddd39a0c2ae4ecba82e38fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC12-LE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e37407821e4af774debc51d6dd492c11fe6652ebfd25febae7a603a7ef69822"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW34-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "add3e41160a5effcd5a6dbfcda45072059e02f5a6fa39042fdbf36ae8193067f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E133-C10",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d5900b5a13292df17073793a00393ea8e60a645104ebf8d95c5407674421c76"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E163-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ecbdd2c9fdb6e9bc4f2e48b5b3e1651977a39eddc6480cc4888462636648f38"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC62-G41 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dc4153ee0a3333ab789383cef8b0d9760b9f416138a093cd3357370261babf4e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX33-BS0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0e138096681313a3923eefa3bd3480e6416c73d627d3888b36ce7bb6b2b989f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MC13-LE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9f880e1df8c0a237dd9cf607e19287817eb75f59057e8df89ade763ca7b6812"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z33 (rev. AAL1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d18f17a61f21b0b96542a3efd2a543cf87b434d86055e48aaac951f09c53e0e3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-X13 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3e3fbdde80c01e9755408922f67ad04834a61cb5e519ab010b151b68772a9784"
}
]
},
{
"defaultStatus": "unaffected",
"product": "B760M D2HX LITE SI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "641b9c056a8fecdc3a572db60e00f0b0fed7722fe9cf377bc4b6ee9208423107"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-7840",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f63845840d8dabf49f4a1137c4b1558257748fc26812bd693de92ed0257362ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z32 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7fd571d3ff56fa697a130f06d98ae3d2568e4e3d5848cc0966f4e00617801cf2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD72-HB2 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e01af875c3100fa3d72d014aaf93417317a1a4a4e69c4a28c216c73dfa5e041f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310MSTX-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "094ba53bd3f96434153ed4c426a2c9f8b62ccab2b7ff60932061f9fa84a9309e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310TN-CM",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9f5d955a2b3e33b9ba93e98d56a3ce4c997c4234161a4637aa88eda81cfc743a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H310TN-R2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ad827acb383f51e80cfd4605f8b02186b680f61ba0129e6c054af896dbe6d48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H310N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "de983965452c5d6bdbf7e4137ef30782337efded699beb2db1cb1cfab2a9cdb9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-E30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0ed7595a6c1b6e26d1e930ca3a8c1c0dd619db049ef112fa653b8bf9b026bda"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-Z11",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c70331be155ee7c048b0296e15de195158c1215b1ddb31fb842018467c5857d1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-S46 (rev. AAM1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4151a030854ddba555d497a9d2626723d662a9c81e86b39e4e2c02c209ebabbc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-S35 (rev. AAH1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f8c33896586db20586273c8378d4fd18e49a4db7b6ac15333eb67536536c40da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-S94",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "70ed5ca85b768ef6f9bb36baa9596d07fb259c775b457464c138a7494f7340a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO25-S11 (rev. AA01)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9ad9beef2a8253dc72e6bdd37d76bd54fcae482fbd3308904d87dfaa4df281e2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z54",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f446b6d7d932602558e4abdbea9a9b826a12d27c535ca6c2d0bafa5e34ec3864"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R183-S90 (rev. LAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9cee49e6b444421c55798f7ce7bf7a1eebc6d6f75319c2bcb39bd11b4075c71a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX34-BS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5380cc7bc3d652f0d0316dd3225fb45f1bb054e9c568b9c8e8bf9591306cdbaf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-S45",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "77b27203150cbb0b885df35e361b1a193163316e3f315be4e7967312b097aedd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-S30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0c5fec105a86f8b7ffa77bd983d3ed0b54cbc65542e0ffdb9aae29cfc2ddd8e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R133-X11 (rev. AAG1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e8f28f55ed2fb648c7237e216e5c377da45e9f6d6a746605515002aaf502ae4c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-Z91 (rev. AAV1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1fee6620306388e1d23dba7889b858bd56a091cf04ee68db32639e14d9b87a14"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R143-EG0 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "672102a1648ac9839230ff8c818edc737b01fbe92250ae0db8ae2441b257f5d7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi3-1220 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "39ea2372c5af03dacf3a4112895e5bb59489497c23828e38acd4b4fec35df970"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi5-1240 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d34f17d147062c8aa223fd2e528b8c10c0879e8ee2d6064607f45e93908a935"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BEi7-1260 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dc45a2e1fd0112f5deac4678b7b093d4e233256af8e492104658c38a5ad426da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-S90 (rev. AAD1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "059d906408ac5c7daa81504d9e9057023d7686c9383faa48ef6f195d4b32d997"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G493-SB0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "394bf746dc6183441ea4d034769683c92eb999195fe6ab6e1fbf10c4cd1aed32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H263-S62",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d733c74eeca529ae54b842ea757213532781db14b38c9222f4eb34be5ac7e1b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-SG0 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "35ec23b26774c9030a1deca1b66837805aa7bedd6518d5be506681f2296b5e17"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S453-S70",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9fb2a464f53ad26c1bab90ee2437c0c265ef6d0faf419af58baca323c6156b7a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E163-S30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a7ac0837b77d7a91edb4e5fbfde127eafe1601e858a6312af9e555646de46480"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G293-Z20",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "abe7715141d75d5817b2456105d037d116c441796c7a373dbf3307412e111bf5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO15-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b0766c740aceae7f71543bfb22d3c757640e714e52f32a17a3d42f9d16d39383"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E133-C10 (rev. AAA1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2af044c4474abc534ec6da84e1e6415386421dbc897ed2946efe131840de8161"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R271-Z00 (rev. B00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcff49fc24b1b8cf02fce97a15b0bc8bb19c6979df21136007c677ac3b9023c7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ME03-PE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2bf55cd3046c8fb548063466ea9eb0802c4401f3c04a13f9ef693fe7c23570ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 (rev. 1.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8448a4dad1df740fb0882eb8533c40a2227e385f9f2f07a546c1d2e6020b7cbf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0dc9159572d38d754e168d1290219dc558cc72e67e8fa72727ddd43a5ad187e7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E152-ZE0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "83d24271a7b1b9bba7070c128edcc8b4d6a5e7c96caa920baf5c014efbf6775d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z93 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "255ffd2b1161bb8a53626ad3920c40eb5f0f63cb1d5710969abf31797f8771de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA0 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "85f9cdc44ed670c411f0892b769e91567f9a81bcdeb92861fcf6e2ffc7773f9c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S453-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92c197c09f8aaa2e20427f649cacd1484ef7a345040f54eeb3135745b6f671dd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-ZO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efc056c3caa782e178b7ade2333316ef39a0a6e17157c68a61927b3a045061e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-Z6A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ac696517ae7da9f3efe81af66b89b5f7b24beb6e09aca06e61e454915070a3b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 3.0/4.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ad038a3b127e95df1fc8fa61bafb96a113fe0093d9ecee66db9ece973c5a257"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB2 (rev. 3.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "225cea866d8c5843d32d6edc97764b69b05707e47c9537e6e6e7f4ac06775816"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G152-Z12 (rev. 200)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e7969888310f2eceb73544fd8108eda95c1a3ea62ff57da93c643bc55b898f50"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d31512a9a475071b6e14a03aed7c5286aa0c622925d7a840bdee7158a7d9583c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H242-Z10 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1096dfa8e4e5f5d2410eacac73c51bd1b946bc4d2f110a44e8c33f53d0182eb5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R152-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5297e4a26fd8ed927abcb2438a5ac2a4e35e770d06d272ed77b3d847bebb11fb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3-6100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e81cd2760e4d5090b1d0da86309ba993256d88a4abb8065ce83266bcf4f0ca34"
}
]
},
{
"defaultStatus": "unaffected",
"product": "E283-Z90",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40d4956a427564b83b0c1a86f1c32510feeeb5282eccfb211bd29f0a0a7767c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R163-Z30 (rev. AAB1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "58a47d7e153b03ce005686aac24bfe31f405a7cc4670b826ccc775a839de7ee1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G262-IR0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43dd7e97fc6fd1fc0ac1ef601c00eed9ec9b5d5325243fb8c6f0ae3517fce89b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-280 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5b7eee5f852ce1424dfd476d8713650e528fa359f19e551b7adb9b6a12ad467e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-H80",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e79fefca976e762f76a8ce36494928dc2ba039de02b69659a87b5245cb27ac2f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-NO0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d04141fdfff53843c10ef247e885ad9fb62ffc58c89580718ecd2b102a590f30"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H262-NO1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ca65772cdd5fef0d287957d5a6e308fa1126b9b40a2cd701e1190e852ce0bfd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R182-340 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ade7666d9e200c0929260025880128674b63349911f1d03857a42cf753f10b80"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-280",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6917b15d532856e0c0f7cbfc3501f4d5c273616046d94695e01ce07303f6011f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G481-H80 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "53a8edb12be4b79c231d3f950e20343f20f3727a6544504259639fa6506f2457"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H231-H60 (rev. 100/A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "56289ef76755acc7f4e843b3ee0f29ec8f063f113f640b157d095d18a866d874"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-2A0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "01c95a23c9bfeff78ab2b6d77ca33e6a967cf624d1afb5fad393776c79a25920"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S251-3O0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "303797b38020f7b91381f887954f819112509c4b855ebd75c7a31dd227acf1cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S451-3R0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9a2e7d55dcf6e3f7537515d2c6cb0e36770a5fbea7a01dafe4a90359ade90eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WRX80-SU8-IPMI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "249510667c5c37bd25d731655d7dbf18c5fc2d8d377c0c2326810cda6d9c0f46"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R292-4S0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1dcce1bfce8c75c3fdf8a307ba7f6d0231504095e1c4e6bf2166a4cf75df29cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R283-Z93 (rev. AAF1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcb8c9ec0cdddcf94852ac34e952a349af1ca970d825dc239075286875a9257d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNE3HG4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ed3834eedb770cbb44be9357c5b05d9800ec9577ba3eb6faa3c47460d78814ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R161-R12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "523e9d1bf5710144e36f9535141955dcf9a3d075fff092f6b4d1e12ee2eda562"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-2807",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "16f990d85b5a42e9b762a08f69614b0c6e3f5c1236364ca38efe92a5dd729bb4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB12-CE0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bcf637c0c5be2018d76681b66661d1e6f061c2e1366124f4ef8754c074f8a95c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R263-Z30 (rev. AAC1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92780ca87316f207f58c61f65bc8f702fbb2881688d9819dbe8ebbbbed6e1f67"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TO23-H60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "955038954a0d1463be658fe518b6006f9fde166b67e9007f3befb9cfa62e5da9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR7-4700",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a462c1a73072f541b6719e4cdee351d44a7cb3593dabbc6809b5b387d909eee5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR7-4800",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "424e8b46bd3feec4aae4ec33eae1ca8658526eeb66e121adb244d3c322dd005d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR3-4300 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5cc12fd686928c97fa7fbfda17250579adc4e7bd11e46e88650de5ebca6ed03c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRR5-4500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ea44803e9b188161126374021e9d845136edd676d33fc80e5f9348b8d577a87"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W771-Z00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d07d7094aa0dbdb896f8d3dceb093ea8c1d72ee0009472ece73190d2071aee6e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB51-PS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "372c9a6f86f60d7cef6ae2d2ee7ca0d55df998ba0a47468668c6758b3d3db725"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ca8a556421eb318b0e5901085e97c448f1646a1636e34ec6e4d76f4a3d61f601"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD2 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c8ab653dc8a40406c0a8a4d71b56059a2f9b7c7ab9e883290acd071941c7bc25"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW22-SE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d369b68d0c38afedcbb0eeb82f2d06d486e9c0ce212ebe3b0d9f8dfcdbbbf5b0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX32-4L0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "78ce8406e3b09a3450d41ba11c1dae91456f25c796441dabb52c7b7e261b3a69"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW32-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0cd64d233ea4db6db2a90962d2888f4e5b967fbb24fa944ccbbfc2c02d5a358a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX32-BS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40234a98894a9855db1a921ffe9d272caa1e5702dcdd14afc82f6a91753fd460"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER3-5300",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a3ab1a934f5806b5472f13257771924e3fcbaed289b2d6a860ec2fbbfd2d0c11"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER3-5400",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "06879fa2383284b0222247992f7d359bf5d0ddcebfdcd5b42a20ee5f46a8473f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER5-5500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "68f88269c87ecb16f9b7d9269005ce505a3498b9e3440054742481a2254d5aea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER5-5600",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d98134626baccb58d0d97613efeae6d504b112a4f8d8849e2599ceecf55f7fad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-5700",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ec439231fb2d3491a63b173bda078a128bf02b19262b3549f3a799992442d9e7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BER7-5800",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7704838038c24fa47fadd54f19c5911fa39823ecfb5f451db59271112a07e777"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMCE-4500C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43cce322b194b9be7bedb247098e8b691878f238b14199cfba11af4422b3464d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMCE-5105",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c412ba0cc85278e93f349b9fae6011982f23f8f3a7b6539a36d90b551ae1006f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BMPD-6005",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f14b4087af44921d294462fb0d65259f18af0cc23b7ab1c5b87773b9c3c13e4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi3-10110 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6626703c5940d244a87f2967f0c54f4a5a7b53597dd92a0b561f28a2f9a9161"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-10510 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "af98c4cea319d387751cb356a28390fa630a1b2f66920a3202b37e0acb861ade"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dbe505cc1f3a4135628b7e22c7fddb99bf3ee1d46f82a84219e8cb0905c20ff2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d27437e85db58b607bc173e844b31dbfb8b949ea3c225e13377ae942572c4611"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MF51-ES2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9bd110e7a5a1e1cdd77af3702309d98f748cdec6d25a5e76c04f63417e2e6a8d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-Z50 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0b2bd8851706081fb9e310e5f4a7a97c3a0bb32eb7167a609e602ba6cec1ea89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D3P (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19c85b8fbc25322544c775c9fdcee793a563d51b32ede6b29c02248e0813f42b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSRE-1505 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2f18902d7afbe8d900b6552c2d7a86760f05c4698c1018053b2fad97f6ab51f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3-1115G4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f6c034629c0d8df05227f4e7d85d02d8fa52d7fda0940fd4f80f62a23be06c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5-1135G7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "baddfacc85e4aa97915493c4f66cde6002104bfc10ecfa3839c4fc6e32597953"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7-1165G7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b191f4293202c488ba673c288bb5edbaf506a9835a508ec38fa705797738c918"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PH",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a5013d7b2208a6c2d1ea75bbef06711be676430321f4b275140049d6fd53f8df"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PV",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60d70e509fc3f7c1da701e5195218f20e297c11d2dd4f0327ea4d25732c120d0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z20 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e0ae28d4aca350a31f66402f4b0f46e05e4aaf77adfc813179a7df20c8f4b148"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W331-Z00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4f7c60d69e3c374da221c2ab2d2393794965f2e0e1cf296f5a64d4d77299089e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5534cc441ef64739b9609ed3160f296cefda8faaae992448baedb01e9310be7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "82f181dfcdb973537274d8fbf4ad83d60ba8b7315bf99def64780a8c29c6a843"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 3 Pro",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "810a53fa70ab5b27f2dbe92948b79638dc87fe6015f94c41501562a47805e28f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 7 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee03798b5db2710360c33566b2e61b46bc664ff8a25b257bbfb620c332d70f2b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 7 Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ca7152161d4d3a65a2d4fa707a3784811bbb7507332f1c82662456f5f76b5a5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Gaming 9 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14d6cfb20110768c3da503050dd9222a2514aecd0ca49f2c08e64bf6595b0cd2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS MASTER",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "326280954738ecffd23930791fec6dc0ba2b9774c85886b98d33723974c3427d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Ultra Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "91933d348054953096135089baa7b6ca61dc43e9fc25dff45c9fb4dbf9e8d606"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 AORUS Ultra Gaming Pro (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "22869435dede4b52f75a6b82266b67f8930857829185f97bd322c3a72a8899e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 DESIGNARE EX (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0a1aa3edaeb6b389a08cded1ce036ea9178527389ca1549442a35f8b1b2bcdf6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3716034ddd789a3e8e1c688a477e4735f228bc3acfa18b63e719d7cd1e8fedfb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299 UD4 EX (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6fbe2e27bf4b4543e39c88a4702f487b15d02a47b04e006759cfb6432d82fa0b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "X299-WU8",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d15d9bd6d7980d27bb56848643aecef336c8ff0a695e155071b7dafb1f75d08c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-Z60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "826f711b5accbc542c3e33d607f1dd10edfb3486772975f204aa2de43bdb52fb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ71-CE0 (rev. 3.x/4.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c0c4215e8207d397914a56edf50428f01ad3676c23630ef7b8c06cf36e45a7e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z40 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fcbed542b232be01a0ed2d52dcd3dddc101fafed3da9f3e3aa6b17b652e640f4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G182-C20",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e133210fdecf2d57cde25b0bc706437210318e37655eb22a97000bf27a02c177"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R162-ZA0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03e23d40902c4e68730e74ddadcc716f46032774001e1b6bc606c5294d4bacf8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ72-HB0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "390cd14f2be9ff14cdcc90a9e705cc017bb2535e66b93859eddc233425998937"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G221-Z30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e8b934cc0bd3127262a9e52fac754d64abe27c09902a78acec81c0daf883f77"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-Z20 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8d49dfb69b420390cf13ff8f3a3b3ab88e5dcd46a182c4ac5be9868bc6278c35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZ71-CE0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3b797002d243cbed1182569ffc6b5e5f6243e59ee27bbabae7362fa80be6e91"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-Z90",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "24be564cb337350bd9cbf409cd95f29b760e1ff872f99b27379c40b533e9f2e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R271-Z00 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "99f913a3f88561d7163bb1ed79380dd346897e577315eef71695aeb861e82579"
}
]
},
{
"defaultStatus": "unaffected",
"product": "T181-Z70 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e42a49d2674808c57b781e8b3d78613a143ba9797d1a856ccd2a62302a49520e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-10710 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14c74b9b80e71d3302c13aea0dfea3560e1452a55c698c20e457c5b495154443"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi5-10210(E)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "56430f2f4f9aef4e50f503dc8397fdb20b005bf38a8b9029c43e3eed56c39229"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD0",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bacd1c945c9ff1ecea3e29039ad8b742c6d040e5792bb45008c1b7f664fb36bb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z46",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "31aa7ba19f6edb9472a3da22793803c265a0cb0b7cd7979db56251c37edcfe5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z90 (rev. A00)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8cc6129ba23848fbd65b91a9b70999aad19d3b7a6d168066cbe4a0b759fc5a5c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R282-Z96 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "605db3a5cf91d915929488803446e5a51dda16d661e76840b707474d2df79069"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z50 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9b0c2aaaef88b38db18e4efd44b2582c8401f9a17f2c54d0e1f07d2c94a9a5f4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5fb07e319cf6d523a488d879e7eeef3321e90fbee049efb642b34ad2a32611b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G492-ZD0 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25555956322c0eaecf58fd759ed9b0b7857f9dd149b02de55e2f5eedb291117b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W281-G40",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f7c504d3d3907aa4c7f70ca1fbe1fed7e73426eb987b9c5e2f6b31d42e801af1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW51-HP0 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1190d15905ff8656d2d0601c388df633b1646fd585de4fe871fdf93fc23d35a0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z53",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5f61e3f93c7f6615cfdc26efce6a83b3188d697e2243643d08d10dfa9de8afb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z54 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0fe0c762e396660fb30aeddcf5a5928af864eb44399271ed975913f36e46190e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-4570R",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3353c109a69e6fdd86adbec899e2669cce724bc35db33a86fb0bf1c81a508c2c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621 AORUS XTREME (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7edc3eecb5d5ed515e06f8130d875fcae07cb0c7bfaa2e4cd8d86862e5ecc256"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MJ11-EC0 (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3631995d059e336863527f1511894bdfc61361bc0691a430b3896fb94746aded"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-E6010N (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c9c8f182cf3b058d12bddb039d8a3f3686d1c325c9b2719ec5fc8644e066274a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3000",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2da499751e8a5446ac8445cee5b95f6bf75ded5c8ec6738eb67f5c4ac2081c32"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G291-Z20 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6d6107f0d094fab41eaf6073089de8a0b24bb7a66c5851f534a8f1d26812c3d2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-Z60 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "edd3eccfbbc2ef2ac40e723697f67a346fca062ddd6679c5ff8cfbb91d3b6afb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-Z90 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "575fc48c70ea9ee40f8016ea2328ebe790e7e556333a95b9b511be466047f668"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H261-T60 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b636c9fc0ec84737f2238365e71c23e9227695cd5ad52bf40dbe8290920fb60"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7HT-6500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e9bc71596a97741893377b2c52a13b5b2ff0a7b6f985af40725e0755d2c537c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-SD8",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6ad23c1fab3f0a2babb23e7907385e25a06801c2edd50d108e5b08f923855a8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-SU8 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9017e90f6c47a9d9560cfd92206c4b2e624cd91cd7f0680fb75dd972ef9582d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSRE-1605 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d72f64d5a25b9088f7fff456d3783c2fb0e7926cd4de6469c6c3f57690830907"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming G1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0455dd8b57341d5667d4c4dd71767321c3f72770f84db4e46f93d31e50b376a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-WD12-IPMI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0215ce75b3629651d0c64b0b241095b58f0af921cec3022c524d531c22f1385e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "C621-WD12",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f528dbe55aba35bd4e5d55fe853afed41c54d78719765944a5ea74dbc062f4b5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cc7b733f36b027823b3f501864d74397d308f8bc169149cca5307855234a4527"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900N-D3V (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19b4ba1388707838d0de17b6f2e9ce01f70f728926ab7e2dcc0566f6dbce8e90"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G211-H4G",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9546a8c62b6d285172acc0ca17340040cd18ff76bfe5b9e7672824e948f7331f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW21-SE0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60370916ce5edea7899125ad1b470d59cc04b0aeccea1ae5474f78ccf187e4ae"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW31-SP0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a89940e207a6fdd61170536d0d8fe66b4584c38a804c0df15d23c0cf30d49e35"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R121-340",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d2565f697c692df559b665d0b97b3743c9de07c0ffa83b0fbb5b86aa821e8622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R121-X30 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2ca3df4ff24732338397d64dc81509ea5a7c4b979ca3f2ee6c7446d690355c52"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W131-X30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7fb3aff9b87102cb3535bd80904b7252c40ba4f556d9f355a45fc9003cb29e9d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G292-Z42 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "09d1d8dff99b19615f14413d6ba20891819d481b12667452786510209344095e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G180-G00 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e32576a5522533c1914ea8aed13f238022bf60eb6fb86ec5393bc8ee56cf5a06"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G190-G30",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cbb6d5a01124074eda2161e53a5128e0d0d8eedaffa55b14c1dfdd6fbc5a067d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G190-H44",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bef72cba124fcef35a3ccd67b94707f20c2bfe2a4f4d89f3497affd72b8c2a73"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G250-G50 (rev. 400)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9424cd10408253ab228dc2125524340f5ca53759e3ad4e996e7cf0320f41884f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G250-G51 (rev. 400)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c17b5d0b9140f95f5317619866739be362765e6165292cb183f539b6758f34b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H230-R4C (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "59a3fe40e2896be666fd2712f7e5176ab10ca9335b39bd04fa48867ee607c066"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H23N-H60",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d4fc77114a472bf1902a66a35f51a11689446c8d0dc18000717a5f74ae6b3a2b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H23N-R4O",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a5cda726ef82b73f9c764e39a64ceab32e4d6e238c3019e06d3b7f2218d68ea8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H270-F4G (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "934742dd01634ef45d78c2a7f9f3e89a0db2cbc7baf994570cd8b64fa4491da0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "H270-H70 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "499d17336ee9e6be59a733507c25f7b343933bd728f296f6ef08af611d0a8ae2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD30-RS0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3b9ef069c1c67a9caa29f8eaa915605cd0bbf1edb735d92abf2c4e959ca4a726"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD60-SC0 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "473033483d404754621122afe34dc8f8f47432bde116cfdde03ac38fdf2fb054"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD60-SC1 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7213c438e3f07e82dff82a5b6cdeb5f80e8b82ce6e12fc377732a8df2c527bfc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD70-HB1 (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7540b3951f0ddc6c1c1f4eaf062525f55a1c6e862022e4a545530895510d772a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD70-HB2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0db641b3a89e75061d6af75e41e365cab69a819f6880d4bd0a0f4ea7960fa17e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD80-TM0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "15f2bdadf43e6d3731df0693552d4aa4780ed958dcbe0ea4ef80bc27510cdc85"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MD80-TM1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "298d5755fa084d9268d09063222030993755cee31f9fe5429323b830c8c3f5cb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MU70-SU0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4b5caac23e6866a9bbfd7962a5557ddc9b0369cdce09b664910b35bd66e690cd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW50-SV0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cde8f07d2e7d14233748df612e113ce348140090694b96c407053fe4e6e1690b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MW70-3S0 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f8c314404f2801dc3b04cce95fa27a97f58459f9d70c8e3b03bbfd45bbaf5e40"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R180-F28 (rev. 152)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5d3bf4c8452e70a4ee31e25cfd555694af3cf64eda965fade0b21e8a262a2c10"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R260-R3C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e6bc9c983e21a0cfcb2d86a9dc88c28e5ba33387acdff81bccd6caf780e4619c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R270-R3C (rev. 143)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b6d0ebe479ce082420f5412fc099860ab825450e58d96a6b33c5013ea061864"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R280-G2O",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efaf5f327a471776f0a75a2b8b7f963c8ab72190be7f606d51a0c04715dafe70"
}
]
},
{
"defaultStatus": "unaffected",
"product": "D120-C20 (rev. 230)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cef953fd8883203ef326a6b195a90328ae31ddc10736afa171b617a906fab77e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G150-B10 (rev. 111)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fe702d3ce5fdade4ab194ec43fcf6f0a070123ab547ae49b9cbaec33c474dfb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G482-Z51 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4dcab1a378bb4cc541f210917c563b95dd678e185b4d0dc8483b175cbf9097ad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MB10-DS0 (rev. 1.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3aa61cde7b1886fab7e60e077bdb39d0a94e3c451593d13e87306b88b4e56a80"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZAPLAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cd755796109542b3da08826c56951102e5034c76428138d1a6dd4f1ca29955a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3350 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b22a7a1693d8cb2deb608f8e3ab366f5eea0e6bdef6ddb03a86d599fb2efdd48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3350C (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a42535bbb37725951ac18b0fa9b5771454ce707bcdbeacb8120d0aa0eee0cf1b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3455",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03662e2e512cfe18afe431d968d60e944af5f7514f840754864ee4cd97990130"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BPCE-3455C",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47b54ae65d44b227a3bab252fcd465df6e6d4875cf2511f1261f1c8e5b196e1a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EACE-3450",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "421dfe54ac2554e627762ea96f454f95f7232f3f238dc9f5d5fc96bbf284fbac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EAPD-4200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6009503816a44e0d4fa7d0d74ac7418b6551e31e58bab97390711055449e52d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB1900N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cb4e9aa8b2416ed2fb7593a3c93d5fed07d24d1f349761a1790deb97778a565c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB1900TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "93d6ae2ede6573f018ca1dccc5b686a0461a0d662a353511a0b420a10935267d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "W42G-P08R",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f0d6176199b56171ec12bd663025c664b2bf3f8b844bc90edc8dbc3cc062871d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MA10-ST0 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00f354e79abadfb8b4aea11bb07c3ddc16f00b3055ec8c221ad4d69538bdeffd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11HI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2fdb64f2007196150cda167f3eb121cedba80d75d0b79def30c4d7155ea0b2a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-GZ1DTi7-1070-NK (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0d274a7eb05cebe468e07b2e6692a11c90f222d18077b3d058fc02b464046265"
}
]
},
{
"defaultStatus": "unaffected",
"product": "S12-P04R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25b628eb776a57d9fa45cffb00f8f3347cb9d7c2f3c33712348b85c3ecad2d4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R272-Z30 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fbf652a641fc3d847c148abb65130f7eece7a51a9c6607f1c403a8bbdde6ce48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG4-1050Ti (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a0c57eb7255f99412b62429f165eeb1f8a297c26a13eb6d7ddbee91e32dbce6c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-GZ1DTi5K (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f37453e390737ec297686b784da5aad11acbaf8375d377fac533caee996c1d66"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R160-S34",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "898a0ddce89b59e6993ea651b0a0d4b54752957b63274dda75160674fa0928f6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R181-T90 (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c02c66a7d393e7bd8cf757197bbc6bc22fd9f9b38a8a1068166eba97bc5b4a29"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11BM (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "410a0aebc3826f029ee6a4cd0c5816eb0676fe99a0b112e8ce55e8b2f3b49e6d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11JI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "05cb527ef122bbe9ebe54d4678686e6a21b961f16392841f5f0b0bc3882a184e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11KI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "945d5b0e567bf5604ea9b12fc7f3f3bb12ccfb1935b9de78c9bc77241632fc9b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MDH11TI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7796142d4d8a09c6f416d5b3cd452caa659cfca40992683d7f8af55cf4e6a7c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MFH27AI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4d3a05e1006e9d5a1045ea65277cc4fba148ab4533ccb1b6d52ffe54edc7fffc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "J4105N H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d1879acf606abac026703a7fe242feb538192ec6f01642ca33ba6d6de55a725"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160N-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bc5aa15ece1e486f4b7d31c5ba6d45382204c115e556a6412d751e25703a4a7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi5-8250",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3584936b2dad0ff3ee3d6b167442d39dce8400e1016267462827ff20d15dcdf7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-SBC4100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "873e676d25545b3d6e133a2c85cedd5a4627a11f67513e54e6a99e812e7618cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi7-8550 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "591b486bba979b64d20fc90bd63a5991b7df16b5aab1447de888e3d6090f1086"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5A-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e13105b80056966dee303194e6eb7e2f622dccb80f5fc5780100197d43b871ea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7A-7500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "002c5c88a393a9da6b48c30d64bd702f6b50fef07c32f45b7c09f40fe2f3f2c0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi5HG6-1060",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "289cffe9f81f1e9a9cd087bc529701a9343084e499684caf4d34bfe8db15f3f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7G4-1050Ti",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9d8b09f7fdf906dff7d92049fa20921927f3cfebf564455eac78ce2518ad03a1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG6-1060 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3835eeda7653120a02ce98ea98ba75ebce53ac1efabe3b81d0b6dcc9e611d1ac"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi3A-7100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5697a205b0e85c8f31e3538135e32b72ca60d1652162c30007d94ad079096fe"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EKi3A-7100",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2f7481194b1e0a153551fbc9e68fef59f463882e3fc0238673ed6293715366c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-EKi3M-7100",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c1cc2040975c62eabeae3df92e63b2c1a22c690a97edcea1576f83e975355db4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5HT-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "47a969af17efdfe04690233319d36d12ff820901d0817ce17846281e7d5f49ea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi5HT2-7200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0aa384720b8e5c0d09b9b0b14cf14a105e4b607681f778bcaa202412e666bdf1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7HT-7500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f61c63e919c797c1faae135458e0db89f288a1d05402380823562f34452806be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BKi7HT2-7500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cb0603d8ecac9baf7de500500990ad0a7e9068dfee69f296d62de549f69f9b1c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BRi3-8130",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a74d2353acccf98743271fd296b2bf6f1e047cca1fcaccc2fd9095a7f72fba2d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iTXL-Q170A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fa7e7ca9fd48d608094d5f56ad6f0166db7be91862666abbb6fa631055b98f5c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7A-6600 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6504f61ce57f6caae37cc7c56910267d18a1db46e6681178b6807f0e26ab966c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5HT-6200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e649eb460cc049ddac440fe93528336fa42bdd9cd7a284ad9a2481647b57e75a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7HG4-950",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b772a8c72de61e4821a04793a16c8dc8ff7b354fa2a0bff189d879df254c9f1e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7QG4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f4426a3de06ca8015af5798b631afe601a78a069be9e70fc818222d9b4f679cf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2H (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ee21f7397347f3b42d5229b41f9d9a6b4be739419f6f2bef1c3eec8f5d3a17e2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3150",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "66ff6219a24fb3662b7b3d4fb1fb7937649dcf052cea4364d4c9b178735807f3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7H-6500-LA-IW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9e23a81c581d5e6c351c2cac1a944ef5759271739f6150c3ef6857bfe401ae62"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-IMB4100TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5abc359c698cd90030a597105c4ef899e4ef56271b9e0f43c843408b9fb53d33"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cf2df7d9f1ff5f087021f7b47cef6aa3efb47cbfd639f730512bc630e0c91f81"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi7G4-950 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "210688036c5ecadc5d764691d511e738ff32146bc69f26601fd45321c65b0c7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSCE-3955",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "327e84e3cfce4cb086435232d033a20ebcd4b95cd5aa4b85cb92206f44507170"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSCEA-3955",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6e166fd67041801b0481c69bc271ae73e0657f1078442b5740b09f6774128e01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7A-6500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6662b3f0d921aaee11ecae2893271fe861524620b05540e255d1e364aa65abb6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BNi5HG4-950",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "030031c6c1b9422a56ed44f04efa2ec84fc8a2de254f24d14989934f613d12b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSI3H-6100-ZA-IWUS (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6399b690346ae7ceda0f8dafbca5acd17ac4d796619568a51cc8e50f5b630b42"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi3A-6100 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e7049738618fc298adb3099074b3419bcf553f0e54acd9ada2d611fe64925026"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5-6200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "044e3800c05a232d4a8821edc28aae7927474c8814a385f717010ef9b12a5622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5A-6200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d86ef77e6d28671ef838b314840a4ff9237798c058244805b3b3bc01010db097"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5A-6300 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8ca806b8be055f9b5df84871c469279930b34b89de515068b1cb30bfa9c3cae0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi5H-6200-B2-IW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "40f56a09ded19979902613399e9d6c84cee02b72b7114cabac53629fe2c068be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BSi7-6500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5cb60622a0063c6d261c5693fd423d7fa44d826e8250812f50c7b9a28921712c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3150-FT-BW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c754aa67ba523b595de11270897af05dc22907a4fce3f4880bb372b1e18d9164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3000-FT-BW (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19a209b004631abf16b5f6abdbe22b3e9578e1f5ffc4bb94b6601fb612ae47f1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-7PXSL1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "663977d4a882f59c8a8791d427ef4431ca63f89ed5683a4cb6d61006f1b1c8d5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4260703c9695e6975438598d85f4046bd34a1f16f77fe797b22cb45b4428f83c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 5P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e5ddbae819b82a8237740cccc23cee00844fa79a15e18e6187854b29e7e81a2a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming 7 WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b767595393d045e4adb4225856611b3a51848a17495666be273823220a0dd165"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Gaming G1 WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3e85abb0959e87075f3a91e0048163e92c1831edf3c70a4d85f6ebbe5d56cfd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Phoenix SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fe510a8d06c948ca3e699a51d8f60bc0411df8056124d5e4a993cd526da8a0a5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SOC Champion",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a85cfd3acbec43f545c8586b63aa52622d9fd00303bf80ff3890012032699ea7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD4",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "95eddffa23bfc032d7d65b730d49a4d87bdaa93e349fd9e30dde6a450b9a9bff"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD5 WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "36b023bf42423988805835e5b7c48af57c0b487c7308cfaf5a7a0ff75e3ae8cc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD7 WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f93b61306682c563bb68ecb67dea64f9d5b86a8e1c7cfa7fb2b4ea02a15146e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Ultra Gaming",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "90818dd14d621360badea1463f975a367952e2a0d43e7dc73401a7ab0a2d3a1f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99M-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e3b8e6db2e08d8cf93dcd44adf437d6a6fabfa7b309702b35f7ddd4c1790734c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-Designare EX",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "71337bea704f642aad176d64c9f64fdcdb9f38f8107294a417c9bce7a104cdd4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0307e5ffce3a9981334d7eb19b13caeed61ab8074212943438b4a423b5d2a9b8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-SOC Force",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "678f05bab483e1cb9cc2cd51415c920bb4307b31ff917dc46cc44c6c2083b5bb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "295417e80fba51a322a02a7e4c35ab04af54a48355711066339743e88e3922f1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "51c5cd38074336d75c166ad86a2df881b53b4fed849b538e3281d1bcf0502094"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99-UD4P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "27abdc6ac0e50d6d6ca0e937c0a7ab1efe8d2c53c46532b68f0cb1a5fb955517"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3160",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9cd9ea2490848b03659e0e7dd7871ac815c54080e5588a530afe35cfc1ed585e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N-GSM",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "01b2fa505a7a377587ea64b20e1a1570eb7f6567a9204ec972ae478998236a0e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MVBAYAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "86a0a4b3efcbc51e14a0a307a0efe343c7a7e3e2bae3a6e0502869f610034ead"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAC (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "073a6246ab57b038afd9050e2dd017aefdde6dfad5d61b80bb2d5c3c71134b73"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAD (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "be9c2feced70f810a5d08ec03dd8e7df75f9abd066a2ee30ad82136f355ceaf7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAG (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "305b23937168ebedc60ac6756010c07e4588c48e9fe4694fb935945dbf4be6ee"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ab2b4adb933a22cc5b3b3739e315a68c9a9a3dca20b1ae7f27713c0279f6670"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBAYVA (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f96a77ebf7806cc05507582f25810237aeaea30ef819dbe90ab2227f8a36ce8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8bc76dc04271ff2014eaab3560bbe3177cc08eb3337f4f512c7d44b98a40d1d9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-HD2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "713c6e95151ae02f075d0391a12e47fa2aaeed199379377bddc00590ceda1795"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b66a10f650f73f5497b22a2d45d9c0bf4df9a987668c4d617e62925c5c26c388"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110-D3A (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "447d66dd22c3af2bbdeea4b2a766cb3fa4442466d0c02d62647de9f3683cd6c2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-A",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a04064b45ec7d0c5b6ae123d779095e23315e6ac1a150d4b3190909a2237603b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b1276f7ad8788d3db650a672e6ce6785d5c3922d2bc5aae554ad1b48b62dec5d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150M-PLUS WS",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3ba7690791f1adeaa12e45dc9adca1ee7f08c99bf5f1c51961c6975d1cd14770"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "efb150fe9825a88101d934fb5a9801f970f6e734e758344062d37152e8baa1af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5f374f38948ddbde29b9673cd70ce05e27af9f3be23a7bc086f37f35a68ede4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H R2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ec7f01320c848a88e89d3db821f462448f62e5ae65fb4fd02dc3a5602ad1eac0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "577535df524a000747a1e15828af3de0cfe6865b0b20170d024974d6b5b81160"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-Gaming 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "901396591f3682b308f9cfa279cf1a7f8d4cc6622a9ca799e6b5e1d5bf769f2e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6a24bb276e5c9b05ac4cca0da01e1b381245a0d217efb5190543de6ec41b2505"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-WW",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b565acd86a3f4e294d606bf6c0e42eedc4b7361f4adf7c31ee4a806b54767cfb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P110-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c544cd0b03384834b08b784ec0339e2b91a129ee56e7f4881101a10af567e6a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8b02d988ee00fe78039974032b856c56e741a4594744b4f6376cbe1df8271226"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZBSWAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "41bbe9daa5808a1c5b9836a654d6c6d312ed7034c304f963af28d13eaad84340"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-M.2",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "18216a9c0fedbfa3a8c8cb3380845ff086beaec130296234d58d02d24fe051a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PT",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "210d858cd9ce7dbb1b76277fd580e1c71214d1f7ceff46788efda64e817fa95e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c80df47ed107f7ea4eca4e15a55fce37f1578b985ed45131b8c67dce9ac2bdad"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110MSTX-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "55099b8c517078f75299dc02afe1f09167bcd7760c0f46546cf4f8274b54c465"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5fa2136e6ebb55d5aa3c0bcee64bcf4506a7854ca10fb5a43b8141ff4bf1275"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150-PLUS WS (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0bd8853cb934be142b7edb2ef31a2031fb348a6ecea1db37e466dce25bf7fd6a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D2P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a08c05bf56e1c4e4d180d69266bbcb244e7e2f85259d86c05bfcf5593cfa33f9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800M-D2P-IN (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98372c6dea313b0660ae2f1b1c80a8a5d7e93ce07010621392faca75818c0fe6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "af4026ab4defc142e75d57ae35e7ef4492fac8ab6c0cc55c6de47f3e21f5ac24"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-D2PH (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b2977acab6438edeb2af8a4e3d0c353fd89e9b2d47082b528c3c23fbddbdcbe3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1800N-H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "464be29c2ee1a3f706063374be13365d0a296776aed73fd0c8506f1cdddb568a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900M-D2P (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f89741fdf7f21d8670407a4b8038e75319d73486009e08a795632e94fa27df82"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5641071fccfc0169979343e131d614caa71a2b334ffa45d1ee10817ccef73d8a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-J1900N-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ed85051f384bd7694f0a86322c705f819cc18a0ced71d4e3c3946b37d4f3abe7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LASL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2c0e4341f91bcedf78c301778d52492fa304380cdd15bdda725910cc6709e033"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LISL (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9a8e636b33372a34e9719b8b20d2073bc56f549b64e5af83fe617187a51b97c1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99P-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fa52c6150c49a84699bec9739b84f5a2c073f4f69b1bc84028f3b2cb15b2167f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper B7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "92311971e888a24238c48086febf47b2d0820856e514dd6308575291b6de4e48"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper M7 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6051ccb31aaab7240147a1fdf9b8f444c7ee4bde73ffb4baca63b02bc77dea81"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper Z170 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3df7b53ef2284dd2f3385aaa589f87f2e3fadc93d2755e28781452a273d999ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "878450f31de9dd84201895e81547ada2085ec94608d7fb6bdf84d73dc3b98538"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d1d3adca998106090f4b2f08d6c50769e88e944ed640518d23f8865102c2ec0d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150-HD3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4cec11820244f485baa7f61d50e60a514b0c5aedb87d1a26cd6b6fb153fdf9ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D2V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fdedaff9a18229027689f23bef37cd8424e248412137bbf710fb6163eac6ac43"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "da480d23fe57a6003e41f8c88e2aacbade99186f0b62ba4561663b346e9f96e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5fd1eb03f29343e1ba70dce50264a7143129fe60bde396f6e3715330623db8de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f2da89fe72acf6892b139fd4f7a047c30eea75cf5c572da6f901511658ae1522"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b3148d78c2efd368e986a43b19e209f2ad4817e8a4ef41bb79c57ec7b9dc09f3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "086d80a421ed4cc907120e6c96117c3b69b9edaf2ef6951fde7d3dbe6ea4c878"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-DS3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e69ba3bdca3335f01b749abb84c702f6f926eab3e4d6ca70dd5ab84c3aee24a2"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "639cd1a8d45af689d2fe1aea44b62d2110146b314f39be8a5d472e412842e61c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "94a5124370c2d66b38a568b3d8be4a98dd8d2e25313b68506f7753c4d60be97e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "825b4bc9bf807631611cd33434d1455bca3d412b9a03463fdd1092c54d5ebbfd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N Phoenix (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "12886ede3cef3c93c4602ff26519a04c9143e903b103006ca3805c3df2744c8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150N Phoenix-WIFI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "330f761ad2d43d72a4a09776d76bdffdfdd88d4ddf6002e0056e2826828372ab"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fddafb4af375516cb2f72c9308852c88738a66d57af9deb08e9a10f1dc983499"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-D3H R2 TPM (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ecd2f653fab0c6dc0ed24c68a8f04c454cf8dea68b58d149e9d79758aac2c54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-DS2 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f71a5cfc0646d85af2847e6816752e81f3b4d2a3ea5fa94516aed9464eaa4024"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a402dd098614ebc89fe70642661c52da9ed9ba0b21627cff4868defc97db0274"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2e24220caffd6ba7c7e1835f12740073a9e3a826a1ffb9bca210756c224eb99a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7802bf1fde1f8771ff7165acab0474471598a46df398d7db84adf911d2d37260"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2HP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4b0a77259b2af63a9704b094688237ff3c29fac1c011a373a0f2537a8a543d1a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PH DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b73d5f184db4524883fae5f01e681f52371964740bd6fa957998ab4d65537732"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2PV DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ebd6b43db01ccccaffc4a08182e03cf6633d5371aa69c82f7300141277fe7d7d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110M-S2V DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "756777ea660defef2629b8802bcbdd29b61020fa8ae8cb07045a7d5f991f3508"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN-E",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "879f28f51c3b235744352f0808b6267258131f2594f3ff85a6938401e73eb9da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H110TN-M",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "50f77912004b73bade539e1c3983a7ab78984b8590a64d3e030ade4352c49eb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e4a209b19361c13d7a18fa41d8a257a22f6c806bd62f04dd24cd77abd7d3134f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-D3HP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2e1be66c511bc8367a2b1ab41a3ca60cfe46648bcab2d5f1f5bdf5df14de1c05"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Designare (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6ea3c21e1aadbadfc2e9ac0860d94eb87e6590ab37f98326e00b9615a13a6208"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Gaming 3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2cb69c081c6413077fd076d7230ff816931ae65bbead2f94f0b12d33e1861c9e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-Gaming 3 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eacba20ef05b116d70c6344a54486bb7c23a131d7c897f5399b9a084a5bd5205"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "38643b383b7d51cc53298693e108cc293779dc43f254b2e2b17f66a80f9e4175"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b3cb86dfc649346ea7ed4c8ff117ca91b59435b9baa9bdd8e6f2bde1dc1b1124"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "60a230b0a5722bfbb364b6d64ae3e1b1cccb6161bbd6f8cc034977f4d283b4f7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-D3H DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1c6801b8a7920939facfa379b6141016651601971156e426db947ca40b6f1708"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-DS3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b9ea15324d90a1b750cfcbf964321370a56b116b44a0cbee2035cf11ffcc0ef8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170M-HD3 DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "78bff3425a6b42b846508850f03a040c22c43566947ac1d039b431fb80a31451"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "03299dee42886b0856629da99bce9cedee322b80bfbb89aa6943913d2da15e03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "523817566d04fde3f7fc0215b4c4758243319affa5c1819e4f041c290a36970f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-Gaming K3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "db4668c191b9266a2afbf974c348885a9d10a3e1750d1e100418aaa896a5a103"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bf0aac3f13b0d68c6a255735eaed4000c7e5f09748818746b4a1038f0be34f78"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3 DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bceea4f950f07347b40c579223456984c0515a2cc94c4cedbbea3c17e1c459eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170-HD3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "20607b0f670b297b45523730d2204e46603cb3c65f47e6cf8293b07b7b1178ec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a34cb81eac53b0800c2c02d2984c0960c0d68a22707869befd4af3996be42e7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170M-D3H DDR3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fc0eb68179f1363c19896c7cc043021a57cd45a3492187829b329474c361722a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170MX-Gaming 5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b87e20d143fef2fc32233444070130834ce5dbbffe06409cb537e59c911f49cf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170N-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "209045f2bba172fb91679d4319cfe548c24921f1e28dd9f887e3a78bce515e7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d67b82421d81df8f3d64966609e3c963be6d0dbd87df531ba5f3ef0bd61e5353"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Designare",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c061fffcfd8d7e38afb97fb434afc78d39d22bf9b02884c7c1b04487cbb7dea7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7b1cb9593c0c1890a7f1e922777c206012f2f1ded7b3339d66fa49efaca44c74"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 5 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "438bf66c9433bfe1ba92452f5f7eb1d46cbdf9af9ab3c3d1d4354e902fb0f257"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 6",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25917f5dcd5f5a4c2daaa9fc0cdf991b365e226856202b4e5e987d406e6af95b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming 7",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "75468e84df86d3133927f5c08028dfb6dce55168c99ec9fde08397f5ab0865ce"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Gaming GT",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d40ec6b83d08a885cb576844e609105e15fdc4e48181dbc861e2bce0b657b59"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-SOC FORCE",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5c25f790a4eb79b4ad3c4ceae05329c0878337257a6e31c276ff7aa5c18accc4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6389e5f47ee85c43b2d9aebef2e0c8a9f06856fabb148496a8acf251cdb3c1c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD3 Ultra (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a01bb5e701b3b847766d027e7b9bed8e7bb05403ca0160734bc73c93fb77b6fc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "260811f239a5a92f4a894f52c5b7218faa75c5765e3db17a4ee33530bbfc1295"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-UD5 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ad921f429c443cd2a73ba3373fb6407a81b4b8d53b3fd5cbea07ca847ddc75c9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170X-Ultra Gaming (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "464643065d45eeb1c2566dcce90bd868313319547c91d46e3cea78126109d374"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z170XP-SLI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "32d8482434dfaae6405eca2bf724939194c8740da638c9e3e8b760489b2a1128"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-1900",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6b0b62e4ea23df186b7bbf0fff342ec107596e1fd249721eea75375982054535"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160N-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e03efb41e61ac04cb14a63c5ee5a71d3deeddb29426e38eab1c68946d60e26a7"
}
]
},
{
"defaultStatus": "unaffected",
"product": "J4005N D2P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bae6e219e1ed8e8164382c4f05db847386c5f2908fb2fa453066aed4531310b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BACE-3010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "aecee44ca1c8bd43d65abeafcd5f0085e1165d42baa953808d566005189746a9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050M-D3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d4c55cc53de9adaaacd9e70527becc4de1cb0b39a605791601fefcd0156ced4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050N-D2P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c717a5d6b61b22bd458dbb497dc5abad9e30fedb668810e558a46f994a656435"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3050N-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "63cd7d4698c89b720c73125900f4cba4b8b1c2b962064280a93dc9ce2a0e9549"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150M-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1c4cf96a2ce5bae121b0594c2b41664510cffcdfc4001072f2275964c20fe12e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150N-D2H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4685e5a58d4cf84102460110a5fad72931b1b46eb9f71650811832f80580bc0c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3150N-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b0474259effceedf7aedde543afa096fdcca74d9865eac223b6a91b4ed922310"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-N3160TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5f53230a65454b8805179f246ac3c8b36bd274ae0051d900cd04890e7b765555"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B150M-D3V DDR3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8ba0474e2bdeb945adf9a819854cde336f3cca848e1ac41e381aaf03d397c7d0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150-PRO ECC",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c6ed04464891a4cdc3a25ba34d3cd44599bd118ed953c68c8b63f11be2dc83d3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X150M-PRO ECC (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "764d56cd4e5b88fa97313d5eef173bb426aa27aef5d81794eaf5b9c1fdf38375"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X170-EXTREME ECC",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "35f6ab275afa77bb30a5672f32b196d8c76208e48500d7f381e05f8f12e400e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H170TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bbb58a67574c989b095f38c9fe031cadd5a709235d6e0bfc9a206f98fd5318f0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-9SISL (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "493437a68a7a7b46b645d46660e17c3b6599eee86cd06f592683e56963cf9a8c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-S (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "554e7be483afb47c81760179da5199ebe2f59a97b7146e50ed42f35728df9c5f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68MX-UD2H-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5bbd2f88bf68b66e974356e0e49f63b83fdeea8d148da445e24073d8012c0c3a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3P-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b7981e34bc8994973c48a18ac01d6b075f092de47d35fc62fffdc503ecf081ed"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EL-30 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "485b963baebaf9e0d0d3f0438da8fc3a5e74cac6fc7781e732df5ad0a3be3eec"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S2PV (rev. 2.3)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9e2baeb611484b3c3460fbabe2b48ad91111e9a0cd7d1f189ab2d0438a69b3dd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-4770R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "73f5c64009c9b8ce26c13399584a65b73b3b5201475b04dd9621f5433ef959da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R130-134",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "923e61ed9ecf1c37848cbe56822ce753f455fddf25c1eca816f3ac04aa46daa4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "R270-D70",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d5844b2dc05f8374705493e1d67700d0421f63c27ea10070c60f1871dcf540c6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "P15F R5",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e112ae0d90739fa839e6e29687412b5669a2f23bbe2b418d96b65ead135ec349"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EL-20-3060-32G (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8e0251d4518373ebab7aa1dc037d732b5c04e92306e16a8e8ca1479df0a9ae88"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MP30-AR1 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "586ca26deb275734620c0b80c8d16dd86538bff6116f5d7db1fc10230d775eb0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-KMA1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5b5b834775e9fa3cb50db4d25d9df7849cf0f13011a209fc53c51245aa963856"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXGH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "984e1178ed45439578fc0b3cc2787cc8f972987c087fc5b4762ef5f421cf5782"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXGL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "240c0e6220a07f27d4debd867f2a1774a50be1b37c3f53a2dab272a71280af4e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi3-4010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "10cef05010197e635c330548e99ad98827223f0c8eada8a6e5a95ac7dc2880fa"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3H-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "9387c8f1b5d856bdf0ce43c88413c22f98214768708183bc610381363dd269d8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXBT-3825 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6775386a28b32b93d1853880a8ccf1b916a3bedaf7ba4d34f2a64904de792417"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-X99M-Gaming 5 (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d11d8f85507e54952adcfbb82d5d58ecfeec7674b756ba62c8e1316d9a1500de"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G210-H4G (rev. 100)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dd75c90a2a81a34fee2c17a6e72b8ec2c93120fbd98c437c4648ac5fd78b6af1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSQ77DI (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "030615cdc1d2e52fe185f8fa8e6e1c1028beca283a6be9215482a39df1418622"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-KMA3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dcac97ed60b61b1991fc9f499fb3bf0e8594d49d102e76a988ea8933d099d396"
}
]
},
{
"defaultStatus": "unaffected",
"product": "M9M3XAI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1d3295cec309f0649ecec6952824abfad776ecc1f46199a080932b5e99ac206b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXCE-3205",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "a080c1d64fb844389bad75a733e3b4c5483b07623276b114575d5cba32170869"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-5500",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "14dca67fdba7b20c48d3c16446db2a648c79e5f94712afba6e720ecf04ba5223"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B85TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2d817d05c86c92a00f00e286c6c26cc52e6a50019970a71d98aa07c53d9690c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H81TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5ebbac1eb55e763bd4efa47f6232ecbcc62d73645c3291e00a3d5cd880898ebb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H87TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e555305c3219cca7d7b8d5a667ae2ef454aca7eb84341f07e1fa8288cdb38359"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Q87TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5f237b90cd70e0f63c0414262a0af2fbf8456ea78252750ccc6ef7fe59cb8774"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi3-5010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bc4bcea45075ba867a4aadd97494ddcbbe693b23131bb52703d3c42b41340719"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-5200",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "39b90d14141556595814f43afeb015cc34e75acc31d23b0c505ba00d1c4a6a7c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MATMH81 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "dea93336a790f6ce8a80f451d1dc454eaf29b034a38a802140937b3166c4d450"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MZJ19AI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "51ebb3341dae5033164b3b45470115f49f327e5dae5ab111df2a59bc04afad8f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H97TN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "882fa77c019e12dc61165308318657941c1b15c1259213e78aa035017fd50445"
}
]
},
{
"defaultStatus": "unaffected",
"product": "U21M",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6fb97ce4f81eb4d83364b9377cf654a6f0e8d9271bd8e1e9f45f78b07f838172"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXPi3-4010 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8a4342c4bacccf07bdaf52b9cfadc8789c37092ccc0c414e1848e4d0317d01b4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-SIOPS-J1900 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ddff03dbd491004d20587de561e976bc8b5b5366723b51d3f59dfd1892b9dc25"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-TCV2A (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "70c80b940abbafb0d631870322b5f7c8e306a2063097493ab471f0ba8ddd228b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MQHUDVI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "092c46188af77b69b4c19e349712a23244ec7cdc885c2e0150a8209c1693c95a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-SIOPS-4550U (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d3d7862eb46bcec3f0eecb5ec94caa94456def40792a125cb9b7912625be5973"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXCE-2955 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "161c97b5c0ce6cc90a70034d8de30b18d07c43e50d5566c1802dadc967cb05eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5-4200 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "05001b41f2adc9d6c008f12f9d1d9669225a2366c9a05f6bd19d420cd5b13fc3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7-4500 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "6f6b51ad77bb7963ec455923fa731323ceb72af167a0a40b8c2b91696301bae1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S1",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "19e2a33d2a28a825fb89e7dfda9609776110876b204c5ff760edf716cc7c390b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5G-760 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "faa729af295c234dfcfc5ac4ab91c8c255c1b054c612b9cbda1fce33f88b4d51"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi5G3-760 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "718662066149651d1b7506c7582df2252c555428481b1821829b4db25e2a836e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-BXi7G3-760",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7452bdc99e762f3b54571e03c1b6ab0873529b798275149fe0a8bc057929f8c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSL (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3448017b88b33e3949d6c18876be32e506d827f65de6c425ebf82f33a2c3f502"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSG (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eb08694cb68b19cc7bd0bc323a46e8ce6de5036078a61dc8827ee480269c88eb"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LASH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d7f1a6c78df7317f866866e74e881d91485ef816e492fdf2a6fa02b940629494"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UP5 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f0e7e5b4689bf7e81db1b56185b2a1186d31a50f1cfd1c9863a0746f490ebf3f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6LXSV (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cc9b6fc8540a6abe60b8966ae6c4217180cabbb3471d12f93e3c81dc206c8bd4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSH87FI (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c19f30c4c9a444922cb61cf136cd48d9674d2134b98e618f6e7ab9654eb7a7ef"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3V",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ac8e4d6a033b6a2d130404eb06e193b248a76308d4a82eeb5736d4f251af6826"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MSH61DI (rev. 1.2)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ccb5cecbe797ba2e130f297ec86bfbdc629ebaf919065e50d3f8911cc05b3a1d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GB-XM12-3227 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c67607819bad2d7abfd1d47eebad947f9920352c33b96db61f9f25c05bddc7c5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f5502f7f96b9ca121d3b52a1a804c877839e76e3dbb45beda100bea672067d26"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-F2A85XM-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "104c3173aff7cbf07c72956516cdc7c34e6169604293aec90e86bcc4384a799a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d4c6ce9d730179b7a5cab37a8744a2ca588c9a2a8b8462b62d2c96757adaee61"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-D3H-MVP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ca64768668cac95b2c49594df5412492fd3e84a5ec279f5e5782d9d08d641e8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0d28128151819a06848aeb241f3dc4737d3a9b3918b739f8c512085af375b368"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77MX-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "32b1eee6b2e1553ceb902d17d0ecf5534034685dc8c2863f9ec99d2dc587bb72"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77MX-D3H TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "26778248ce3156bc2d3e70461f079d1292435aeca9ea2c6ef0e536c979845164"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b51371864d4322ca5c584cded0f6bbad11dd01cf498b841b270ede1f03497137"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c27a0ca23c6d3ee9eea18c0e700f33f13c568dc209341b8ab4b64148a235c70b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "023f4c9928786909d9fcb2143edcb1ce9a20d1b15cf281559996f21617503f91"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77M-D3H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "eeef50c6dbb27c9ae8bbca0e2be73384ba60469957414bc2943892ef28836b4f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77M-D3H-MVP (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3c50ff8443f151a8022b4934dc0e87cd74d500719b586c82bce2184bac3ec2d3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D2V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cac095d827e58ed8992e3eb2bc4285823c8378247de15d7ddc3f97c79d275f8d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-HD3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c3d754d426defee4e705ab9b72862764a22a64f316a1f8a2563a72cae308c31f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75N (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4a901cc6ab10bd1546d8453bd1bcf75379880ee549329c03ecfd4b445b52de99"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "58d19c2ca76b765809a99f0eb2227291f4f51860723d303f9ef0cb20d4d19dcc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-DS3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "98d605b3578ac3b7518f151c24c937455b204441ba806ea244f22e54c03af2be"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "8222535124cf1bf77c3af3e6ce3b3a942390794440b01f8d2fd44b4e416b049b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "33793d37f2415d724c58c993c2ad6cc67d661253b929165f6f0ab0c88c8325c4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75M-D3V (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "235c6f47146d2bf5dd20ff3971421489c69517be3b467ec1a2b6f7dc0f2d8a94"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P75-D3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1859a1e462fbb1db039e99f7cfea16e6da59188ad37b313181211ab2c3d70150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P75-D3P",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "901658f7361b4d15145d07de99b9d921d7293699a15479f086f4d1a00fedf089"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-F2A55M-DS2 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4be0b29ff5fd55d855e5529912b92acea24740eb7fa0250ba01a44824c4685b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-E350N WIN8 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4fd09df247091f6c6ead14d012325d14055ab38095f5c4d8c258352f48c2052f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7e95d1a64976573e5ed1c8c3466e24037d33fcfbbd9f02d1ae69643fdaa44d7f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASV3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00d23573a79d5737cfc6a1094b12e22c8a8601618934193dba2242f0246af559"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61TN (rev. 1.1)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f19c7fe7e25a9a41b4065791fa390b8d79ceee0cc7fafae702a92a6ec0e86696"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-B75TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "506f5abb01dade2137a4b8d3ea42d1127f24f59f96339e77c59883571ae63443"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77TN",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1ffb3921b21ffdb876b2cbc7b6ff939fb5168efdf5ceed571d2d220e195fb150"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77N-WIFI",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "25c38be153f85659377f63b4968f5425bf7e8d6c99fb695eeaaed973939bd943"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper M3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "bcd286446cd358474b492a2c9a4d49eab652aeda52c0e69ef94b1cd12b7579b5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H61M-S2P-R3 (rev. 3.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "0e26169fbddeb0ca9b8283dba44d571b554487b5dd9348caf84fe9d7a6a20dcc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c0adc82a52cbe367efed31279d6e1ea3ab98311db49a68ae149e4af9a70ab67a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67-DS3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "ff5f5836457aa7fd0f02d037d0dc23b5c5a49fef8f7360268d7276e577060256"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67X-UD3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "b8fb25742a7753c0f7ebac50e9e3d6186ea123dcd0e33eb0a64abc111eaa7728"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67X-UD3R-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "435e0ba0715afef2a466835c19105c6480a35f921af59b863f2c29ed2d1de0e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68MA-D2H-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e8d1572bf6bb0b658f618c735322e6c1aa20d01b79c9100e3d177b6c27ced480"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67A-D3-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d36182899b2c912ba34f51b50bbf228e1ec367b0fc009d20d34e4f011f4e9fc1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-P67A-UD3-B3 (rev. 1.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c46c76138b4cf0a3407c3fe2844c11fdd5c0c2c4d335ab58aa0b0617a6f13f33"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD3R-B3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "50d3dc2e80333527177e5f5e1dbc06357ecaae3fa2dd1d51272a906ade3cd7e1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68X-UD4-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "beedbc9f64d20973229b584d965bcaf2f8fdc4a88c4bc202eb5e9f5565c85fa4"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3-iSSD (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f615668a861c9d430afe7b40f42f352881132d193d16426951563997fbdc81da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3P (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "1d3552918dfc84151da3dabc0687a4513f1dea9d6879d53a8b8646398fc462e5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3R (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e4f33b57947d45b3e43bdd7bafd68d2f4c799fdf0b72a8a2ca61319ab760ae67"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68P-DS3 (rev. 2.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "5823dc1fbc95d092e02519c069c4fd111783428757b969fd8b9dbac1009fe91e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-D3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "384d9e1e3cad82b7841f33115dbfdf38589420716c8c0aa5a190971a44aa39e9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68A-D3-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "2065b895916edbec17057603ba98779b4bd10cbfc3477a87c767a36fb027b76a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68A-D3H-B3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6c9d4c8caf3307da9b1d6543e00682a3cddf1dc06c41f0f973355cb9c8554bc"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68AP-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7013aca3c062f040cf9d0448f7e2892101b30e5956915c8dc3a53c3c2aacd13d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68M-D2H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "d6d451499ebe6d8dd621f1c2ebb00b87dd01f7870b791e682b66d5f33eb01d8b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c676efd7e6c8bf4a7d3da8aa51b2b564d77c67f6d2be68b25232326166e0c20b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z68XP-UD4 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "4ae3a48e1a715461671107f9e8e790cfd1c4ee4d2b8ddaa50b140d67622b920f"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-C1007UN (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7b2aaaa9f92c0e6fa23a59bdda27d5cb26e8fdece26bc756893490d3ee657a4b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-C1007UN-D (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "fcf7c3d07e1bf9f1347e48dd3ac6e45fc9492648985a06394ab6568a7a71e262"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-H77M-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "e3b619d396378c2e6bc2f550cf1c55cd17e7091fa4ab90761f32582eba28884d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "G1.Sniper 3 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "cfa61511dad005aeb4ab01678f87169c7d509d59042b2fd33e8b58bdb34febe6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASL3 (rev. 1.x/2.x)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "7196b64c2f89763d2ea7f0f106d06352ae2c0e17a83fed2d10548e1aefa39245"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UD4H",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3ff3a0cad413c0b862ba515d60cac0e98e373e199f0d92c79a77ebe6fa6a2247"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Q77M-D2H (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "43216a565586f1c49090c7982e6f3c1e41b179e430d7ac0c47c8ad07308a5bc3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-HD4",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f6cd8446d78da9720f06cd360a48e9b6bdae33e342e18cb05420adb78fe05858"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77-HD3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c1209a2eb0b5eb9324e1a8ce11c77ca141023b94b988bd1df4db390dda4c275a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77P-D3",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "00fa676c6d12df8a48049f39b87e3343769356e880d2abcaf04ab1b679c450f9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-Z77X-UP4 TH (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "c5310894b9a2bb510f37c49852d743d64343a698436ca22d9b7a44bcf20e447a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Q1742F",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "350cc51e5e7fa472e95460eed374eb1f9a43ea4e615e2654c26a9da4d83bf529"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GA-6UASL1 (rev. 1.0)",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "f86f7ad9ffbc7437bba6bcf99d08b8de38f945bedff00c2d35362387077eabea"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Q2542N",
"vendor": "Gigabyte",
"versions": [
{
"status": "affected",
"version": "3d6faf2792722d1b9fbff087e4d85ddd2a4f9922a7848ed4db99284687df3b23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-proone-400-g1-19.5-inch-non-touch-all-in-one-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "642290f1b37e616b64b3c6b60921e24ddad599a38e67cd46a281b24c1ab62bb3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-rp5-retail-system-model-5810",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "2a090cfc69ebd88dbe2e2e9c52a7f3a75b8b150478e30a752c5c0f09129f3bc9"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z1-all-in-one-g2-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "d0a54ae69192d2d0289b2c9ae33a6ffd0a0db78189b41b032e18a3452c878eab"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z228-microtower-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "5174331d57cf3392012b00a6de381ee7a873f7fbd217bfa3e744b7dd6136807b"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z820-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "b02cdd16e398c2f31e9641d27d99865c404357136f857a1e2dcf2f7479b9457d"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z420-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "05e89382e73afb280f637acbfa1029e9107dd30c78df37b6a00f184657f5f2c3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z1-all-in-one-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "b6fd5cd3364bdfa459f040c1693b879bbcf508513124bb95b5f36743efd8e73c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-z220-convertible-minitower-workstation",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "cc5a9c2d4827e9b1501c2dc0a464f580d4a2d65e4ff83dbab548e51839339d06"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-prodesk-400-g1-microtower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "289f0fa72150a52f2b71bc6bf23f343ad9c1c412aa5977e89ffde7474562cb18"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-prodesk-600-g1-desktop-mini-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "a80a5c395fd3b28b0130d4579dd3e462f9e38bccb2a42cc5245cedd70b27ff0e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-compaq-elite-8380-convertible-minitower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "455164a23e14f8cc9567b458dfb85106294f149f0e446d2d8b4036551f894cf5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-elitedesk-705-g1-desktop-mini-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "1650cfd06bb698ad3cecd9e0c38b0de04d29f9c397492ba70b985b033e2458da"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-compaq-pro-6305-microtower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "44988d41019bf5c7989b71e966b97752f60c835ba2300c7d55323eded97c21e6"
}
]
},
{
"defaultStatus": "unaffected",
"product": "hp-elitedesk-800-g1-tower-pc",
"vendor": "HP",
"versions": [
{
"status": "affected",
"version": "659078fcdff1dead57cd05eafa0af4de667b52e981d1b907f0d963b41902dc7a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-10w-type-82st-82su",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "69dae6e64125b37fa0ee09f5cd9bf3581b3244e99d9b4651395834f9eef021af"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-edge-62z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "b04cc879ac09941e714a8ccce371111bcbbc8d7b1dd1ecdc823de09fd2dad7b3"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-m72z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "4438137139edb1e04de7e265e94444e1c87316b0821178285d87763f00bcc5df"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-edge-92z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "e37c7b66aef1c9702b08f3d08a41edf3e4617fc94a17f318297506868e1d254e"
}
]
},
{
"defaultStatus": "unaffected",
"product": "thinkcentre-m62z",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "76c5461e86a33095c4191aa02ccba85cdad5f24ac9c816fb8ab6f408cf32dcdf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-62-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "73a8fdf89ed1a2d0af45142f4b4498545ce4182ca704ad2b292490263480b1fd"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aio-510-22asr",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "47affcc25ded66333920985902473398438b49dac28be82542062ddabffec3c8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "aio-300-22isu",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "a6b6a2940a5f4c98e2f531624707fd8ab7dc61f4b3d3de0457fe00ba3cc5c135"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-c460-all-in-one",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "1235ca01cc48484db1157b312ec1632c45be511cfbff28d25404df0a3df47148"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-c365-all-in-one",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "7cf94927f6826886883baf229f3cc2f2545588a564ddb7583f2b52853aeb5b21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-erazer-x700-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "8dbcebb69c00242f0a346c34776171061d606262f412e92f84be99301d413c21"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lenovo-h520e-desktop",
"vendor": "Lenovo",
"versions": [
{
"status": "affected",
"version": "0ee94a5c0d4b93a2a1618d144bb0a505865a5d308c484c80fcf26fe31f23617a"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Supermicro",
"versions": [
{
"status": "affected",
"version": "https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Fujitsu",
"versions": [
{
"status": "affected",
"version": "https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Multiple",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Binarly Research team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T21:48:41.125Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "UEFI Forum Standards on SecureBoot and Driver Signing Advisory",
"tags": [
"product",
"technical-description"
],
"url": "https://uefi.org/specs/UEFI/2.9_A/32_Secure_Boot_and_Driver_Signing.html"
},
{
"name": "Binarly Finder\u0027s Advisory",
"tags": [
"technical-description"
],
"url": "https://www.binarly.io/advisories/brly-2024-005"
},
{
"name": "CERT/CC Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/455367"
},
{
"name": "Binarly Technical Description",
"tags": [
"technical-description",
"signature"
],
"url": "https://github.com/binarly-io/Vulnerability-REsearch/blob/main/PKfail/BRLY-2024-005.md"
},
{
"name": "Supermicro Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.supermicro.com/en/support/security_PKFAIL_Jul_2024"
},
{
"name": "Intel Advisory cum End-ofLife anouncement",
"tags": [
"vendor-advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-07-25-001.html"
},
{
"name": "Fujitsu Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf"
},
{
"name": "Gigabyte Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.gigabyte.com/us/Support/Security/2205"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insecure Platform Key (PK) used in UEFI system firmware signature",
"x_generator": {
"engine": "VINCE 3.0.6",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-8105"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-8105",
"datePublished": "2024-08-26T19:15:11.237Z",
"dateReserved": "2024-08-22T19:50:07.296Z",
"dateUpdated": "2025-08-25T21:48:41.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-200806-0575
Vulnerability from variot - Updated: 2024-07-23 22:03SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. SNMPv3 The implementation of contains an authentication bypass vulnerability because it does not properly handle crafted packets. SNMP (Simple Network Management Protocol) Is a widely used protocol for monitoring and managing network devices. SNMPv3 Supports security features such as authentication and privacy control. SNMPv3 In the authentication of HMAC (keyed-Hash Message Authentication Code) Is used. This code is generated by combining a private key and a cryptographic hash function. SNMPv3 Depending on the implementation of, there is a possibility that authentication may be bypassed by processing specially crafted packets due to vulnerability in authentication processing.By remote third party SNMP The object may be read or modified. Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. Vulnerabilities exist in Net-SNMP's handling of authentication. Net-SNMP's authentication code depends on the length of the HMAC length specified in the user input to read the length to be checked. If the user provides a single-byte HMAC code in the authentication code field, only the first byte will be checked, so there will be a 1/256 probability of matching the correct HMAC and Through authentication, this greatly improves the success rate of brute force guessing. An attacker could exploit this vulnerability to read and modify any SNMP object accessible using the authenticated credentials logged into the system. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2008-0017 Synopsis: Updated ESX packages for libxml2, ucd-snmp, libtiff Issue date: 2008-10-31 Updated on: 2008-10-31 (initial release of advisory) CVE numbers: CVE-2008-3281 CVE-2008-0960 CVE-2008-2327
- Summary
Updated ESX packages for libxml2, ucd-snmp, libtiff.
- Relevant releases
ESX 3.0.3 without patch ESX303-200810503-SG ESX 3.0.2 without patch ESX-1006968 ESX 2.5.5 before Upgrade Patch 10 ESX 2.5.4 before Upgrade Patch 21
NOTE: Extended support (Security and Bug fixes) for ESX 3.0.2 ended on 2008-10-29. Extended support (Security and Bug fixes) for ESX 2.5.4 ended on 2008-10-08.
Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08. Users
should plan to upgrade to ESX 3.0.3 and preferably to the newest
release available.
- Problem Description
a. Updated ESX Service Console package libxml2
A denial of service flaw was found in the way libxml2 processes
certain content. If an application that is linked against
libxml2 processes malformed XML content, the XML content might
cause the application to stop responding.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-3281 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX ESX303-200810503-SG
ESX 3.0.2 ESX ESX-1006968
ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later
ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. Updated ESX Service Console package ucd-snmp
A flaw was found in the way ucd-snmp checks an SNMPv3 packet's
Keyed-Hash Message Authentication Code. An attacker could use
this flaw to spoof an authenticated SNMPv3 packet.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-0960 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later
ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
c. Updated third party library libtiff
Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker
could create a carefully crafted LZW-encoded TIFF file that would
cause an application linked with libtiff to crash or, possibly,
execute arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-2327 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later
ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.
ESX
ESX 3.0.3 patch ESX303-200810503-SG http://download3.vmware.com/software/vi/ESX303-200810503-SG.zip md5sum: e687313e58377be41f6e6b767dfbf268 http://kb.vmware.com/kb/1006971
ESX 3.0.2 patch ESX-1006968 http://download3.vmware.com/software/vi/ESX-1006968.tgz md5sum: fc9e30cff6f03a209e6a275254fa6719 http://kb.vmware.com/kb/1006968
VMware ESX 2.5.5 Upgrade Patch 10 http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621 http://vmware.com/support/esx25/doc/esx-255-200810-patch.html
VMware ESX 2.5.4 Upgrade Patch 21 http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz md5sum: d791be525c604c852a03dd7df0eabf35 http://vmware.com/support/esx25/doc/esx-254-200810-patch.html
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327
- Change log
2008-10-31 VMSA-2008-0017 Initial security advisory after release of ESX 3.0.3, ESX 3.0.2, ESX 2.5.5 and ESX 2.5.4 patches on 2008-10-30.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200808-02
http://security.gentoo.org/
Severity: Normal Title: Net-SNMP: Multiple vulnerabilities Date: August 06, 2008 Bugs: #222265, #225105 ID: 200808-02
Synopsis
Multiple vulnerabilities in Net-SNMP allow for authentication bypass in snmpd and execution of arbitrary code in Perl applications using Net-SMNP.
Background
Net-SNMP is a collection of tools for generating and retrieving SNMP data.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-analyzer/net-snmp < 5.4.1.1 >= 5.4.1.1
Description
Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length (CVE-2008-0960). John Kortink reported a buffer overflow in the Perl bindings of Net-SNMP when processing the OCTETSTRING in an attribute value pair (AVP) received by an SNMP agent (CVE-2008-2292).
Impact
An attacker could send SNMPv3 packets to an instance of snmpd providing a valid user name and an HMAC length value of 1, and easily conduct brute-force attacks to bypass SNMP authentication. An attacker could further entice a user to connect to a malicious SNMP agent with an SNMP client using the Perl bindings, possibly resulting in the execution of arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Net-SNMP users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/net-snmp-5.4.1.1"
References
[ 1 ] CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 [ 2 ] CVE-2008-2292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200808-02.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUSE Security Announcement
Package: net-snmp
Announcement ID: SUSE-SA:2008:039
Date: Fri, 01 Aug 2008 13:00:00 +0000
Affected Products: openSUSE 10.2
openSUSE 10.3
openSUSE 11.0
SUSE SLES 9
Novell Linux Desktop 9
Open Enterprise Server
Novell Linux POS 9
SUSE Linux Enterprise Desktop 10 SP1
SLE SDK 10 SP1
SLE SDK 10 SP2
SUSE Linux Enterprise Server 10 SP1
SUSE Linux Enterprise Desktop 10 SP2
SUSE Linux Enterprise Server 10 SP2
Vulnerability Type: authentication bypass, denial-of-service
Severity (1-10): 6
SUSE Default Package: no
Cross-References: CVE-2008-0960
CVE-2008-2292
Content of This Advisory:
1) Security Vulnerability Resolved:
- authentication bypass
- denial-of-service
Problem Description
2) Solution or Work-Around
3) Special Instructions and Notes
4) Package Location and Checksums
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
- viewvc/subversion
6) Authenticity Verification and Additional Information
1) Problem Description and Brief Discussion
The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max).
Additionally a buffer overflow in perl-snmp was fixed that can cause a denial-of-service/crash.
2) Solution or Work-Around
Please install the update package.
3) Special Instructions and Notes
Please restart net-snmp after the update.
4) Package Location and Checksums
The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command
rpm -Fhv <file.rpm>
to apply the update, replacing with the filename of the downloaded RPM package.
x86 Platform:
openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-SNMP-5.4.1-77.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-SNMP-5.4.1-19.2.i586.rpm http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-5.4.rc2-8.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-devel-5.4.rc2-8.i586.rpm ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/perl-SNMP-5.4.rc2-8.i586.rpm
x86-64 Platform:
openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/net-snmp-32bit-5.4.rc2-8.x86_64.rpm
Sources:
openSUSE 11.0: http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm
openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm
openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/net-snmp-5.4.rc2-8.src.rpm
Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:
Open Enterprise Server http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SUSE Linux Enterprise Server 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SLE SDK 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SUSE Linux Enterprise Desktop 10 SP1 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&keywords=71093bdfd49361f6dbe32a8fde43b848
5) Pending Vulnerabilities, Solutions, and Work-Arounds:
- viewvc/subversion
This update of subversion fixes multiple vulnerabilities.
- CVE-2008-1290: list CVS or SVN commits on "all-forbidden" files
- CVE-2008-1291: directly access hidden CVSROOT folders
- CVE-2008-1292: expose restricted content via the revision view, the log history, or the diff view
6) Authenticity Verification and Additional Information
-
Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file and run the command
gpg --verify
replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:
gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"
where is replaced by the date the document was signed.
If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command
gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
-
Package authenticity verification:
SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.
The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command
rpm -v --checksig
to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.
This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.
-
SUSE runs two security mailing lists to which any interested party may subscribe:
opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.
opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.
SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux)
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSJL0gHey5gA9JdPZAQI4IAf7BPqInfbAyzZObcX2vGZM0svDKclNQMAO 1tTE0O3Te0EYLOnkfEisqNe9AOioSUQqeWu7ud5Y8L5zVysmcGe3/Lg0Vqmie/he WJXCJtkvaPOcp7p/GcnWQByQ4T1cQ4+QoLhwg2+RpyAABn/7ZWBz+uG91134kOql JabvxLI05Le++uwFfJ0YEefkSzik9sMVz4Dk4eVJglMm6nioHnx6K6ZrR0+0HBRR z2Rczq0M3gYplfWpgydgtlFH4dhkXlhfuladf93Aagf6QWerwvxTEld7ti+Sx3dU uInx4nkLJHLeu1f/XD4i7ZpZ0DtBz0F9wWJFGmy2cXxW0Xnhtwdbnw== =QwLq -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . =========================================================== Ubuntu Security Notice USN-685-1 December 03, 2008 net-snmp vulnerabilities CVE-2008-0960, CVE-2008-2292, CVE-2008-4309 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libsnmp-perl 5.2.1.2-4ubuntu2.3 libsnmp9 5.2.1.2-4ubuntu2.3
Ubuntu 7.10: libsnmp-perl 5.3.1-6ubuntu2.2 libsnmp10 5.3.1-6ubuntu2.2
Ubuntu 8.04 LTS: libsnmp-perl 5.4.1~dfsg-4ubuntu4.2 libsnmp15 5.4.1~dfsg-4ubuntu4.2
Ubuntu 8.10: libsnmp15 5.4.1~dfsg-7.1ubuntu6.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. (CVE-2008-0960)
John Kortink discovered that the Net-SNMP Perl module did not correctly check the size of returned values. If a user or automated system were tricked into querying a malicious SNMP server, the application using the Perl module could be made to crash, leading to a denial of service. This did not affect Ubuntu 8.10. (CVE-2008-2292)
It was discovered that the SNMP service did not correctly handle large GETBULK requests. If an unauthenticated remote attacker sent a specially crafted request, the SNMP service could be made to crash, leading to a denial of service. (CVE-2008-4309)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz
Size/MD5: 75402 9655d984a47cec8e27efa4db0b227870
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc
Size/MD5: 838 17a17230a005c1acfd0569757e728fad
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz
Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb
Size/MD5: 1152306 f7647cee4df8db87ab48c0d05635a973
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb
Size/MD5: 822946 b9b852c188937d1fffc06d4da01325d5
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb
Size/MD5: 896620 a78012b3f0f13667081f97dc1a4d62e8
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb
Size/MD5: 1497194 7d55b8d1e4ae0c45753bedcf536a1a5a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb
Size/MD5: 1826252 0550c1401f9bbe5f345fd96484ed369c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb
Size/MD5: 889330 5ad0ddb2c610973166e4dd07769ba3d3
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb
Size/MD5: 797086 18cf4210342b683d3ee24fe995329b55
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb
Size/MD5: 896880 298d27ea1ece6e80bb8931b9a5e61961
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb
Size/MD5: 1268472 acbca43ab7ea747fa3e4636d15ef997c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb
Size/MD5: 1710342 bd27290685bcf1d6a23eb8705d3367e7
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb
Size/MD5: 881838 58121bd9e4c845da7df4e540645e0e13
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb
Size/MD5: 794672 221d1c554bd89f50dc3ac9108a6cef6b
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb
Size/MD5: 913064 45a033b01c4b31ef90a92988bb5fb229
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb
Size/MD5: 1590124 b62aa5477d9307d311c811298b7ec3d9
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb
Size/MD5: 1728094 5214ce9aebe3a8d7a28a1746a81ce8ea
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb
Size/MD5: 898580 86e6c1b5dfb5bf91f63d7c6786b7abae
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb
Size/MD5: 796092 1bab28407224f782b2c3ae04b4647333
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb
Size/MD5: 896832 3d233db9682d5654fdad6bc6b5a649ba
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb
Size/MD5: 1485268 064304ead0ca4653136376e8e9039e74
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb
Size/MD5: 1706490 cb76027eb8167e0866a81b93a4da28ed
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb
Size/MD5: 883182 d1ffc12427d92be51efdba3349e74f9a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb
Size/MD5: 796374 0f3f749ebe4af6111fe49316639004e4
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz
Size/MD5: 94646 8b6f9380d9f8c5514a1d4db729c6df04
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc
Size/MD5: 1287 f53866efd3ae4f3c939a77b1005e1f11
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz
Size/MD5: 4210843 360a9783dbc853bab6bda90d961daee5
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb
Size/MD5: 484306 f2d03276d1cdcef7e8b276ad8ca9595d
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb
Size/MD5: 901284 6889b371d4de92eb61bf83b89d8a8c37
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb
Size/MD5: 2541692 1e6de4bd3c3baa444a2e1980a593a40e
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb
Size/MD5: 968940 7efe4bdcb99f311f1c4bb2c3b9d24a4e
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb
Size/MD5: 1200930 821861c24499cfdfa2a82c329c610c16
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb
Size/MD5: 996572 00cc1a4c8c7924124984e666563e73d0
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb
Size/MD5: 908792 a40763280a3bdbe60eca5e07c5d6c30c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb
Size/MD5: 2321524 59d44616802197e1227cf88abddefe36
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb
Size/MD5: 967106 a6e5b308d889bdf6f5abe454e35ba474
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb
Size/MD5: 1124462 ec99daa26d0fafba6e9f0b874a23bf3d
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb
Size/MD5: 991956 cb20b6a4d68a858ffa0846431169d411
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb
Size/MD5: 907546 1ab5119e23a16e99203c113d49fc2723
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb
Size/MD5: 2305548 da57690a3327196e0c3684735be23f2e
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb
Size/MD5: 968984 8da336a5fd871be10e6b8d66d3b9c9d3
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb
Size/MD5: 1074500 e4d6690a6a6a543fc0244a29cd350c9b
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb
Size/MD5: 989566 2d2f4b1662e6a2dffafe8e98f00a15e7
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb
Size/MD5: 907596 4274e006754ebc836132166e0f0429a0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb
Size/MD5: 2641202 9b2ec56463ee715752b780aa332d8cd0
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb
Size/MD5: 985722 a2fca8426b7b51e98c39b91a468bf71f
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb
Size/MD5: 1154496 6073239f7ffead2a5b9c3357ada1602c
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb
Size/MD5: 1018596 af12cc55597a0d2d3a92b4b5d683bb14
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb
Size/MD5: 911866 57e2246930e712bdc1b039840d43af48
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb
Size/MD5: 2527568 19b1a0971259a9b99f9c0386f5935bfc
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb
Size/MD5: 970264 d8ae7f0bb10375ad487b14ba031cd013
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb
Size/MD5: 1078842 2401fc4c40352b8c8013e8c5de3b0ecd
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb
Size/MD5: 995228 16b230d3c718d8eb4a023126bd09d7f5
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb
Size/MD5: 908708 1e410a8ddac41ad9faec901c5a638f29
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz
Size/MD5: 78642 b4acf50e47be498e579b934f32081d25
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc
Size/MD5: 1447 0abcea5df87851df2aae7ebd1fc00e7a
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz
Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb
Size/MD5: 526864 f3a131bf5a4f5c547573430cb66d410c
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb
Size/MD5: 102072 2f276f50efdb7e34f7e61f132f7f7cd7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 1796950 283c5a95206ab74062e0e30eba4e0890
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 142522 9fff294368a7eac39e37fa478ac6609d
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 1296694 d0646a1543c51f14a93b40f972bc1569
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 163178 0378a25e3b2a0bc80ddb8ec720b5557d
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 75960 fcba461f2e2376cad515329791e04a17
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb
Size/MD5: 38512 21d9ecbc86a8e5965047d027e94fd324
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 1556806 39e4f63b841c4b36c022017d66c12f58
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 179478 5f08596ae997792920e238ff8cd2a7ba
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 1098794 38bc61a5b403fb4f626a641a5f13e681
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 157954 66e38c37639f3c68e7e4a933fa953ff3
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 74116 50b3a4d0cfd38585d2711d30cf725e9d
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb
Size/MD5: 75038 98cdeec4b1014568b00107a82fc74418
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 1552018 d9dcab084f3b9bf3e8c36cb5db8f141e
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 141508 96061180809cccc975e0d7079e07ed3e
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 1171530 2d91048fe0a2ac9e3a4fddb84c67513e
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 155564 c67ba3aeb2535ee3e7fc4c89e90ba36a
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 74274 db05202893f516398bbe4e2153ef2d6e
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb
Size/MD5: 35552 a75caf212ffb5a0eafe4ba2656c9aae1
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 1874428 0ed8b5f4e6bad74d506d73447de00bd2
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 158374 dfcd7c4455b4bbd3f746368058d09a59
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 1238226 b5b3a81e956cdb14674d571694d1b6d0
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 185314 5e9d8bd56493f75ae8a8691c530aa420
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 83106 75dea32ec7152b7868fabf09d9d5a198
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb
Size/MD5: 42928 214fe703fced2e387b48b51dcbb1d6b7
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 1760062 ade4c08289d947d092a5b2ab06517cc7
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 143860 62b7260d618531b0ed5e7871ab7b99a9
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 1159702 28ea81660bbdd9d7982be58d225e8814
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 160236 196e493ce73905446a3764e73b99f332
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 75518 f24e4b0e3e4a7d97c28da99cdc0a47a5
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb
Size/MD5: 38240 873f5e820e381ec2254ed520bcd09af0
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz
Size/MD5: 82260 85fb58aa81933f142bd937bca2e18341
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc
Size/MD5: 1956 1ee06f6b731eae435af6a2d438ef909b
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz
Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb
Size/MD5: 527650 9c56f3d70018b714895a61c0daba9498
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb
Size/MD5: 103060 108eb50387ca46b4ee38ebb8722ced88
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 1815638 82385081fe2d4eeb1a6c94f9dae672ad
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 146154 1b6249e02e89213f2f4d2aa9c9123420
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 1315628 8443e091f2c63485a422236ad23e55cd
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 165522 154a05824b98e041ceac60ac83709ef4
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 77914 8d6e328f309e78bf1fcf21c2633d82ec
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb
Size/MD5: 39930 6b7a1a67ca63b5c843ce66f3547b3c89
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 1569568 dd0599b150eccee9889325d17a7b0769
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 184264 52a54aebef81648164a5bc90f27b0cc5
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 1119072 10c81fe283b25e7ad31fcfd88a2325f0
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 156112 6296f0836bc9797ff48810c79965c3a5
http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 74476 bd96a6915eb97fed083aac4daa5f07cf
http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb
Size/MD5: 77652 3e30e51c362dfa982a3b3197be081328
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 1557614 065f4575c7a2d257fa6b5b9d0cee454f
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 144292 b55f2c4aff8a86499d7f38fd6e773f44
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 1184272 84116fefdce279ce338ffc9614384c06
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 154444 ffe9e765a01695355bdb58008a2910f5
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 73746 762e75672fbd395d2d159513f5d572b0
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb
Size/MD5: 36530 0a98b51b94a5f75d4131d657aa766579
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 1884632 a3ad023841ee605efa1e055712b44d9a
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 161074 5586adea8200d2d5bf81f288b5bf7be2
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 1249636 48ec688499fea1dc0ccb3091c0158fb8
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 181952 8ef5f6b9b6c6b8e4fcd5cb37147304a2
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 81802 965218126fb5a49cfcd9e20afeb49782
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb
Size/MD5: 43048 09f2f9ed9f519ca5723411802e46d48b
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 1759316 46455cc355c1b808243eada0f134d00b
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 145164 2cdb5b35db853c7c184a44022fc23cd8
http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 1159834 cfff424e5bff38bb3ef9419f03465388
http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 163042 354f7a5423a34c411c5f8620c66d3e58
http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 76994 ca11bcf9a411f618e35e1d6b6ab8c8f9
http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb
Size/MD5: 38526 172493ec5df1866e2633e074c7f38775
.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
Updated Packages:
Mandriva Linux 2007.1: 8db66ef5a5468d3fd72a47855230a28e 2007.1/i586/libnet-snmp10-5.3.1-3.2mdv2007.1.i586.rpm c951b17138ef11828b2ccf031d4cddaf 2007.1/i586/libnet-snmp10-devel-5.3.1-3.2mdv2007.1.i586.rpm 536a87919f32fac81964d0a907bf08fe 2007.1/i586/libnet-snmp10-static-devel-5.3.1-3.2mdv2007.1.i586.rpm 39e33947c21666dac5dbe5cfe103b26d 2007.1/i586/net-snmp-5.3.1-3.2mdv2007.1.i586.rpm 1eed5ebaff8f6f83befbf8d831900073 2007.1/i586/net-snmp-mibs-5.3.1-3.2mdv2007.1.i586.rpm 874db03c69584025e4d91049072d3c4e 2007.1/i586/net-snmp-trapd-5.3.1-3.2mdv2007.1.i586.rpm 11af93c879d8cd9353b7cb1826900222 2007.1/i586/net-snmp-utils-5.3.1-3.2mdv2007.1.i586.rpm 2c9e819eeb5fd472f6a0fe338d86182b 2007.1/i586/perl-NetSNMP-5.3.1-3.2mdv2007.1.i586.rpm 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: aa27de502ce22110fd745c0b847b79d9 2007.1/x86_64/lib64net-snmp10-5.3.1-3.2mdv2007.1.x86_64.rpm 1843dd154c443cca9ae977e502221d6d 2007.1/x86_64/lib64net-snmp10-devel-5.3.1-3.2mdv2007.1.x86_64.rpm 838bd7820d446bd947bc46e090b38066 2007.1/x86_64/lib64net-snmp10-static-devel-5.3.1-3.2mdv2007.1.x86_64.rpm e659d3df04816330c7bf45008f66bc27 2007.1/x86_64/net-snmp-5.3.1-3.2mdv2007.1.x86_64.rpm 756d5606a1039d20a7512b0a109d53bb 2007.1/x86_64/net-snmp-mibs-5.3.1-3.2mdv2007.1.x86_64.rpm 8ad36943e07362865f3a48c99914e48c 2007.1/x86_64/net-snmp-trapd-5.3.1-3.2mdv2007.1.x86_64.rpm 483140c06017507127d12357c3ed2b41 2007.1/x86_64/net-snmp-utils-5.3.1-3.2mdv2007.1.x86_64.rpm e2bb901815ffa1ca5b0a16bc1363f84f 2007.1/x86_64/perl-NetSNMP-5.3.1-3.2mdv2007.1.x86_64.rpm 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm
Mandriva Linux 2008.0: 8de3c4975620db2b2c2697d6f9deb79b 2008.0/i586/libnet-snmp15-5.4.1-1.1mdv2008.0.i586.rpm b1991c58d996f4be200fe141e28c5f7d 2008.0/i586/libnet-snmp-devel-5.4.1-1.1mdv2008.0.i586.rpm 03c54182cc7f97633f29ff0251a8c898 2008.0/i586/libnet-snmp-static-devel-5.4.1-1.1mdv2008.0.i586.rpm 1f792de19b7b38b56d68242958d5d800 2008.0/i586/net-snmp-5.4.1-1.1mdv2008.0.i586.rpm e3362a641e232a6ecf0b8230f0e49ec8 2008.0/i586/net-snmp-mibs-5.4.1-1.1mdv2008.0.i586.rpm bc6d8c10135ea64a4d512d80d04b1b39 2008.0/i586/net-snmp-trapd-5.4.1-1.1mdv2008.0.i586.rpm 8e7f28ee85fb48129eea57d11d391c8b 2008.0/i586/net-snmp-utils-5.4.1-1.1mdv2008.0.i586.rpm beab129e378f61a6bf62d366a4d90639 2008.0/i586/perl-NetSNMP-5.4.1-1.1mdv2008.0.i586.rpm 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 82b570c9cb7e0662df4d7da730c131db 2008.0/x86_64/lib64net-snmp15-5.4.1-1.1mdv2008.0.x86_64.rpm 20b8a6e3fc8dd82fe5ecfdb337553938 2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.1mdv2008.0.x86_64.rpm 555688caa0eee850b3a5f835a5778849 2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.1mdv2008.0.x86_64.rpm 60d65f80aec29dcb6d4ceb4bb117a9bc 2008.0/x86_64/net-snmp-5.4.1-1.1mdv2008.0.x86_64.rpm 685c9dd25b585afc128de1b3c092e5d5 2008.0/x86_64/net-snmp-mibs-5.4.1-1.1mdv2008.0.x86_64.rpm 7bff860904572c092f737ac17940d5b2 2008.0/x86_64/net-snmp-trapd-5.4.1-1.1mdv2008.0.x86_64.rpm e434686bddfb04f2a8bd01346517ecb4 2008.0/x86_64/net-snmp-utils-5.4.1-1.1mdv2008.0.x86_64.rpm 4fab6e498e1f05809db500ce895aad66 2008.0/x86_64/perl-NetSNMP-5.4.1-1.1mdv2008.0.x86_64.rpm 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.1: 4bafceae1a29f6557b5aa884eca24ba0 2008.1/i586/libnet-snmp15-5.4.1-5.1mdv2008.1.i586.rpm 1eedbae5df7e503de1cba736129beaa1 2008.1/i586/libnet-snmp-devel-5.4.1-5.1mdv2008.1.i586.rpm 615a88847cbf1ce6eaf0029037a14b1b 2008.1/i586/libnet-snmp-static-devel-5.4.1-5.1mdv2008.1.i586.rpm 7323cb7d35eb67664d40ad73b413679d 2008.1/i586/net-snmp-5.4.1-5.1mdv2008.1.i586.rpm d43ed96a806639a94af2a137c75e276e 2008.1/i586/net-snmp-mibs-5.4.1-5.1mdv2008.1.i586.rpm 7394b1361b43056b5eb99827771358cf 2008.1/i586/net-snmp-tkmib-5.4.1-5.1mdv2008.1.i586.rpm 8d6fd9308c2edbe8c020d2c33b3a841d 2008.1/i586/net-snmp-trapd-5.4.1-5.1mdv2008.1.i586.rpm dc58047a02e1a222af20aa794ea8f447 2008.1/i586/net-snmp-utils-5.4.1-5.1mdv2008.1.i586.rpm 2ad9888cd61fc4952c1cee0c48f714b5 2008.1/i586/perl-NetSNMP-5.4.1-5.1mdv2008.1.i586.rpm 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 618c241e0ecb57685646264c9bb083b4 2008.1/x86_64/lib64net-snmp15-5.4.1-5.1mdv2008.1.x86_64.rpm bb0ebf49ee7cca29965aeb398f4725f6 2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.1mdv2008.1.x86_64.rpm b4f29f00773291f6cc00784ed7cde470 2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.1mdv2008.1.x86_64.rpm 3039811b6682dc4009b32ff48a99eb2b 2008.1/x86_64/net-snmp-5.4.1-5.1mdv2008.1.x86_64.rpm fab09178635501eb5d6a82eb7bd532a3 2008.1/x86_64/net-snmp-mibs-5.4.1-5.1mdv2008.1.x86_64.rpm da29d4c7edaa15d95f8bee98dbfab025 2008.1/x86_64/net-snmp-tkmib-5.4.1-5.1mdv2008.1.x86_64.rpm d9aad834d82d310c64f6f21e17a55920 2008.1/x86_64/net-snmp-trapd-5.4.1-5.1mdv2008.1.x86_64.rpm 7a7c871bd87dc91c16b046ac115cda70 2008.1/x86_64/net-snmp-utils-5.4.1-5.1mdv2008.1.x86_64.rpm d102ea2af0fcaaebd98defda72bcfc91 2008.1/x86_64/perl-NetSNMP-5.4.1-5.1mdv2008.1.x86_64.rpm 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm
Corporate 3.0: 335af3930865c8eb44ef436cad5fb373 corporate/3.0/i586/libnet-snmp5-5.1-7.4.C30mdk.i586.rpm b8e1d307ee6fa3905d292077fc063318 corporate/3.0/i586/libnet-snmp5-devel-5.1-7.4.C30mdk.i586.rpm a668cc4de411865567d1a93f34cee1e3 corporate/3.0/i586/libnet-snmp5-static-devel-5.1-7.4.C30mdk.i586.rpm d8c0d342b03e5719443d2de06c631bd5 corporate/3.0/i586/libsnmp0-4.2.3-8.2.C30mdk.i586.rpm 6bbe3bb2502ce3c974f7b5737331bb4d corporate/3.0/i586/libsnmp0-devel-4.2.3-8.2.C30mdk.i586.rpm daca10f2e578f75c1e7415d78ed30265 corporate/3.0/i586/net-snmp-5.1-7.4.C30mdk.i586.rpm 1630ebd75201e1bc3956b12a26282f92 corporate/3.0/i586/net-snmp-mibs-5.1-7.4.C30mdk.i586.rpm 5a4f483c877a6278088a265cb3273d61 corporate/3.0/i586/net-snmp-trapd-5.1-7.4.C30mdk.i586.rpm 316d866de7fa7cd984d58f5cb742f5e3 corporate/3.0/i586/net-snmp-utils-5.1-7.4.C30mdk.i586.rpm e3d4197517565f12e2c3a8fd1cc5d2e7 corporate/3.0/i586/ucd-snmp-4.2.3-8.2.C30mdk.i586.rpm 17e8d856fd1dac18552818a842105c88 corporate/3.0/i586/ucd-snmp-utils-4.2.3-8.2.C30mdk.i586.rpm ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm
Corporate 3.0/X86_64: b31f277942fca76d953007c94a60cae2 corporate/3.0/x86_64/lib64net-snmp5-5.1-7.4.C30mdk.x86_64.rpm e4a3fba10ccdd805dc8783ae68c99a42 corporate/3.0/x86_64/lib64net-snmp5-devel-5.1-7.4.C30mdk.x86_64.rpm 530a94cc87af0e4d6e9f3815473c0dd4 corporate/3.0/x86_64/lib64net-snmp5-static-devel-5.1-7.4.C30mdk.x86_64.rpm f246ca421b5d16c599d53f70e4b97660 corporate/3.0/x86_64/lib64snmp0-4.2.3-8.2.C30mdk.x86_64.rpm b943e07726a2fecb016ef4ba626906d8 corporate/3.0/x86_64/lib64snmp0-devel-4.2.3-8.2.C30mdk.x86_64.rpm 22822876f72e35cf6d1ed027df93e74a corporate/3.0/x86_64/net-snmp-5.1-7.4.C30mdk.x86_64.rpm e7e51782b9bbd1e1bdf93c17fb953280 corporate/3.0/x86_64/net-snmp-mibs-5.1-7.4.C30mdk.x86_64.rpm e67a9105f9492c020693d48ce55652ea corporate/3.0/x86_64/net-snmp-trapd-5.1-7.4.C30mdk.x86_64.rpm 171a17e507b2dfdb9c70c0089e582221 corporate/3.0/x86_64/net-snmp-utils-5.1-7.4.C30mdk.x86_64.rpm 96886146d21175b076e92d59e96f5016 corporate/3.0/x86_64/ucd-snmp-4.2.3-8.2.C30mdk.x86_64.rpm 1b6ee4c253f15be516a1928a4f791f15 corporate/3.0/x86_64/ucd-snmp-utils-4.2.3-8.2.C30mdk.x86_64.rpm ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm
Corporate 4.0: 6cbe9d76db3b05c2435bcbc5cf16c898 corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.2.20060mlcs4.i586.rpm 586a55cfde45020d5ea0ebf5f2d6c840 corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm d992d8300cf0639942a179349d592e15 corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm 03a49b848c376b705dcfcef0ec817daf corporate/4.0/i586/net-snmp-5.2.1.2-5.2.20060mlcs4.i586.rpm 22b9d01b3b7a8a34ed3e1a5a435286a8 corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.i586.rpm dccc01a94c1f29eac2875e6a935bf589 corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.i586.rpm 77f93230f96abce039b52ca5612eaa36 corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.i586.rpm 8a7209b70979c9d73035ff40cbd8dbb4 corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.i586.rpm ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f94c7e967973ba8aa12b5605251d6e78 corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.2.20060mlcs4.x86_64.rpm f332985986eff2d6c8a75b5c263dedb1 corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 82fc454916e75866370ee738292021c8 corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm ff0adeb23df57eb34869c7100df159da corporate/4.0/x86_64/net-snmp-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 72f2dc9cb1695999660a9ff9c97e4c47 corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 0f244551c87e051a8274e5050cf0bc2a corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 7c4e7fb304c77c6551a50495d338e84e corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.x86_64.rpm 68d81ca4c173710ef43b36092df2a6ee corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.x86_64.rpm ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm
Multi Network Firewall 2.0: f98286a301d580fe306917cf0169ef88 mnf/2.0/i586/libnet-snmp5-5.1-7.4.M20mdk.i586.rpm 3ba27516773b1dd933828207cecc7754 mnf/2.0/SRPMS/net-snmp-5.1-7.4.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200806-0575",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xr",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "session and resource control",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "src pe",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "session and resource control",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "2.0"
},
{
"model": "src pe",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "2.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet initiative",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "snmp research",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ecoscentric",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netsnmp",
"version": null
},
{
"model": "net-snmp",
"scope": "lt",
"trust": 0.8,
"vendor": "net snmp",
"version": "5.2.4.1"
},
{
"model": "net-snmp",
"scope": "lt",
"trust": 0.8,
"vendor": "net snmp",
"version": "5.3.2.1"
},
{
"model": "net-snmp",
"scope": "lt",
"trust": 0.8,
"vendor": "net snmp",
"version": "5.4.1.1"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.5.4"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.5.4"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9424t/sp"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9424t/sp-e"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9424ts/xp-e"
},
{
"model": "switchblade 5400s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade 7800r series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade 7800s series",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "switchblade x908",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "x900-12xt/s",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "x900-24xs",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "x900-24xt",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "ax2400s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax3600s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax5400s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax6300s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax6700s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7700r series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800r series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "ax7800s series",
"scope": null,
"trust": 0.8,
"vendor": "alaxala",
"version": null
},
{
"model": "seil/neu",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "128 2.00 to 2.42"
},
{
"model": "seil/plus",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.00 to 1.91"
},
{
"model": "seil/turbo",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.00 to 1.91"
},
{
"model": "seil/x1,x2",
"scope": "eq",
"trust": 0.8,
"vendor": "internet initiative",
"version": "1.00 to 1.20"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "catos",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "8.x"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "r400 series (ax7800r series"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ax7700r series )"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s2400 series (ax2400s series )"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s3600 series (ax3600s series )"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s400 series (ax7800s series )"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s6300 series (ax6300s series )"
},
{
"model": "ip8800/s,/r",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "s6700 series (ax6700s series )"
},
{
"model": "gr4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs3000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "gs4000",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ipcom series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "10.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.58"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.56"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.54"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.52"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.45"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.43"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.419"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.417"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.416"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.415"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.413"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.410"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.41"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.55"
},
{
"model": "ucd-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "ucd snmp",
"version": "4.2.6"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6600"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6400"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6000"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5700"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5600"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5400"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5300"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5100"
},
{
"model": "networks switched firewall series",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.4.1"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.3.2"
},
{
"model": "net-snmp",
"scope": "eq",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.2.4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "session and resource control appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.0"
},
{
"model": "session and resource control appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.0.1"
},
{
"model": "session and resource control appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.1"
},
{
"model": "openview snmp emanate master agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "15"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "ecos",
"scope": "eq",
"trust": 0.3,
"vendor": "ecoscentric",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "wireless lan controller module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wireless lan control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "wireless lan control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "wireless lan control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "wireless lan control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "wireless lan control",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.19"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.18"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.17"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.13"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.9"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "catos",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ace xml gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "esx server patch",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.510"
},
{
"model": "net-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.4.1.1"
},
{
"model": "net-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.3.2.1"
},
{
"model": "net-snmp",
"scope": "ne",
"trust": 0.3,
"vendor": "net snmp",
"version": "5.2.4.1"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.7.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.7.1"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "BID",
"id": "29623"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.0:s:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sga:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sra:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:zy:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:b:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:xa:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:xg:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:yx:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.0:sy:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.1:e:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:srb:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:src:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:ja:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:jeb:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:xi:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:xk:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:t:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xa:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ecos_sourceware:ecos:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ecos_sourceware:ecos:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:7.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:ewa:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:jk:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sxb:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sxd:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:jk:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:jl:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:xr:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:yf:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xd:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nx_os:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ecos_sourceware:ecos:2.0:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:7.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:catos:7.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sb:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sg:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:sxf:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.2:zl:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xw:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ecos_sourceware:ecos:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:ecos_sourceware:ecos:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:jx:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:t:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:yi:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.3:yt:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xe:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cisco_ios:12.4:xj:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nx_os:4.0.1:a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nx_os:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:net-snmp:net_snmp:5.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:10.0:unkown:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_20_6509_bundle_with_8gbps_throughput:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_20_service_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_10_service_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_20_6504_bundle_with__4gbps_throughput:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:mds_9134:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:mds_9140:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_10_6504_bundle_with_4_gbps_throughput:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_10_6509_bundle_with_8_gbps_throughput:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:mds_9120:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:mds_9124:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_xml_gateway:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_xml_gateway:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_firewall:4.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:ingate:ingate_siparator:4.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:session_and_resource_control:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:src_pe:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:session_and_resource_control:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:src_pe:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wes Hardaker",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
}
],
"trust": 0.6
},
"cve": "CVE-2008-0960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-0960",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-31085",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-0960",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#878044",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200806-140",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-31085",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2008-0960",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. SNMPv3 The implementation of contains an authentication bypass vulnerability because it does not properly handle crafted packets. SNMP (Simple Network Management Protocol) Is a widely used protocol for monitoring and managing network devices. SNMPv3 Supports security features such as authentication and privacy control. SNMPv3 In the authentication of HMAC (keyed-Hash Message Authentication Code) Is used. This code is generated by combining a private key and a cryptographic hash function. SNMPv3 Depending on the implementation of, there is a possibility that authentication may be bypassed by processing specially crafted packets due to vulnerability in authentication processing.By remote third party SNMP The object may be read or modified. Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. \nSuccessfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. \nNet-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable. The software is used to monitor network equipment, computer equipment, UPS equipment, etc. Vulnerabilities exist in Net-SNMP\u0027s handling of authentication. Net-SNMP\u0027s authentication code depends on the length of the HMAC length specified in the user input to read the length to be checked. If the user provides a single-byte HMAC code in the authentication code field, only the first byte will be checked, so there will be a 1/256 probability of matching the correct HMAC and Through authentication, this greatly improves the success rate of brute force guessing. An attacker could exploit this vulnerability to read and modify any SNMP object accessible using the authenticated credentials logged into the system. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0017\nSynopsis: Updated ESX packages for libxml2, ucd-snmp, libtiff\nIssue date: 2008-10-31\nUpdated on: 2008-10-31 (initial release of advisory)\nCVE numbers: CVE-2008-3281 CVE-2008-0960 CVE-2008-2327\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated ESX packages for libxml2, ucd-snmp, libtiff. \n\n2. Relevant releases\n\n ESX 3.0.3 without patch ESX303-200810503-SG\n ESX 3.0.2 without patch ESX-1006968\n ESX 2.5.5 before Upgrade Patch 10\n ESX 2.5.4 before Upgrade Patch 21\n\n NOTE: Extended support (Security and Bug fixes) for ESX 3.0.2 ended\n on 2008-10-29. Extended support (Security and Bug fixes) for\n ESX 2.5.4 ended on 2008-10-08. \n\n Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08. Users\n should plan to upgrade to ESX 3.0.3 and preferably to the newest\n release available. \n\n3. Problem Description\n\n a. Updated ESX Service Console package libxml2\n\n A denial of service flaw was found in the way libxml2 processes\n certain content. If an application that is linked against\n libxml2 processes malformed XML content, the XML content might\n cause the application to stop responding. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-3281 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX ESX303-200810503-SG\n ESX 3.0.2 ESX ESX-1006968\n ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later\n ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n b. Updated ESX Service Console package ucd-snmp\n\n A flaw was found in the way ucd-snmp checks an SNMPv3 packet\u0027s\n Keyed-Hash Message Authentication Code. An attacker could use\n this flaw to spoof an authenticated SNMPv3 packet. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-0960 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later\n ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n c. Updated third party library libtiff\n\n Multiple uses of uninitialized values were discovered in libtiff\u0027s\n Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker\n could create a carefully crafted LZW-encoded TIFF file that would\n cause an application linked with libtiff to crash or, possibly,\n execute arbitrary code. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2008-2327 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX ESX 2.5.5 upgrade patch 10 or later\n ESX 2.5.4 ESX ESX 2.5.4 upgrade patch 21\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum of your downloaded file. \n\n ESX\n ---\n ESX 3.0.3 patch ESX303-200810503-SG\n http://download3.vmware.com/software/vi/ESX303-200810503-SG.zip\n md5sum: e687313e58377be41f6e6b767dfbf268\n http://kb.vmware.com/kb/1006971\n\n ESX 3.0.2 patch ESX-1006968\n http://download3.vmware.com/software/vi/ESX-1006968.tgz\n md5sum: fc9e30cff6f03a209e6a275254fa6719\n http://kb.vmware.com/kb/1006968\n\n VMware ESX 2.5.5 Upgrade Patch 10\n http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz\n md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621\n http://vmware.com/support/esx25/doc/esx-255-200810-patch.html\n\n VMware ESX 2.5.4 Upgrade Patch 21\n http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz\n md5sum: d791be525c604c852a03dd7df0eabf35\n http://vmware.com/support/esx25/doc/esx-254-200810-patch.html\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2008-10-31 VMSA-2008-0017\nInitial security advisory after release of ESX 3.0.3, ESX 3.0.2, ESX\n2.5.5 and ESX 2.5.4 patches on 2008-10-30. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200808-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Net-SNMP: Multiple vulnerabilities\n Date: August 06, 2008\n Bugs: #222265, #225105\n ID: 200808-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Net-SNMP allow for authentication bypass in\nsnmpd and execution of arbitrary code in Perl applications using\nNet-SMNP. \n\nBackground\n==========\n\nNet-SNMP is a collection of tools for generating and retrieving SNMP\ndata. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-analyzer/net-snmp \u003c 5.4.1.1 \u003e= 5.4.1.1\n\nDescription\n===========\n\nWes Hardaker reported that the SNMPv3 HMAC verification relies on the\nclient to specify the HMAC length (CVE-2008-0960). John Kortink\nreported a buffer overflow in the Perl bindings of Net-SNMP when\nprocessing the OCTETSTRING in an attribute value pair (AVP) received by\nan SNMP agent (CVE-2008-2292). \n\nImpact\n======\n\nAn attacker could send SNMPv3 packets to an instance of snmpd providing\na valid user name and an HMAC length value of 1, and easily conduct\nbrute-force attacks to bypass SNMP authentication. An attacker could\nfurther entice a user to connect to a malicious SNMP agent with an SNMP\nclient using the Perl bindings, possibly resulting in the execution of\narbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Net-SNMP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-analyzer/net-snmp-5.4.1.1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n [ 2 ] CVE-2008-2292\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200808-02.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: net-snmp\n Announcement ID: SUSE-SA:2008:039\n Date: Fri, 01 Aug 2008 13:00:00 +0000\n Affected Products: openSUSE 10.2\n openSUSE 10.3\n openSUSE 11.0\n SUSE SLES 9\n Novell Linux Desktop 9\n Open Enterprise Server\n Novell Linux POS 9\n SUSE Linux Enterprise Desktop 10 SP1\n SLE SDK 10 SP1\n SLE SDK 10 SP2\n SUSE Linux Enterprise Server 10 SP1\n SUSE Linux Enterprise Desktop 10 SP2\n SUSE Linux Enterprise Server 10 SP2\n Vulnerability Type: authentication bypass, denial-of-service\n Severity (1-10): 6\n SUSE Default Package: no\n Cross-References: CVE-2008-0960\n CVE-2008-2292\n\n Content of This Advisory:\n 1) Security Vulnerability Resolved:\n - authentication bypass\n - denial-of-service\n Problem Description\n 2) Solution or Work-Around\n 3) Special Instructions and Notes\n 4) Package Location and Checksums\n 5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n - viewvc/subversion\n 6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n The net-snmp daemon implements the \"simple network management protocol\". \n The version 3 of SNMP as implemented in net-snmp uses the length of the\n HMAC in a packet to verify against a local HMAC for authentication. \n An attacker can therefore send a SNMPv3 packet with a one byte HMAC and\n guess the correct first byte of the local HMAC with 256 packets (max). \n\n Additionally a buffer overflow in perl-snmp was fixed that can cause a\n denial-of-service/crash. \n\n2) Solution or Work-Around\n\n Please install the update package. \n\n3) Special Instructions and Notes\n\n Please restart net-snmp after the update. \n\n4) Package Location and Checksums\n\n The preferred method for installing security updates is to use the YaST\n Online Update (YOU) tool. YOU detects which updates are required and\n automatically performs the necessary steps to verify and install them. \n Alternatively, download the update packages for your distribution manually\n and verify their integrity by the methods listed in Section 6 of this\n announcement. Then install the packages using the command\n\n rpm -Fhv \u003cfile.rpm\u003e\n\n to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n downloaded RPM package. \n\n \n x86 Platform:\n \n openSUSE 11.0:\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-SNMP-5.4.1-77.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-SNMP-5.4.1-19.2.i586.rpm\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-5.4.rc2-8.i586.rpm\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/net-snmp-devel-5.4.rc2-8.i586.rpm\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/perl-SNMP-5.4.rc2-8.i586.rpm\n \n x86-64 Platform:\n \n openSUSE 11.0:\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/net-snmp-32bit-5.4.rc2-8.x86_64.rpm\n \n Sources:\n \n openSUSE 11.0:\n http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm\n \n openSUSE 10.3:\n http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm\n \n openSUSE 10.2:\n ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/net-snmp-5.4.rc2-8.src.rpm\n \n Our maintenance customers are notified individually. The packages are\n offered for installation from the maintenance web:\n \n Open Enterprise Server\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n Novell Linux POS 9\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n Novell Linux Desktop 9\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SUSE Linux Enterprise Server 10 SP1\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SUSE Linux Enterprise Server 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SLE SDK 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SLE SDK 10 SP1\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SUSE Linux Enterprise Desktop 10 SP1\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SUSE Linux Enterprise Desktop 10 SP2\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n \n SUSE SLES 9\n http://download.novell.com/index.jsp?search=Search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n - viewvc/subversion\n This update of subversion fixes multiple vulnerabilities. \n - CVE-2008-1290: list CVS or SVN commits on \"all-forbidden\" files\n - CVE-2008-1291: directly access hidden CVSROOT folders\n - CVE-2008-1292: expose restricted content via the revision view,\n the log history, or the diff view\n\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n - Announcement authenticity verification:\n\n SUSE security announcements are published via mailing lists and on Web\n sites. The authenticity and integrity of a SUSE security announcement is\n guaranteed by a cryptographic signature in each announcement. All SUSE\n security announcements are published with a valid signature. \n\n To verify the signature of the announcement, save it as text into a file\n and run the command\n\n gpg --verify \u003cfile\u003e\n\n replacing \u003cfile\u003e with the name of the file where you saved the\n announcement. The output for a valid signature looks like:\n\n gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n where \u003cDATE\u003e is replaced by the date the document was signed. \n\n If the security team\u0027s key is not contained in your key ring, you can\n import it from the first installation CD. To import the key, use the\n command\n\n gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror FTP servers all over the\n world. While this service is considered valuable and important to the free\n and open source software community, the authenticity and the integrity of\n a package needs to be verified to ensure that it has not been tampered\n with. \n\n The internal rpm package signatures provide an easy way to verify the\n authenticity of an RPM package. Use the command\n\n rpm -v --checksig \u003cfile.rpm\u003e\n\n to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n filename of the RPM package downloaded. The package is unmodified if it\n contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n This key is automatically imported into the RPM database (on\n RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n installation. You can also find it on the first installation CD and at\n the end of this announcement. \n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n opensuse-security@opensuse.org\n - General Linux and SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n opensuse-security-announce@opensuse.org\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an e-mail to\n \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular, the\n clear text signature should show proof of the authenticity of the text. \n\n SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n with respect to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n- -----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.2 (GNU/Linux)\n\nmQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA\nBqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz\nJR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh\n1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U\nP7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+\ncZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg\nVGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b\nyHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7\ntQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ\nxG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63\nOm8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo\nchoXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI\nBkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u\nv/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+\nx9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0\nIx30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq\nMkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2\nsaqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o\nL0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU\nF7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS\nFQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW\ntp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It\nKlj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF\nAjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+\n3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk\nYS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP\n+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR\n8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U\n8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S\ncZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh\nELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB\nUVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo\nAqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n\nKFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi\nBBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro\nnIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg\nKL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx\nyoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn\nB/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV\nwM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh\nUzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF\n5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3\nD3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu\nzgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd\n9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi\na5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13\nCNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp\n271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE\nt5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG\nB/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw\nrbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt\nIJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL\nrWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H\nRKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa\ng8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA\nCspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO\n=ypVs\n- -----END PGP PUBLIC KEY BLOCK-----\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSJL0gHey5gA9JdPZAQI4IAf7BPqInfbAyzZObcX2vGZM0svDKclNQMAO\n1tTE0O3Te0EYLOnkfEisqNe9AOioSUQqeWu7ud5Y8L5zVysmcGe3/Lg0Vqmie/he\nWJXCJtkvaPOcp7p/GcnWQByQ4T1cQ4+QoLhwg2+RpyAABn/7ZWBz+uG91134kOql\nJabvxLI05Le++uwFfJ0YEefkSzik9sMVz4Dk4eVJglMm6nioHnx6K6ZrR0+0HBRR\nz2Rczq0M3gYplfWpgydgtlFH4dhkXlhfuladf93Aagf6QWerwvxTEld7ti+Sx3dU\nuInx4nkLJHLeu1f/XD4i7ZpZ0DtBz0F9wWJFGmy2cXxW0Xnhtwdbnw==\n=QwLq\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ===========================================================\nUbuntu Security Notice USN-685-1 December 03, 2008\nnet-snmp vulnerabilities\nCVE-2008-0960, CVE-2008-2292, CVE-2008-4309\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.10\nUbuntu 8.04 LTS\nUbuntu 8.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libsnmp-perl 5.2.1.2-4ubuntu2.3\n libsnmp9 5.2.1.2-4ubuntu2.3\n\nUbuntu 7.10:\n libsnmp-perl 5.3.1-6ubuntu2.2\n libsnmp10 5.3.1-6ubuntu2.2\n\nUbuntu 8.04 LTS:\n libsnmp-perl 5.4.1~dfsg-4ubuntu4.2\n libsnmp15 5.4.1~dfsg-4ubuntu4.2\n\nUbuntu 8.10:\n libsnmp15 5.4.1~dfsg-7.1ubuntu6.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nWes Hardaker discovered that the SNMP service did not correctly validate\nHMAC authentication requests. An unauthenticated remote attacker\ncould send specially crafted SNMPv3 traffic with a valid username\nand gain access to the user\u0027s views without a valid authentication\npassphrase. (CVE-2008-0960)\n\nJohn Kortink discovered that the Net-SNMP Perl module did not correctly\ncheck the size of returned values. If a user or automated system were\ntricked into querying a malicious SNMP server, the application using\nthe Perl module could be made to crash, leading to a denial of service. \nThis did not affect Ubuntu 8.10. (CVE-2008-2292)\n\nIt was discovered that the SNMP service did not correctly handle large\nGETBULK requests. If an unauthenticated remote attacker sent a specially\ncrafted request, the SNMP service could be made to crash, leading to a\ndenial of service. (CVE-2008-4309)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz\n Size/MD5: 75402 9655d984a47cec8e27efa4db0b227870\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc\n Size/MD5: 838 17a17230a005c1acfd0569757e728fad\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz\n Size/MD5: 3869893 34159770a7fe418d99fdd416a75358b1\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb\n Size/MD5: 1152306 f7647cee4df8db87ab48c0d05635a973\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb\n Size/MD5: 822946 b9b852c188937d1fffc06d4da01325d5\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb\n Size/MD5: 896620 a78012b3f0f13667081f97dc1a4d62e8\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb\n Size/MD5: 1497194 7d55b8d1e4ae0c45753bedcf536a1a5a\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb\n Size/MD5: 1826252 0550c1401f9bbe5f345fd96484ed369c\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb\n Size/MD5: 889330 5ad0ddb2c610973166e4dd07769ba3d3\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb\n Size/MD5: 797086 18cf4210342b683d3ee24fe995329b55\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb\n Size/MD5: 896880 298d27ea1ece6e80bb8931b9a5e61961\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb\n Size/MD5: 1268472 acbca43ab7ea747fa3e4636d15ef997c\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb\n Size/MD5: 1710342 bd27290685bcf1d6a23eb8705d3367e7\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb\n Size/MD5: 881838 58121bd9e4c845da7df4e540645e0e13\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb\n Size/MD5: 794672 221d1c554bd89f50dc3ac9108a6cef6b\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb\n Size/MD5: 913064 45a033b01c4b31ef90a92988bb5fb229\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb\n Size/MD5: 1590124 b62aa5477d9307d311c811298b7ec3d9\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb\n Size/MD5: 1728094 5214ce9aebe3a8d7a28a1746a81ce8ea\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb\n Size/MD5: 898580 86e6c1b5dfb5bf91f63d7c6786b7abae\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb\n Size/MD5: 796092 1bab28407224f782b2c3ae04b4647333\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb\n Size/MD5: 896832 3d233db9682d5654fdad6bc6b5a649ba\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb\n Size/MD5: 1485268 064304ead0ca4653136376e8e9039e74\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb\n Size/MD5: 1706490 cb76027eb8167e0866a81b93a4da28ed\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb\n Size/MD5: 883182 d1ffc12427d92be51efdba3349e74f9a\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb\n Size/MD5: 796374 0f3f749ebe4af6111fe49316639004e4\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz\n Size/MD5: 94646 8b6f9380d9f8c5514a1d4db729c6df04\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc\n Size/MD5: 1287 f53866efd3ae4f3c939a77b1005e1f11\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz\n Size/MD5: 4210843 360a9783dbc853bab6bda90d961daee5\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb\n Size/MD5: 484306 f2d03276d1cdcef7e8b276ad8ca9595d\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb\n Size/MD5: 901284 6889b371d4de92eb61bf83b89d8a8c37\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb\n Size/MD5: 2541692 1e6de4bd3c3baa444a2e1980a593a40e\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb\n Size/MD5: 968940 7efe4bdcb99f311f1c4bb2c3b9d24a4e\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb\n Size/MD5: 1200930 821861c24499cfdfa2a82c329c610c16\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb\n Size/MD5: 996572 00cc1a4c8c7924124984e666563e73d0\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb\n Size/MD5: 908792 a40763280a3bdbe60eca5e07c5d6c30c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb\n Size/MD5: 2321524 59d44616802197e1227cf88abddefe36\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb\n Size/MD5: 967106 a6e5b308d889bdf6f5abe454e35ba474\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb\n Size/MD5: 1124462 ec99daa26d0fafba6e9f0b874a23bf3d\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb\n Size/MD5: 991956 cb20b6a4d68a858ffa0846431169d411\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb\n Size/MD5: 907546 1ab5119e23a16e99203c113d49fc2723\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb\n Size/MD5: 2305548 da57690a3327196e0c3684735be23f2e\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb\n Size/MD5: 968984 8da336a5fd871be10e6b8d66d3b9c9d3\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb\n Size/MD5: 1074500 e4d6690a6a6a543fc0244a29cd350c9b\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb\n Size/MD5: 989566 2d2f4b1662e6a2dffafe8e98f00a15e7\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb\n Size/MD5: 907596 4274e006754ebc836132166e0f0429a0\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb\n Size/MD5: 2641202 9b2ec56463ee715752b780aa332d8cd0\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb\n Size/MD5: 985722 a2fca8426b7b51e98c39b91a468bf71f\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb\n Size/MD5: 1154496 6073239f7ffead2a5b9c3357ada1602c\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb\n Size/MD5: 1018596 af12cc55597a0d2d3a92b4b5d683bb14\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb\n Size/MD5: 911866 57e2246930e712bdc1b039840d43af48\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb\n Size/MD5: 2527568 19b1a0971259a9b99f9c0386f5935bfc\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb\n Size/MD5: 970264 d8ae7f0bb10375ad487b14ba031cd013\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb\n Size/MD5: 1078842 2401fc4c40352b8c8013e8c5de3b0ecd\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb\n Size/MD5: 995228 16b230d3c718d8eb4a023126bd09d7f5\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb\n Size/MD5: 908708 1e410a8ddac41ad9faec901c5a638f29\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz\n Size/MD5: 78642 b4acf50e47be498e579b934f32081d25\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc\n Size/MD5: 1447 0abcea5df87851df2aae7ebd1fc00e7a\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz\n Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb\n Size/MD5: 526864 f3a131bf5a4f5c547573430cb66d410c\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb\n Size/MD5: 102072 2f276f50efdb7e34f7e61f132f7f7cd7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 1796950 283c5a95206ab74062e0e30eba4e0890\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 142522 9fff294368a7eac39e37fa478ac6609d\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 1296694 d0646a1543c51f14a93b40f972bc1569\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 163178 0378a25e3b2a0bc80ddb8ec720b5557d\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 75960 fcba461f2e2376cad515329791e04a17\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb\n Size/MD5: 38512 21d9ecbc86a8e5965047d027e94fd324\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 1556806 39e4f63b841c4b36c022017d66c12f58\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 179478 5f08596ae997792920e238ff8cd2a7ba\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 1098794 38bc61a5b403fb4f626a641a5f13e681\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 157954 66e38c37639f3c68e7e4a933fa953ff3\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 74116 50b3a4d0cfd38585d2711d30cf725e9d\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb\n Size/MD5: 75038 98cdeec4b1014568b00107a82fc74418\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 1552018 d9dcab084f3b9bf3e8c36cb5db8f141e\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 141508 96061180809cccc975e0d7079e07ed3e\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 1171530 2d91048fe0a2ac9e3a4fddb84c67513e\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 155564 c67ba3aeb2535ee3e7fc4c89e90ba36a\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 74274 db05202893f516398bbe4e2153ef2d6e\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb\n Size/MD5: 35552 a75caf212ffb5a0eafe4ba2656c9aae1\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 1874428 0ed8b5f4e6bad74d506d73447de00bd2\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 158374 dfcd7c4455b4bbd3f746368058d09a59\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 1238226 b5b3a81e956cdb14674d571694d1b6d0\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 185314 5e9d8bd56493f75ae8a8691c530aa420\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 83106 75dea32ec7152b7868fabf09d9d5a198\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb\n Size/MD5: 42928 214fe703fced2e387b48b51dcbb1d6b7\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 1760062 ade4c08289d947d092a5b2ab06517cc7\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 143860 62b7260d618531b0ed5e7871ab7b99a9\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 1159702 28ea81660bbdd9d7982be58d225e8814\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 160236 196e493ce73905446a3764e73b99f332\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 75518 f24e4b0e3e4a7d97c28da99cdc0a47a5\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb\n Size/MD5: 38240 873f5e820e381ec2254ed520bcd09af0\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz\n Size/MD5: 82260 85fb58aa81933f142bd937bca2e18341\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc\n Size/MD5: 1956 1ee06f6b731eae435af6a2d438ef909b\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz\n Size/MD5: 4618308 0ef987c41d3414f2048c94d187a2baeb\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb\n Size/MD5: 527650 9c56f3d70018b714895a61c0daba9498\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb\n Size/MD5: 103060 108eb50387ca46b4ee38ebb8722ced88\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 1815638 82385081fe2d4eeb1a6c94f9dae672ad\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 146154 1b6249e02e89213f2f4d2aa9c9123420\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 1315628 8443e091f2c63485a422236ad23e55cd\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 165522 154a05824b98e041ceac60ac83709ef4\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 77914 8d6e328f309e78bf1fcf21c2633d82ec\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb\n Size/MD5: 39930 6b7a1a67ca63b5c843ce66f3547b3c89\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 1569568 dd0599b150eccee9889325d17a7b0769\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 184264 52a54aebef81648164a5bc90f27b0cc5\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 1119072 10c81fe283b25e7ad31fcfd88a2325f0\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 156112 6296f0836bc9797ff48810c79965c3a5\n http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 74476 bd96a6915eb97fed083aac4daa5f07cf\n http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb\n Size/MD5: 77652 3e30e51c362dfa982a3b3197be081328\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 1557614 065f4575c7a2d257fa6b5b9d0cee454f\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 144292 b55f2c4aff8a86499d7f38fd6e773f44\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 1184272 84116fefdce279ce338ffc9614384c06\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 154444 ffe9e765a01695355bdb58008a2910f5\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 73746 762e75672fbd395d2d159513f5d572b0\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb\n Size/MD5: 36530 0a98b51b94a5f75d4131d657aa766579\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 1884632 a3ad023841ee605efa1e055712b44d9a\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 161074 5586adea8200d2d5bf81f288b5bf7be2\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 1249636 48ec688499fea1dc0ccb3091c0158fb8\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 181952 8ef5f6b9b6c6b8e4fcd5cb37147304a2\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 81802 965218126fb5a49cfcd9e20afeb49782\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb\n Size/MD5: 43048 09f2f9ed9f519ca5723411802e46d48b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 1759316 46455cc355c1b808243eada0f134d00b\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 145164 2cdb5b35db853c7c184a44022fc23cd8\n http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 1159834 cfff424e5bff38bb3ef9419f03465388\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 163042 354f7a5423a34c411c5f8620c66d3e58\n http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 76994 ca11bcf9a411f618e35e1d6b6ab8c8f9\n http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb\n Size/MD5: 38526 172493ec5df1866e2633e074c7f38775\n\n. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 8db66ef5a5468d3fd72a47855230a28e 2007.1/i586/libnet-snmp10-5.3.1-3.2mdv2007.1.i586.rpm\n c951b17138ef11828b2ccf031d4cddaf 2007.1/i586/libnet-snmp10-devel-5.3.1-3.2mdv2007.1.i586.rpm\n 536a87919f32fac81964d0a907bf08fe 2007.1/i586/libnet-snmp10-static-devel-5.3.1-3.2mdv2007.1.i586.rpm\n 39e33947c21666dac5dbe5cfe103b26d 2007.1/i586/net-snmp-5.3.1-3.2mdv2007.1.i586.rpm\n 1eed5ebaff8f6f83befbf8d831900073 2007.1/i586/net-snmp-mibs-5.3.1-3.2mdv2007.1.i586.rpm\n 874db03c69584025e4d91049072d3c4e 2007.1/i586/net-snmp-trapd-5.3.1-3.2mdv2007.1.i586.rpm\n 11af93c879d8cd9353b7cb1826900222 2007.1/i586/net-snmp-utils-5.3.1-3.2mdv2007.1.i586.rpm\n 2c9e819eeb5fd472f6a0fe338d86182b 2007.1/i586/perl-NetSNMP-5.3.1-3.2mdv2007.1.i586.rpm \n 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n aa27de502ce22110fd745c0b847b79d9 2007.1/x86_64/lib64net-snmp10-5.3.1-3.2mdv2007.1.x86_64.rpm\n 1843dd154c443cca9ae977e502221d6d 2007.1/x86_64/lib64net-snmp10-devel-5.3.1-3.2mdv2007.1.x86_64.rpm\n 838bd7820d446bd947bc46e090b38066 2007.1/x86_64/lib64net-snmp10-static-devel-5.3.1-3.2mdv2007.1.x86_64.rpm\n e659d3df04816330c7bf45008f66bc27 2007.1/x86_64/net-snmp-5.3.1-3.2mdv2007.1.x86_64.rpm\n 756d5606a1039d20a7512b0a109d53bb 2007.1/x86_64/net-snmp-mibs-5.3.1-3.2mdv2007.1.x86_64.rpm\n 8ad36943e07362865f3a48c99914e48c 2007.1/x86_64/net-snmp-trapd-5.3.1-3.2mdv2007.1.x86_64.rpm\n 483140c06017507127d12357c3ed2b41 2007.1/x86_64/net-snmp-utils-5.3.1-3.2mdv2007.1.x86_64.rpm\n e2bb901815ffa1ca5b0a16bc1363f84f 2007.1/x86_64/perl-NetSNMP-5.3.1-3.2mdv2007.1.x86_64.rpm \n 7a0806202ff8f3d838fa7958b636a449 2007.1/SRPMS/net-snmp-5.3.1-3.2mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 8de3c4975620db2b2c2697d6f9deb79b 2008.0/i586/libnet-snmp15-5.4.1-1.1mdv2008.0.i586.rpm\n b1991c58d996f4be200fe141e28c5f7d 2008.0/i586/libnet-snmp-devel-5.4.1-1.1mdv2008.0.i586.rpm\n 03c54182cc7f97633f29ff0251a8c898 2008.0/i586/libnet-snmp-static-devel-5.4.1-1.1mdv2008.0.i586.rpm\n 1f792de19b7b38b56d68242958d5d800 2008.0/i586/net-snmp-5.4.1-1.1mdv2008.0.i586.rpm\n e3362a641e232a6ecf0b8230f0e49ec8 2008.0/i586/net-snmp-mibs-5.4.1-1.1mdv2008.0.i586.rpm\n bc6d8c10135ea64a4d512d80d04b1b39 2008.0/i586/net-snmp-trapd-5.4.1-1.1mdv2008.0.i586.rpm\n 8e7f28ee85fb48129eea57d11d391c8b 2008.0/i586/net-snmp-utils-5.4.1-1.1mdv2008.0.i586.rpm\n beab129e378f61a6bf62d366a4d90639 2008.0/i586/perl-NetSNMP-5.4.1-1.1mdv2008.0.i586.rpm \n 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 82b570c9cb7e0662df4d7da730c131db 2008.0/x86_64/lib64net-snmp15-5.4.1-1.1mdv2008.0.x86_64.rpm\n 20b8a6e3fc8dd82fe5ecfdb337553938 2008.0/x86_64/lib64net-snmp-devel-5.4.1-1.1mdv2008.0.x86_64.rpm\n 555688caa0eee850b3a5f835a5778849 2008.0/x86_64/lib64net-snmp-static-devel-5.4.1-1.1mdv2008.0.x86_64.rpm\n 60d65f80aec29dcb6d4ceb4bb117a9bc 2008.0/x86_64/net-snmp-5.4.1-1.1mdv2008.0.x86_64.rpm\n 685c9dd25b585afc128de1b3c092e5d5 2008.0/x86_64/net-snmp-mibs-5.4.1-1.1mdv2008.0.x86_64.rpm\n 7bff860904572c092f737ac17940d5b2 2008.0/x86_64/net-snmp-trapd-5.4.1-1.1mdv2008.0.x86_64.rpm\n e434686bddfb04f2a8bd01346517ecb4 2008.0/x86_64/net-snmp-utils-5.4.1-1.1mdv2008.0.x86_64.rpm\n 4fab6e498e1f05809db500ce895aad66 2008.0/x86_64/perl-NetSNMP-5.4.1-1.1mdv2008.0.x86_64.rpm \n 3fce488df784163f19e6a55061d773ca 2008.0/SRPMS/net-snmp-5.4.1-1.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 4bafceae1a29f6557b5aa884eca24ba0 2008.1/i586/libnet-snmp15-5.4.1-5.1mdv2008.1.i586.rpm\n 1eedbae5df7e503de1cba736129beaa1 2008.1/i586/libnet-snmp-devel-5.4.1-5.1mdv2008.1.i586.rpm\n 615a88847cbf1ce6eaf0029037a14b1b 2008.1/i586/libnet-snmp-static-devel-5.4.1-5.1mdv2008.1.i586.rpm\n 7323cb7d35eb67664d40ad73b413679d 2008.1/i586/net-snmp-5.4.1-5.1mdv2008.1.i586.rpm\n d43ed96a806639a94af2a137c75e276e 2008.1/i586/net-snmp-mibs-5.4.1-5.1mdv2008.1.i586.rpm\n 7394b1361b43056b5eb99827771358cf 2008.1/i586/net-snmp-tkmib-5.4.1-5.1mdv2008.1.i586.rpm\n 8d6fd9308c2edbe8c020d2c33b3a841d 2008.1/i586/net-snmp-trapd-5.4.1-5.1mdv2008.1.i586.rpm\n dc58047a02e1a222af20aa794ea8f447 2008.1/i586/net-snmp-utils-5.4.1-5.1mdv2008.1.i586.rpm\n 2ad9888cd61fc4952c1cee0c48f714b5 2008.1/i586/perl-NetSNMP-5.4.1-5.1mdv2008.1.i586.rpm \n 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 618c241e0ecb57685646264c9bb083b4 2008.1/x86_64/lib64net-snmp15-5.4.1-5.1mdv2008.1.x86_64.rpm\n bb0ebf49ee7cca29965aeb398f4725f6 2008.1/x86_64/lib64net-snmp-devel-5.4.1-5.1mdv2008.1.x86_64.rpm\n b4f29f00773291f6cc00784ed7cde470 2008.1/x86_64/lib64net-snmp-static-devel-5.4.1-5.1mdv2008.1.x86_64.rpm\n 3039811b6682dc4009b32ff48a99eb2b 2008.1/x86_64/net-snmp-5.4.1-5.1mdv2008.1.x86_64.rpm\n fab09178635501eb5d6a82eb7bd532a3 2008.1/x86_64/net-snmp-mibs-5.4.1-5.1mdv2008.1.x86_64.rpm\n da29d4c7edaa15d95f8bee98dbfab025 2008.1/x86_64/net-snmp-tkmib-5.4.1-5.1mdv2008.1.x86_64.rpm\n d9aad834d82d310c64f6f21e17a55920 2008.1/x86_64/net-snmp-trapd-5.4.1-5.1mdv2008.1.x86_64.rpm\n 7a7c871bd87dc91c16b046ac115cda70 2008.1/x86_64/net-snmp-utils-5.4.1-5.1mdv2008.1.x86_64.rpm\n d102ea2af0fcaaebd98defda72bcfc91 2008.1/x86_64/perl-NetSNMP-5.4.1-5.1mdv2008.1.x86_64.rpm \n 7a19c1f8d42052af6392b18b48bd965c 2008.1/SRPMS/net-snmp-5.4.1-5.1mdv2008.1.src.rpm\n\n Corporate 3.0:\n 335af3930865c8eb44ef436cad5fb373 corporate/3.0/i586/libnet-snmp5-5.1-7.4.C30mdk.i586.rpm\n b8e1d307ee6fa3905d292077fc063318 corporate/3.0/i586/libnet-snmp5-devel-5.1-7.4.C30mdk.i586.rpm\n a668cc4de411865567d1a93f34cee1e3 corporate/3.0/i586/libnet-snmp5-static-devel-5.1-7.4.C30mdk.i586.rpm\n d8c0d342b03e5719443d2de06c631bd5 corporate/3.0/i586/libsnmp0-4.2.3-8.2.C30mdk.i586.rpm\n 6bbe3bb2502ce3c974f7b5737331bb4d corporate/3.0/i586/libsnmp0-devel-4.2.3-8.2.C30mdk.i586.rpm\n daca10f2e578f75c1e7415d78ed30265 corporate/3.0/i586/net-snmp-5.1-7.4.C30mdk.i586.rpm\n 1630ebd75201e1bc3956b12a26282f92 corporate/3.0/i586/net-snmp-mibs-5.1-7.4.C30mdk.i586.rpm\n 5a4f483c877a6278088a265cb3273d61 corporate/3.0/i586/net-snmp-trapd-5.1-7.4.C30mdk.i586.rpm\n 316d866de7fa7cd984d58f5cb742f5e3 corporate/3.0/i586/net-snmp-utils-5.1-7.4.C30mdk.i586.rpm\n e3d4197517565f12e2c3a8fd1cc5d2e7 corporate/3.0/i586/ucd-snmp-4.2.3-8.2.C30mdk.i586.rpm\n 17e8d856fd1dac18552818a842105c88 corporate/3.0/i586/ucd-snmp-utils-4.2.3-8.2.C30mdk.i586.rpm \n ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm\n 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n b31f277942fca76d953007c94a60cae2 corporate/3.0/x86_64/lib64net-snmp5-5.1-7.4.C30mdk.x86_64.rpm\n e4a3fba10ccdd805dc8783ae68c99a42 corporate/3.0/x86_64/lib64net-snmp5-devel-5.1-7.4.C30mdk.x86_64.rpm\n 530a94cc87af0e4d6e9f3815473c0dd4 corporate/3.0/x86_64/lib64net-snmp5-static-devel-5.1-7.4.C30mdk.x86_64.rpm\n f246ca421b5d16c599d53f70e4b97660 corporate/3.0/x86_64/lib64snmp0-4.2.3-8.2.C30mdk.x86_64.rpm\n b943e07726a2fecb016ef4ba626906d8 corporate/3.0/x86_64/lib64snmp0-devel-4.2.3-8.2.C30mdk.x86_64.rpm\n 22822876f72e35cf6d1ed027df93e74a corporate/3.0/x86_64/net-snmp-5.1-7.4.C30mdk.x86_64.rpm\n e7e51782b9bbd1e1bdf93c17fb953280 corporate/3.0/x86_64/net-snmp-mibs-5.1-7.4.C30mdk.x86_64.rpm\n e67a9105f9492c020693d48ce55652ea corporate/3.0/x86_64/net-snmp-trapd-5.1-7.4.C30mdk.x86_64.rpm\n 171a17e507b2dfdb9c70c0089e582221 corporate/3.0/x86_64/net-snmp-utils-5.1-7.4.C30mdk.x86_64.rpm\n 96886146d21175b076e92d59e96f5016 corporate/3.0/x86_64/ucd-snmp-4.2.3-8.2.C30mdk.x86_64.rpm\n 1b6ee4c253f15be516a1928a4f791f15 corporate/3.0/x86_64/ucd-snmp-utils-4.2.3-8.2.C30mdk.x86_64.rpm \n ccaa4d311ad0e5d119e17b1f1876c7e2 corporate/3.0/SRPMS/net-snmp-5.1-7.4.C30mdk.src.rpm\n 53e16d2069cffb7e7d1e7a324192d5c2 corporate/3.0/SRPMS/ucd-snmp-4.2.3-8.2.C30mdk.src.rpm\n\n Corporate 4.0:\n 6cbe9d76db3b05c2435bcbc5cf16c898 corporate/4.0/i586/libnet-snmp5-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 586a55cfde45020d5ea0ebf5f2d6c840 corporate/4.0/i586/libnet-snmp5-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm\n d992d8300cf0639942a179349d592e15 corporate/4.0/i586/libnet-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 03a49b848c376b705dcfcef0ec817daf corporate/4.0/i586/net-snmp-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 22b9d01b3b7a8a34ed3e1a5a435286a8 corporate/4.0/i586/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.i586.rpm\n dccc01a94c1f29eac2875e6a935bf589 corporate/4.0/i586/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 77f93230f96abce039b52ca5612eaa36 corporate/4.0/i586/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.i586.rpm\n 8a7209b70979c9d73035ff40cbd8dbb4 corporate/4.0/i586/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.i586.rpm \n ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f94c7e967973ba8aa12b5605251d6e78 corporate/4.0/x86_64/lib64net-snmp5-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n f332985986eff2d6c8a75b5c263dedb1 corporate/4.0/x86_64/lib64net-snmp5-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 82fc454916e75866370ee738292021c8 corporate/4.0/x86_64/lib64net-snmp5-static-devel-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n ff0adeb23df57eb34869c7100df159da corporate/4.0/x86_64/net-snmp-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 72f2dc9cb1695999660a9ff9c97e4c47 corporate/4.0/x86_64/net-snmp-mibs-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 0f244551c87e051a8274e5050cf0bc2a corporate/4.0/x86_64/net-snmp-trapd-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 7c4e7fb304c77c6551a50495d338e84e corporate/4.0/x86_64/net-snmp-utils-5.2.1.2-5.2.20060mlcs4.x86_64.rpm\n 68d81ca4c173710ef43b36092df2a6ee corporate/4.0/x86_64/perl-NetSNMP-5.2.1.2-5.2.20060mlcs4.x86_64.rpm \n ac919459a8752cddfd441c085ca69117 corporate/4.0/SRPMS/net-snmp-5.2.1.2-5.2.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n f98286a301d580fe306917cf0169ef88 mnf/2.0/i586/libnet-snmp5-5.1-7.4.M20mdk.i586.rpm \n 3ba27516773b1dd933828207cecc7754 mnf/2.0/SRPMS/net-snmp-5.1-7.4.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0960"
},
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "BID",
"id": "29623"
},
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "PACKETSTORM",
"id": "71406"
},
{
"db": "PACKETSTORM",
"id": "68866"
},
{
"db": "PACKETSTORM",
"id": "68741"
},
{
"db": "PACKETSTORM",
"id": "72606"
},
{
"db": "PACKETSTORM",
"id": "67532"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31085",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=5790",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#878044",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2008-0960",
"trust": 3.4
},
{
"db": "OCERT",
"id": "OCERT-2008-006",
"trust": 2.9
},
{
"db": "BID",
"id": "29623",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "30574",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA08-162A",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "30665",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2971",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1788",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1787",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1836",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1800",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-1612",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1797",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1801",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-1981",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2361",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "5790",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "32664",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "35463",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33003",
"trust": 1.8
},
{
"db": "SREASON",
"id": "3933",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2008/06/09/1",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020218",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30802",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30626",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "31334",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30612",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30615",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "31568",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "31351",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30648",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "31467",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30647",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "30596",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20081031 VMSA-2008-0017 UPDATED ESX PACKAGES FOR LIBXML2, UCD-SNMP, LIBTIFF",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080609 [OCERT-2008-006] MULTIPLE SNMP IMPLEMENTATIONS HMAC AUTHENTICATION SPOOFING",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2008:0529",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDVSA-2008:118",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "5790",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-5218",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-5215",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2008-5224",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "238865",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20080609 [OCERT-2008-006] MULTIPLE SNMP IMPLEMENTATIONS HMAC AUTHENTICATION SPOOFING",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA08-162A",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-685-1",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1663",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20080610 SNMP VERSION 3 AUTHENTICATION VULNERABILITIES",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200808-02",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "67532",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68741",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68866",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "72606",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "67160",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67231",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "71748",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31085",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-0960",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "71406",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "BID",
"id": "29623"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "PACKETSTORM",
"id": "71406"
},
{
"db": "PACKETSTORM",
"id": "68866"
},
{
"db": "PACKETSTORM",
"id": "68741"
},
{
"db": "PACKETSTORM",
"id": "72606"
},
{
"db": "PACKETSTORM",
"id": "67532"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"id": "VAR-200806-0575",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31085"
}
],
"trust": 0.61355825
},
"last_update_date": "2024-07-23T22:03:53.151000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2008-004",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht2163"
},
{
"title": "net-snmp-5.3.1-19.1.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=146"
},
{
"title": "cisco-sa-20080610-snmpv3",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"title": "1291",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1291"
},
{
"title": "1328",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1328"
},
{
"title": "NV08-007",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv08-007.html"
},
{
"title": "Fixes VU#878044 and CVE-2008-0960",
"trust": 0.8,
"url": "https://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"title": "RHSA-2008:0528",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0528.html"
},
{
"title": "RHSA-2008:0529",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0529.html"
},
{
"title": "Net-SNMP SNMPv3 USM \u8a8d\u8a3c\u51e6\u7406\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.seil.jp/seilseries/security/2008/06111446.php"
},
{
"title": "238865",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1"
},
{
"title": "snmp_12",
"trust": 0.8,
"url": "http://fenics.fujitsu.com/products/support/2008/snmp_12.html"
},
{
"title": "SNMPv3\u306b\u95a2\u3059\u308b\u8a8d\u8a3c\u56de\u907f\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20080924.html"
},
{
"title": "AX-VU2008-02",
"trust": 0.8,
"url": "http://www.alaxala.com/jp/support/security/20080630.html"
},
{
"title": "RHSA-2008:0528",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0528j.html"
},
{
"title": "RHSA-2008:0529",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0529j.html"
},
{
"title": "YSAR-15-0002: Vnet/IP\u7528\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u30a4\u30c3\u30c1\u306bSNMPv3\u8a8d\u8a3c\u8fc2\u56de\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm"
},
{
"title": "SNMPv3",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/network/notice/snmpv3.html"
},
{
"title": "TA08-162A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-162a.html"
},
{
"title": "Debian CVElist Bug Report Logs: net-snmp: CVE-2008-0960 spoofing of authenticated SNMPv3 packets because only length of HMAC code is is taken into account for checks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a8541a6f686f7cf0c507fc152f31fed3"
},
{
"title": "Cisco: SNMP Version 3 Authentication Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20080610-snmpv3"
},
{
"title": "Ubuntu Security Notice: net-snmp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-685-1"
},
{
"title": "Debian Security Advisories: DSA-1663-1 net-snmp -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=61d231c8116737565b9155223d52d04c"
},
{
"title": "VMware Security Advisories: Updated ESX packages for libxml2, ucd-snmp, libtiff",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4b3f89e87c3a2b8f6ca491f31d73afa9"
},
{
"title": "VMware Security Advisories: Updated ESX packages for OpenSSL, net-snmp, perl",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=66428db28c8b0a38eb32535e5949367a"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"trust": 2.9,
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"trust": 2.6,
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/29623"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-162a.html"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"trust": 2.1,
"url": "http://support.apple.com/kb/ht2163"
},
{
"trust": 2.1,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-282.htm"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ets5z"
},
{
"trust": 2.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"trust": 1.9,
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/ctar-7fbs8q"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ets87"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0013.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00363.html"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00459.html"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-june/msg00380.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:118"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0017.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0529.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020218"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/32664"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33003"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/35463"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/3933"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"trust": 1.7,
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/30574/"
},
{
"trust": 1.5,
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"trust": 1.5,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0528.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2008//jun/msg00002.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10820"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5785"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6414"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30574"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30596"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30612"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30615"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30626"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30647"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30648"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30665"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30802"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/31334"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/31351"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/31467"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/31568"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0960"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/30665/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu878044/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-162a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-162a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0960"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/497962/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/493218/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/5790"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2971"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2361"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1981/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1836/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1801/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1800/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1797/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1788/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1787/references"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0960"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2292"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809adfc8.html"
},
{
"trust": 0.3,
"url": "http://www.net-snmp.org/"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote.php?ver=471"
},
{
"trust": 0.3,
"url": "/archive/1/493218"
},
{
"trust": 0.3,
"url": "/archive/1/493238"
},
{
"trust": 0.3,
"url": "/archive/1/493304"
},
{
"trust": 0.3,
"url": "/archive/1/495389"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-252.htm"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=766427"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=905600\u0026poid="
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0529.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238865-1"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2292"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026amp;aid=1989089\u0026amp;group_id=12694\u0026amp;atid=456380"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=127730470825399\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485945"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20080610-snmpv3"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/5790/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/685-1/"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-200810503-sg.zip"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3281"
},
{
"trust": 0.1,
"url": "http://vmware.com/support/esx25/doc/esx-255-200810-patch.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006968"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006971"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1006968.tgz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2327"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2327"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://vmware.com/support/esx25/doc/esx-254-200810-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3281"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/perl-snmp-5.4.1-19.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/src/net-snmp-5.4.1-77.2.src.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/libsnmp15-5.4.1-19.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-devel-5.4.1-19.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/libsnmp15-5.4.1-77.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/x86_64/net-snmp-32bit-5.4.1-77.2.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/perl-snmp-5.4.1-77.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/net-snmp-5.4.1-19.2.src.rpm"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://download.novell.com/index.jsp?search=search\u0026keywords=71093bdfd49361f6dbe32a8fde43b848"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-5.4.1-77.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/net-snmp-32bit-5.4.1-19.2.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/snmp-mibs-5.4.1-77.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/snmp-mibs-5.4.1-19.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/net-snmp-5.4.1-19.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://download.opensuse.org/pub/opensuse/update/11.0/rpm/i586/net-snmp-devel-5.4.1-77.2.i586.rpm"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-7.1ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.3.1-6ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.2.1.2-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-7.1ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9_5.2.1.2-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.3.1-6ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4309"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-base_5.4.1~dfsg-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.4.1~dfsg-7.1ubuntu6.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-7.1ubuntu6.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.3.1-6ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.4.1~dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.3.1-6ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-perl_5.3.1-6ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmp_5.4.1~dfsg-4ubuntu4.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-perl_5.2.1.2-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp10_5.3.1-6ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.2.1.2-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.2.1.2-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmpd_5.2.1.2-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.2.1.2-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/net-snmp_5.3.1-6ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp9-dev_5.2.1.2-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-7.1ubuntu6.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/snmpd_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/snmp_5.3.1-6ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/n/net-snmp/libsnmp-python_5.4.1~dfsg-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp15_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/n/net-snmp/tkmib_5.4.1~dfsg-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/n/net-snmp/libsnmp-dev_5.4.1~dfsg-7.1ubuntu6.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "BID",
"id": "29623"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "PACKETSTORM",
"id": "71406"
},
{
"db": "PACKETSTORM",
"id": "68866"
},
{
"db": "PACKETSTORM",
"id": "68741"
},
{
"db": "PACKETSTORM",
"id": "72606"
},
{
"db": "PACKETSTORM",
"id": "67532"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#878044"
},
{
"db": "VULHUB",
"id": "VHN-31085"
},
{
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"db": "BID",
"id": "29623"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"db": "PACKETSTORM",
"id": "71406"
},
{
"db": "PACKETSTORM",
"id": "68866"
},
{
"db": "PACKETSTORM",
"id": "68741"
},
{
"db": "PACKETSTORM",
"id": "72606"
},
{
"db": "PACKETSTORM",
"id": "67532"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-06-10T00:00:00",
"db": "CERT/CC",
"id": "VU#878044"
},
{
"date": "2008-06-10T00:00:00",
"db": "VULHUB",
"id": "VHN-31085"
},
{
"date": "2008-06-10T00:00:00",
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"date": "2008-06-10T00:00:00",
"db": "BID",
"id": "29623"
},
{
"date": "2008-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"date": "2008-10-31T18:41:56",
"db": "PACKETSTORM",
"id": "71406"
},
{
"date": "2008-08-06T21:36:36",
"db": "PACKETSTORM",
"id": "68866"
},
{
"date": "2008-08-01T20:22:12",
"db": "PACKETSTORM",
"id": "68741"
},
{
"date": "2008-12-04T02:50:13",
"db": "PACKETSTORM",
"id": "72606"
},
{
"date": "2008-06-21T01:10:58",
"db": "PACKETSTORM",
"id": "67532"
},
{
"date": "2008-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"date": "2008-06-10T18:32:00",
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-16T00:00:00",
"db": "CERT/CC",
"id": "VU#878044"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-31085"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2008-0960"
},
{
"date": "2015-04-13T22:21:00",
"db": "BID",
"id": "29623"
},
{
"date": "2016-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001431"
},
{
"date": "2011-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200806-140"
},
{
"date": "2018-10-30T16:25:36.577000",
"db": "NVD",
"id": "CVE-2008-0960"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "72606"
},
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SNMPv3 improper HMAC validation allows authentication bypass",
"sources": [
{
"db": "CERT/CC",
"id": "VU#878044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200806-140"
}
],
"trust": 0.6
}
}
VAR-200110-0192
Vulnerability from variot - Updated: 2024-07-23 21:57OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0192",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com\u203bVicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es\u203bAlexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200110-0192",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2024-07-23T21:57:58.746000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OOo_3.2.1_Win_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3189"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3193"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3192"
},
{
"title": "OOo_3.2.1_Linux_x86_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3191"
},
{
"title": "OOo_3.2.0_Solaris_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3195"
},
{
"title": "OOo_3.2.1_Linux_x86_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3190"
},
{
"title": "OOo_3.2.0_MacOS_x86_install_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3194"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
}
}
VAR-201711-0007
Vulnerability from variot - Updated: 2024-07-23 21:57A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. OpenSSL is prone to denial-of-service vulnerability. Successful exploitation of the issue will cause excessive memory or CPU resource consumption, resulting in a denial-of-service condition. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. The following versions are affected: OpenSSL version 0.9.8, version 1.0.1, versions 1.0.2 through 1.0.2h, version 1.1.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7 Advisory ID: RHSA-2017:1413-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2017:1413 Issue date: 2017-06-07 CVE Names: CVE-2016-0736 CVE-2016-2161 CVE-2016-6304 CVE-2016-7056 CVE-2016-8610 CVE-2016-8740 CVE-2016-8743 =====================================================================
- Summary:
An update is now available for Red Hat JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64
- Description:
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
-
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)
-
It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. (CVE-2016-0736)
-
It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. (CVE-2016-2161)
-
A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-8610)
-
It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)
-
A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth 1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS 1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2 1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto 1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest 1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 1412120 - CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery
- JIRA issues fixed (https://issues.jboss.org/):
JBCS-319 - Errata for httpd 2.4.23 SP1 RHEL 7
- Package List:
Red Hat JBoss Core Services on RHEL 7 Server:
Source: jbcs-httpd24-httpd-2.4.23-120.jbcs.el7.src.rpm jbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.src.rpm jbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.src.rpm
noarch: jbcs-httpd24-httpd-manual-2.4.23-120.jbcs.el7.noarch.rpm
ppc64: jbcs-httpd24-httpd-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-debuginfo-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-devel-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-libs-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-selinux-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-httpd-tools-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_ldap-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_proxy_html-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.1-19.GA.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_session-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-mod_ssl-2.4.23-120.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el7.ppc64.rpm jbcs-httpd24-openssl-static-1.0.2h-13.jbcs.el7.ppc64.rpm
x86_64: jbcs-httpd24-httpd-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-debuginfo-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-devel-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-libs-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-selinux-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-httpd-tools-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ldap-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_proxy_html-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.1-19.GA.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_session-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-mod_ssl-2.4.23-120.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el7.x86_64.rpm jbcs-httpd24-openssl-static-1.0.2h-13.jbcs.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-0736 https://access.redhat.com/security/cve/CVE-2016-2161 https://access.redhat.com/security/cve/CVE-2016-6304 https://access.redhat.com/security/cve/CVE-2016-7056 https://access.redhat.com/security/cve/CVE-2016-8610 https://access.redhat.com/security/cve/CVE-2016-8740 https://access.redhat.com/security/cve/CVE-2016-8743 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en/red-hat-jboss-core-services/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZOEFDXlSAg2UNWIIRAkmJAJ4vtOF2J+v5N45Dg4fckgqFa+L96wCfVBp2 JFT0GtD56HPD72nOXhIXyG8= =7n2G -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The updates are documented in the Release Notes document linked to in the References. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)
- A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. Solution:
Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).
The References section of this erratum contains a download link (you must log in to download the update).
This release includes bug fixes as well as a new release of OpenSSL. The JBoss server process must be restarted for the update to take effect. (CVE-2016-6304)
-
It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. (CVE-2016-8610)
-
Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. =========================================================================== Ubuntu Security Notice USN-3181-1 January 31, 2017
openssl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in OpenSSL. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were fixed in a previous security update. (CVE-2016-2177)
It was discovered that OpenSSL did not properly handle Montgomery multiplication, resulting in incorrect results leading to transient failures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-7056)
Shi Lei discovered that OpenSSL incorrectly handled certain warning alerts. (CVE-2016-8610)
Robert =C5=9Awi=C4=99cki discovered that OpenSSL incorrectly handled certain truncated packets. (CVE-2017-3731)
It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2017-3732)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: libssl1.0.0 1.0.2g-1ubuntu9.1
Ubuntu 16.04 LTS: libssl1.0.0 1.0.2g-1ubuntu4.6
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.22
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.39
After a standard system update you need to reboot your computer to make all the necessary changes
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 2.4,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 2.4,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.8,
"vendor": "openssl",
"version": "1.1.0"
},
{
"model": "pan-os",
"scope": "gte",
"trust": 1.0,
"vendor": "paloaltonetworks",
"version": "7.1.0"
},
{
"model": "m10-1",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "m10-4",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "m12-2",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "m12-2",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "communications analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "core rdbms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "18c"
},
{
"model": "m10-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.40"
},
{
"model": "communications ip service activator",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.3.4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "retail predictive application server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "16.0.3"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.6.0.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "communications ip service activator",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.4.0"
},
{
"model": "storagegrid",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "cn1610",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "core rdbms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.2.0.4"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0.0"
},
{
"model": "pan-os",
"scope": "lte",
"trust": 1.0,
"vendor": "paloaltonetworks",
"version": "7.0.15"
},
{
"model": "m12-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "oncommand balance",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m12-1",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "m12-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "m12-2s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "m12-2s",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "m10-4",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "m10-4",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "timesten in-memory database",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "18.1.4.1.0"
},
{
"model": "host agent",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m12-2s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m10-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.4.0"
},
{
"model": "application testing suite",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3.0.1"
},
{
"model": "core rdbms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "19c"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "pan-os",
"scope": "lte",
"trust": 1.0,
"vendor": "paloaltonetworks",
"version": "6.1.17"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "core rdbms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.0.2"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "ontap select deploy",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m12-2",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "goldengate application adapters",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.2.1.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2h"
},
{
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.0"
},
{
"model": "jd edwards enterpriseone tools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9.2"
},
{
"model": "data ontap edge",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m10-4s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2361"
},
{
"model": "m10-4s",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3000"
},
{
"model": "oncommand unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.56"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "m10-4s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3070"
},
{
"model": "snapcenter server",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.3.3"
},
{
"model": "retail predictive application server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "15.0.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "storagegrid webscale",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "smi-s provider",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "pan-os",
"scope": "lte",
"trust": 1.0,
"vendor": "paloaltonetworks",
"version": "7.1.10"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.3.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.57"
},
{
"model": "core rdbms",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.0.1"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.3.0.0"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.58"
},
{
"model": "adaptive access manager",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.2.3.0"
},
{
"model": "pan-os",
"scope": "gte",
"trust": 1.0,
"vendor": "paloaltonetworks",
"version": "7.0.0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.4.0"
},
{
"model": "snapdrive",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.2 to 1.0.2h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.2a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.2c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "1.0.2d"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "jboss web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss core services on rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "70"
},
{
"model": "jboss core services on rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "60"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.15"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.14"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.13"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.12"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.11"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.4"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.9"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.8"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.2h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "project openssl 0.9.8zh",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zg",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zf",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8ze",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zd",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zc",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8zb",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8za",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.4"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.3"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.8.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.6.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.6.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.3"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.2.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10.0"
},
{
"model": "netezza host management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.7"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.11"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "pan-os",
"scope": "ne",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "7.0.16"
},
{
"model": "project openssl 1.1.0b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.2j",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:direct for unix 4.1.0.4.ifix085",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netezza host management",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.4.9.0"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.11"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.14"
},
{
"model": "datapower gateways",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
}
],
"sources": [
{
"db": "BID",
"id": "93841"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.2h",
"versionStartIncluding": "1.0.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.40",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storagegrid_webscale:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:host_agent:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shi Lei from Gear Team, Qihoo 360 Inc.",
"sources": [
{
"db": "BID",
"id": "93841"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
}
],
"trust": 0.9
},
"cve": "CVE-2016-8610",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8610",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-97430",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8610",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-8610",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-726",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-97430",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-8610",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. OpenSSL is prone to denial-of-service vulnerability. \nSuccessful exploitation of the issue will cause excessive memory or CPU resource consumption, resulting in a denial-of-service condition. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. The following versions are affected: OpenSSL version 0.9.8, version 1.0.1, versions 1.0.2 through 1.0.2h, version 1.1.0. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7\nAdvisory ID: RHSA-2017:1413-01\nProduct: Red Hat JBoss Core Services\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:1413\nIssue date: 2017-06-07\nCVE Names: CVE-2016-0736 CVE-2016-2161 CVE-2016-6304 \n CVE-2016-7056 CVE-2016-8610 CVE-2016-8740 \n CVE-2016-8743 \n=====================================================================\n\n1. Summary:\n\nAn update is now available for Red Hat JBoss Core Services on RHEL 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss Core Services on RHEL 7 Server - noarch, ppc64, x86_64\n\n3. Description:\n\nRed Hat JBoss Core Services is a set of supplementary software for Red Hat\nJBoss middleware products. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23\nService Pack 1 serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.23, and includes bug fixes, which are documented in\nthe Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* It was discovered that the mod_session_crypto module of httpd did not use\nany mechanisms to verify integrity of the encrypted session data stored in\nthe user\u0027s browser. (CVE-2016-0736)\n\n* It was discovered that the mod_auth_digest module of httpd did not\nproperly check for memory allocation failures. (CVE-2016-2161)\n\n* A timing attack flaw was found in OpenSSL that could allow a malicious\nuser with local access to recover ECDSA P-256 private keys. \n(CVE-2016-8610)\n\n* It was discovered that the HTTP parser in httpd incorrectly allowed\ncertain characters not permitted by the HTTP protocol specification to\nappear unencoded in HTTP request headers. If httpd was used in conjunction\nwith a proxy or backend server that interpreted those characters\ndifferently, a remote attacker could possibly use this flaw to inject data\ninto HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743)\n\n* A vulnerability was found in httpd\u0027s handling of the LimitRequestFields\ndirective in mod_http2, affecting servers with HTTP/2 enabled. An attacker\ncould send crafted requests with headers larger than the server\u0027s available\nmemory, causing httpd to crash. (CVE-2016-8740)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. \nUpstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original\nreporter of CVE-2016-6304. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. After installing the updated\npackages, the httpd daemon will be restarted automatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1377600 - CVE-2016-6304 openssl: OCSP Status Request extension unbounded memory growth\n1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS\n1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2\n1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto\n1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest\n1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects\n1412120 - CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery\n\n6. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-319 - Errata for httpd 2.4.23 SP1 RHEL 7\n\n7. Package List:\n\nRed Hat JBoss Core Services on RHEL 7 Server:\n\nSource:\njbcs-httpd24-httpd-2.4.23-120.jbcs.el7.src.rpm\njbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.src.rpm\njbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.src.rpm\n\nnoarch:\njbcs-httpd24-httpd-manual-2.4.23-120.jbcs.el7.noarch.rpm\n\nppc64:\njbcs-httpd24-httpd-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-devel-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-libs-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-selinux-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-httpd-tools-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_ldap-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_proxy_html-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.1-19.GA.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_session-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-mod_ssl-2.4.23-120.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el7.ppc64.rpm\njbcs-httpd24-openssl-static-1.0.2h-13.jbcs.el7.ppc64.rpm\n\nx86_64:\njbcs-httpd24-httpd-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-devel-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-libs-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-selinux-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-httpd-tools-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ldap-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_proxy_html-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-2.9.1-19.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.1-19.GA.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_session-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-mod_ssl-2.4.23-120.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-1.0.2h-13.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-debuginfo-1.0.2h-13.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-devel-1.0.2h-13.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-libs-1.0.2h-13.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-perl-1.0.2h-13.jbcs.el7.x86_64.rpm\njbcs-httpd24-openssl-static-1.0.2h-13.jbcs.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n8. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-0736\nhttps://access.redhat.com/security/cve/CVE-2016-2161\nhttps://access.redhat.com/security/cve/CVE-2016-6304\nhttps://access.redhat.com/security/cve/CVE-2016-7056\nhttps://access.redhat.com/security/cve/CVE-2016-8610\nhttps://access.redhat.com/security/cve/CVE-2016-8740\nhttps://access.redhat.com/security/cve/CVE-2016-8743\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en/red-hat-jboss-core-services/\n\n9. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZOEFDXlSAg2UNWIIRAkmJAJ4vtOF2J+v5N45Dg4fckgqFa+L96wCfVBp2\nJFT0GtD56HPD72nOXhIXyG8=\n=7n2G\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies. The updates are documented in the Release Notes document\nlinked to in the References. If sendfile processing completed quickly, it was\npossible for the Processor to be added to the processor cache twice. This\ncould lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s\nDefaultServlet implementation. A crafted HTTP request could cause undesired\nside effects, possibly including the removal or replacement of the custom\nerror page. Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\nThis release includes bug fixes as well as a new release of OpenSSL. The JBoss server process must be restarted for the update\nto take effect. (CVE-2016-6304)\n\n* It was discovered that OpenSSL did not always use constant time\noperations when computing Digital Signature Algorithm (DSA) signatures. \n(CVE-2016-8610)\n\n* Multiple integer overflow flaws were found in the way OpenSSL performed\npointer arithmetic. \n===========================================================================\nUbuntu Security Notice USN-3181-1\nJanuary 31, 2017\n\nopenssl vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.10\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenSSL. This\nissue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other\nreleases were fixed in a previous security update. (CVE-2016-2177)\n\nIt was discovered that OpenSSL did not properly handle Montgomery\nmultiplication, resulting in incorrect results leading to transient\nfailures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04\nLTS. (CVE-2016-7056)\n\nShi Lei discovered that OpenSSL incorrectly handled certain warning alerts. (CVE-2016-8610)\n\nRobert =C5=9Awi=C4=99cki discovered that OpenSSL incorrectly handled certain\ntruncated packets. (CVE-2017-3731)\n\nIt was discovered that OpenSSL incorrectly performed the x86_64 Montgomery\nsquaring procedure. This issue only applied to Ubuntu 16.04\nLTS, and Ubuntu 16.10. (CVE-2017-3732)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.10:\n libssl1.0.0 1.0.2g-1ubuntu9.1\n\nUbuntu 16.04 LTS:\n libssl1.0.0 1.0.2g-1ubuntu4.6\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.22\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.39\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8610"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "BID",
"id": "93841"
},
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "142847"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143873"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140850"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8610",
"trust": 4.4
},
{
"db": "BID",
"id": "93841",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1037084",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2173",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141173",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141752",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92490",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-97430",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8610",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142848",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "142847",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143176",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143873",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140850",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "BID",
"id": "93841"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "142847"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143873"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"id": "VAR-201711-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-97430"
}
],
"trust": 0.35113123999999996
},
"last_update_date": "2024-07-23T21:57:50.988000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Don\u0027t\u00a0allow\u00a0too\u00a0many\u00a0consecutive\u00a0warning\u00a0alerts Red hat Red\u00a0Hat\u00a0Bugzilla",
"trust": 0.8,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401"
},
{
"title": "OpenSSL Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=65089"
},
{
"title": "Red Hat: Moderate: openssl security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170286 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171659 - security advisory"
},
{
"title": "Red Hat: Moderate: gnutls security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20170574 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171658 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171414 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171415 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171413 - security advisory"
},
{
"title": "Debian Security Advisories: DSA-3773-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=9f660812dd6a423f7e72aa57751d0031"
},
{
"title": "Red Hat: CVE-2016-8610",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-8610"
},
{
"title": "Amazon Linux AMI: ALAS-2017-803",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-803"
},
{
"title": "Ubuntu Security Notice: gnutls26 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3183-2"
},
{
"title": "Ubuntu Security Notice: gnutls26, gnutls28 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3183-1"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3181-1"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171801 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Web Server Service Pack 1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20171802 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2017-815",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-815"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=ecbe5f193404d1e9c62e8323118ae6cf"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=04299a624c15ae57f9f110f484bc5f66"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=6839c4d3fd328571c675c335d58b5591"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=d78b3379ca364568964f30138964c7e7"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - April 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=bf8deceb640f4a0fee008855afe6aa85"
},
{
"title": "CVE-2016-8610-PoC",
"trust": 0.1,
"url": "https://github.com/cujanovic/cve-2016-8610-poc "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "Resource exhaustion (CWE-400) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-399",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/93841"
},
{
"trust": 2.1,
"url": "http://seclists.org/oss-sec/2016/q4/224"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:1413"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1415.html"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:1658"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2017-1659.html"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:2493"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2017:2494"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1037084"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2017/dsa-3773"
},
{
"trust": 1.8,
"url": "https://security.freebsd.org/advisories/freebsd-sa-16:35.openssl.asc"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2017-0286.html"
},
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2017-0574.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1414"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1801"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2017:1802"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2016-8610"
},
{
"trust": 1.8,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=af58be768ebb690f78530f796e92b8ae5c9a4401"
},
{
"trust": 1.8,
"url": "https://security.360.cn/cve/cve-2016-8610/"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20171130-0001/"
},
{
"trust": 1.8,
"url": "https://security.paloaltonetworks.com/cve-2016-8610"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03897en_us"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
},
{
"trust": 0.9,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401"
},
{
"trust": 0.9,
"url": "https://securityadvisories.paloaltonetworks.com/home/detail/87"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-8610"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2016-6304"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191553-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2173/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory22.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21994867"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996760"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21997209"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7056"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2177"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8740"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-0736"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-8743"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2161"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8740"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-7056"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0736"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2161"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-5664"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-5647"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5647"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/3155411"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5664"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/2688611"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/solutions/222023"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2178"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2178"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=appplatform\u0026downloadtype=securitypatches\u0026version=6.4"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-2177"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03897en_us"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://github.com/cujanovic/cve-2016-8610-poc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49575"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/3183-2/"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=securitypatches\u0026version=2.4.23"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=securitypatches\u0026version=2.1.2"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.22"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3731"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.39"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-3181-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3732"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "BID",
"id": "93841"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "142847"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143873"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-97430"
},
{
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"db": "BID",
"id": "93841"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"db": "PACKETSTORM",
"id": "142848"
},
{
"db": "PACKETSTORM",
"id": "143874"
},
{
"db": "PACKETSTORM",
"id": "142847"
},
{
"db": "PACKETSTORM",
"id": "143176"
},
{
"db": "PACKETSTORM",
"id": "143873"
},
{
"db": "PACKETSTORM",
"id": "143181"
},
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-13T00:00:00",
"db": "VULHUB",
"id": "VHN-97430"
},
{
"date": "2017-11-13T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"date": "2016-10-24T00:00:00",
"db": "BID",
"id": "93841"
},
{
"date": "2017-12-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"date": "2017-06-07T22:47:57",
"db": "PACKETSTORM",
"id": "142848"
},
{
"date": "2017-08-22T05:29:02",
"db": "PACKETSTORM",
"id": "143874"
},
{
"date": "2017-06-07T22:47:43",
"db": "PACKETSTORM",
"id": "142847"
},
{
"date": "2017-06-28T22:12:00",
"db": "PACKETSTORM",
"id": "143176"
},
{
"date": "2017-08-22T05:28:16",
"db": "PACKETSTORM",
"id": "143873"
},
{
"date": "2017-06-28T22:37:00",
"db": "PACKETSTORM",
"id": "143181"
},
{
"date": "2017-02-01T00:36:45",
"db": "PACKETSTORM",
"id": "140850"
},
{
"date": "2016-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"date": "2017-11-13T22:29:00.203000",
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-97430"
},
{
"date": "2023-02-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8610"
},
{
"date": "2017-08-22T08:11:00",
"db": "BID",
"id": "93841"
},
{
"date": "2024-02-27T03:18:00",
"db": "JVNDB",
"id": "JVNDB-2016-008860"
},
{
"date": "2023-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-726"
},
{
"date": "2024-01-26T17:44:24.227000",
"db": "NVD",
"id": "CVE-2016-8610"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "140850"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL\u00a0 Service operation interruption in \u00a0(DoS)\u00a0 Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008860"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-726"
}
],
"trust": 0.6
}
}
VAR-200906-0603
Vulnerability from variot - Updated: 2024-07-23 21:48Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request. Apache Tomcat is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The following versions of Apache Tomcat are vulnerable: 6.0.0-6.0.18 5.5.0-5.5.27 4.1.0-4.1.39. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Modification, Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02515878 Version: 1
HPSBUX02579 SSRT100203 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Unauthorized
Modification, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-11-23 Last Updated: 2010-11-23
Potential Security Impact: Remote information disclosure, unauthorized modification, or Denial of Service (DoS).
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These
vulnerabilities could be exploited remotely to disclose information, allows unauthorized modification, or create a Denial
of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite.
References: CVE-2010-2227, CVE-2010-1157, CVE-2009-0783, CVE-2009-0781, CVE-2009-0580, CVE-2009-0033, CVE-2008-5515
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.12 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-2227 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2010-1157 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2009-0783 (AV:L/AC:L/Au:N/C:P/I:P/A:N) 3.6 CVE-2009-0781 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-0580 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2009-0033 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-5515 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the vulnerabilities. The updates are available for download from http://software.hp.com Note: HP-UX Web Server Suite v3.13 contains HP-UX Tomcat-based Servlet Engine v5.5.30.01
Web Server Suite Version / Apache Depot name
HP-UX Web Server Suite v.3.13 HPUXWS22ATW-B313-32.depot
HPUXWS22ATW-B313-64.depot
MANUAL ACTIONS: Yes - Update Install HP-UX Web Server Suite v3.13 or subsequent.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX Web Server Suite
HP-UX B.11.23 HP-UX B.11.31 ================== hpuxws22TOMCAT.TOMCAT action: install revision B.5.5.30.01 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 23 November 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2010 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkzsg8IACgkQ4B86/C0qfVlFEQCg1wPaYQ84EkeiOjNAkrLGPVnQ 1aQAoK/qC5XheL13hyynXvA/jfWdKwQ0 =jKnI -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-788-1 June 15, 2009 tomcat6 vulnerabilities CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.10: libtomcat6-java 6.0.18-0ubuntu3.2 tomcat6-examples 6.0.18-0ubuntu3.2
Ubuntu 9.04: libtomcat6-java 6.0.18-0ubuntu6.1 tomcat6-examples 6.0.18-0ubuntu6.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Iida Minehiko discovered that Tomcat did not properly normalise paths. A remote attacker could send specially crafted requests to the server and bypass security restrictions, gaining access to sensitive content. (CVE-2008-5515)
Yoshihito Fukuyama discovered that Tomcat did not properly handle errors when the Java AJP connector and mod_jk load balancing are used. (CVE-2009-0033)
D. Matscheko and T. A remote attacker could exploit this in order to enumerate valid usernames. (CVE-2009-0580)
Deniz Cevik discovered that Tomcat did not properly escape certain parameters in the example calendar application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Local users could exploit this to bypass security restrictions and gain access to certain sensitive files. (CVE-2009-0783)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.diff.gz
Size/MD5: 22010 87c6105cd78ea5a8dbf62054fc4ba0aa
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.dsc
Size/MD5: 1378 823c008ffc927c0f3f5686fc6f5188d0
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz
Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 174164 dd24331b2709bd6641b4055d0b052eae
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 2961944 63c8c3e0300ed70a240b79ddd3299efb
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 37370 b9b1bd6dc9cfb52107811295401c09e4
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 53488 5006e5c394ec815f6d36c335d9f0abaf
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 714516 768cacbb74453b1a2a49e55d61b7bedd
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 419180 0663de0611fb9792d44aebad8aa24cc4
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 18612 95544319007f1f90321469c5d314c72e
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2_all.deb
Size/MD5: 24156 9f4d7a0671e9330ff2fa1a1c13a20c58
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.diff.gz
Size/MD5: 24779 221e0f51259495fd01da2a6b67358b17
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.dsc
Size/MD5: 1411 e3bac3c39b2e6db3267699a533b17add
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz
Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 246196 54e990e7893923b8b6df4bcce9f3ba22
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 172500 abf989790a45def65d5de9a7f9b010df
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 2846254 c1c0180751500ce58c51b97de9f2d6d9
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 37874 e7d401faba215af22ecff31b4a675fad
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 53184 194153ab21adac9a47baaf92ea8d2acb
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 714212 d52e9abc75108a8f059346e09d47b511
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 418316 3a7110c9da4bd72a7019cbb75651da73
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 20520 ea5e54c91e7055e281d61e63f0e140f2
http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1_all.deb
Size/MD5: 24952 ec80f910d6c8e606c090ba8dd737bc4c
. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385 (CVE-2007-5333).
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header (CVE-2009-0033).
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a \% (percent) value for the j_password parameter (CVE-2009-0580).
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application (CVE-2009-0783). (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693).
Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply (CVE-2010-1157).
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with recycling of a buffer. (CVE-2010-2227)
Packages for 2008.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
Updated Packages:
Mandriva Linux 2008.0: b7ec529ef67655e138bb9845381dafe0 2008.0/i586/tomcat5-5.5.23-9.2.10.3mdv2008.0.i586.rpm 7480f62988c594c5e963968a5d8a760c 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.3mdv2008.0.i586.rpm 81f00d0be9c8fad809640b83015fd73e 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.3mdv2008.0.i586.rpm 5e2b03d332177ca8f1b59b672e568028 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.3mdv2008.0.i586.rpm fd942acf4a4b56c678cf8dc46b3cf23b 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm 482cfd3a9f47ccfc8ed33e29918bd131 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.3mdv2008.0.i586.rpm 97a9df65785526f25233c22c1c077eab 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm cb9a2042c893f1818bef3fdec427da8b 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.3mdv2008.0.i586.rpm 41e632f8c33e4c0d0d8106fbd4b1448f 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.3mdv2008.0.i586.rpm 9c9ae10e58d6cf12b64400d3ba3c8895 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm 9967a35bf6a073e8a8509da3c5a42559 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.3mdv2008.0.i586.rpm 723023ef6f65aee545713e42809d5b86 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 4b424c91fb912dc8d58ecfaf887a730c 2008.0/x86_64/tomcat5-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm ca5003fcc1480d072729f2e3a01f374c 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 83c84b3c3543e561be43c439931432e5 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm e2a2adee1147b24791cdbc9612bbf812 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm a31a7de061b6d692924e2be3b3ee2a9c 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 42dff6a2eecaeb735dae70ffa28bfd83 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 31da50a7f741eee25f7d3920ece1531c 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 1670728be5615301bb60b2b01b993a1e 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm ee4c0935479f16f258c78ba2c5225e84 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 3383de2b3f2953ee01020d9b502900b3 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm b4fcecfae58187c2e0f644f569969ca6 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm 723023ef6f65aee545713e42809d5b86 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.3mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMjL+MmqjQ0CJFipgRAu5tAJ9opOdrTTLzYdyAcuZx+7WfwtcLbQCeOTn4 cZE6uUZ95kih/bicVxL4f/c= =OWxp -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
References: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783.
The calendar application in the examples web application contains an XSS flaw due to invalid HTML which renders the XSS filtering protection ineffective (CVE-2009-0781)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0603",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.22"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.18"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.17"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.23"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.20"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.26"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.25"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.21"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.18"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.9"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.4"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.27"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.26"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.25"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.24"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.23"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.22"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.21"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.20"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.18"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.17"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.39"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.38"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.37"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.36"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.35"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.34"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.32"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.31"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.30"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.29"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.28"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.24"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.33"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.17"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.4"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.27"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.9"
},
{
"model": "virtualcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.55"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.52"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.51"
},
{
"model": "virtualcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.25"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.24"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.23"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.22"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.21"
},
{
"model": "vcenter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.1"
},
{
"model": "blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.7"
},
{
"model": "blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.4"
},
{
"model": "blackberry enterprise server for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.1"
},
{
"model": "blackberry enterprise server for exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0"
},
{
"model": "blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0"
},
{
"model": "blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.7"
},
{
"model": "blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.4"
},
{
"model": "blackberry enterprise server for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.4"
},
{
"model": "blackberry enterprise server express for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.1"
},
{
"model": "blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.4"
},
{
"model": "blackberry enterprise server express for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "5.0.2"
},
{
"model": "blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "4.1.4"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "network satellite",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "45.3"
},
{
"model": "network satellite",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "45.2"
},
{
"model": "jboss enterprise web server el4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss enterprise web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "jboss enterprise application platform el5",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.3"
},
{
"model": "jboss enterprise application platform el4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.3"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.3"
},
{
"model": "jboss enterprise application platform el5",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "jboss enterprise application platform el4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "enterprise linux eus 5.3.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "developer suite as4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "application server ws4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "application server es4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "application server as4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "tivoli netcool/webtop fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.19"
},
{
"model": "tivoli netcool/webtop fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.15"
},
{
"model": "tivoli netcool/webtop fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.14"
},
{
"model": "tivoli netcool/webtop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "rational quality manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.21"
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.20"
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.10"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.22"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.21"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.18"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.17"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.12"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.10"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.1"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1.2"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1.1"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.2"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1.1"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.1"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0.1"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "2.0"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.2"
},
{
"model": "coat systems intelligence center",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5"
},
{
"model": "tomcat beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1"
},
{
"model": "virtualcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.56"
},
{
"model": "vcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.01"
},
{
"model": "opensolaris build snv 118",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "tivoli netcool/webtop fix pack",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.110"
},
{
"model": "rational quality manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "hp-ux web server suite",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.13"
},
{
"model": "coat systems intelligence center",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.2.2.1"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.20"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.28"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.40"
}
],
"sources": [
{
"db": "BID",
"id": "35263"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Iida Minehiko",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
}
],
"trust": 0.6
},
"cve": "CVE-2008-5515",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2008-5515",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-5515",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-265",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2008-5515",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request. Apache Tomcat is prone to a remote information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. \nThe following versions of Apache Tomcat are vulnerable:\n6.0.0-6.0.18\n5.5.0-5.5.27\n4.1.0-4.1.39. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. Modification, Denial of Service (DoS)\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02515878\nVersion: 1\n\nHPSBUX02579 SSRT100203 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Unauthorized\n\nModification, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-11-23\nLast Updated: 2010-11-23\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote information disclosure, unauthorized modification, or Denial of Service (DoS). \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These\n\nvulnerabilities could be exploited remotely to disclose information, allows unauthorized modification, or create a Denial\n\nof Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. \n\nReferences: CVE-2010-2227, CVE-2010-1157, CVE-2009-0783, CVE-2009-0781, CVE-2009-0580, CVE-2009-0033, CVE-2008-5515\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.12 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-2227 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2010-1157 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2009-0783 (AV:L/AC:L/Au:N/C:P/I:P/A:N) 3.6\nCVE-2009-0781 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-0580 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2009-0033 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2008-5515 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve the vulnerabilities. \nThe updates are available for download from http://software.hp.com\nNote: HP-UX Web Server Suite v3.13 contains HP-UX Tomcat-based Servlet Engine v5.5.30.01\n\nWeb Server Suite Version / Apache Depot name\n\nHP-UX Web Server Suite v.3.13\n HPUXWS22ATW-B313-32.depot\n\n HPUXWS22ATW-B313-64.depot\n\nMANUAL ACTIONS: Yes - Update\nInstall HP-UX Web Server Suite v3.13 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX Web Server Suite\n\nHP-UX B.11.23\nHP-UX B.11.31\n==================\nhpuxws22TOMCAT.TOMCAT\naction: install revision B.5.5.30.01 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 23 November 2010 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2010 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkzsg8IACgkQ4B86/C0qfVlFEQCg1wPaYQ84EkeiOjNAkrLGPVnQ\n1aQAoK/qC5XheL13hyynXvA/jfWdKwQ0\n=jKnI\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-788-1 June 15, 2009\ntomcat6 vulnerabilities\nCVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781,\nCVE-2009-0783\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.10:\n libtomcat6-java 6.0.18-0ubuntu3.2\n tomcat6-examples 6.0.18-0ubuntu3.2\n\nUbuntu 9.04:\n libtomcat6-java 6.0.18-0ubuntu6.1\n tomcat6-examples 6.0.18-0ubuntu6.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIida Minehiko discovered that Tomcat did not properly normalise paths. A\nremote attacker could send specially crafted requests to the server and\nbypass security restrictions, gaining access to sensitive content. \n(CVE-2008-5515)\n\nYoshihito Fukuyama discovered that Tomcat did not properly handle errors\nwhen the Java AJP connector and mod_jk load balancing are used. (CVE-2009-0033)\n\nD. Matscheko and T. A\nremote attacker could exploit this in order to enumerate valid usernames. \n(CVE-2009-0580)\n\nDeniz Cevik discovered that Tomcat did not properly escape certain\nparameters in the example calendar application which could result in\nbrowsers becoming vulnerable to cross-site scripting attacks when\nprocessing the output. With cross-site scripting vulnerabilities, if a user\nwere tricked into viewing server output during a crafted server request, a\nremote attacker could exploit this to modify the contents, or steal\nconfidential data (such as passwords), within the same domain. Local users could exploit\nthis to bypass security restrictions and gain access to certain sensitive\nfiles. (CVE-2009-0783)\n\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.diff.gz\n Size/MD5: 22010 87c6105cd78ea5a8dbf62054fc4ba0aa\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.dsc\n Size/MD5: 1378 823c008ffc927c0f3f5686fc6f5188d0\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz\n Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 174164 dd24331b2709bd6641b4055d0b052eae\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 2961944 63c8c3e0300ed70a240b79ddd3299efb\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 37370 b9b1bd6dc9cfb52107811295401c09e4\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 53488 5006e5c394ec815f6d36c335d9f0abaf\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 714516 768cacbb74453b1a2a49e55d61b7bedd\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 419180 0663de0611fb9792d44aebad8aa24cc4\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 18612 95544319007f1f90321469c5d314c72e\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2_all.deb\n Size/MD5: 24156 9f4d7a0671e9330ff2fa1a1c13a20c58\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.diff.gz\n Size/MD5: 24779 221e0f51259495fd01da2a6b67358b17\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.dsc\n Size/MD5: 1411 e3bac3c39b2e6db3267699a533b17add\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz\n Size/MD5: 3484249 9bdbb1c1d79302c80057a70b18fe6721\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 246196 54e990e7893923b8b6df4bcce9f3ba22\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 172500 abf989790a45def65d5de9a7f9b010df\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 2846254 c1c0180751500ce58c51b97de9f2d6d9\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 37874 e7d401faba215af22ecff31b4a675fad\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 53184 194153ab21adac9a47baaf92ea8d2acb\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 714212 d52e9abc75108a8f059346e09d47b511\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 418316 3a7110c9da4bd72a7019cbb75651da73\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 20520 ea5e54c91e7055e281d61e63f0e140f2\n http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1_all.deb\n Size/MD5: 24952 ec80f910d6c8e606c090ba8dd737bc4c\n\n\n. NOTE:\n this issue exists because of an incomplete fix for CVE-2007-3385\n (CVE-2007-5333). \n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18, when the Java AJP connector and mod_jk load balancing\n are used, allows remote attackers to cause a denial of service\n (application outage) via a crafted request with invalid headers,\n related to temporary blocking of connectors that have encountered\n errors, as demonstrated by an error involving a malformed HTTP Host\n header (CVE-2009-0033). \n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and\n 6.0.0 through 6.0.18, when FORM authentication is used, allows\n remote attackers to enumerate valid usernames via requests to\n /j_security_check with malformed URL encoding of passwords, related to\n improper error checking in the (1) MemoryRealm, (2) DataSourceRealm,\n and (3) JDBCRealm authentication realms, as demonstrated by a \\%\n (percent) value for the j_password parameter (CVE-2009-0580). \n \n Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0\n through 6.0.18 permits web applications to replace an XML parser used\n for other web applications, which allows local users to read or modify\n the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web\n applications via a crafted application that is loaded earlier than\n the target application (CVE-2009-0783). (dot dot) in an entry in a WAR file,\n as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693). \n \n Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might\n allow remote attackers to discover the server\u0027s hostname or IP\n address by sending a request for a resource that requires (1) BASIC or\n (2) DIGEST authentication, and then reading the realm field in the\n WWW-Authenticate header in the reply (CVE-2010-1157). \n \n Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0\n beta does not properly handle an invalid Transfer-Encoding header,\n which allows remote attackers to cause a denial of service (application\n outage) or obtain sensitive information via a crafted header that\n interferes with recycling of a buffer. (CVE-2010-2227)\n \n Packages for 2008.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n b7ec529ef67655e138bb9845381dafe0 2008.0/i586/tomcat5-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 7480f62988c594c5e963968a5d8a760c 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 81f00d0be9c8fad809640b83015fd73e 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 5e2b03d332177ca8f1b59b672e568028 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n fd942acf4a4b56c678cf8dc46b3cf23b 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 482cfd3a9f47ccfc8ed33e29918bd131 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 97a9df65785526f25233c22c1c077eab 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n cb9a2042c893f1818bef3fdec427da8b 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 41e632f8c33e4c0d0d8106fbd4b1448f 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 9c9ae10e58d6cf12b64400d3ba3c8895 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.3mdv2008.0.i586.rpm\n 9967a35bf6a073e8a8509da3c5a42559 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.3mdv2008.0.i586.rpm \n 723023ef6f65aee545713e42809d5b86 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4b424c91fb912dc8d58ecfaf887a730c 2008.0/x86_64/tomcat5-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n ca5003fcc1480d072729f2e3a01f374c 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n 83c84b3c3543e561be43c439931432e5 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n e2a2adee1147b24791cdbc9612bbf812 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n a31a7de061b6d692924e2be3b3ee2a9c 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n 42dff6a2eecaeb735dae70ffa28bfd83 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n 31da50a7f741eee25f7d3920ece1531c 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n 1670728be5615301bb60b2b01b993a1e 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n ee4c0935479f16f258c78ba2c5225e84 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n 3383de2b3f2953ee01020d9b502900b3 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm\n b4fcecfae58187c2e0f644f569969ca6 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.3mdv2008.0.x86_64.rpm \n 723023ef6f65aee545713e42809d5b86 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.3mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMjL+MmqjQ0CJFipgRAu5tAJ9opOdrTTLzYdyAcuZx+7WfwtcLbQCeOTn4\ncZE6uUZ95kih/bicVxL4f/c=\n=OWxp\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nReferences: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. \n \n The calendar application in the examples web application contains an\n XSS flaw due to invalid HTML which renders the XSS filtering protection\n ineffective (CVE-2009-0781)",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5515"
},
{
"db": "BID",
"id": "35263"
},
{
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"db": "PACKETSTORM",
"id": "121037"
},
{
"db": "PACKETSTORM",
"id": "96122"
},
{
"db": "PACKETSTORM",
"id": "78409"
},
{
"db": "PACKETSTORM",
"id": "89679"
},
{
"db": "PACKETSTORM",
"id": "93755"
},
{
"db": "PACKETSTORM",
"id": "79715"
},
{
"db": "PACKETSTORM",
"id": "82165"
},
{
"db": "PACKETSTORM",
"id": "78585"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-5515",
"trust": 2.8
},
{
"db": "BID",
"id": "35263",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "44183",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35685",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35393",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "37460",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "39317",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42368",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35788",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN63832775",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3056",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1535",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1856",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-3316",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-1520",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265",
"trust": 0.6
},
{
"db": "VUPEN",
"id": "2009/1856",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/3316",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1520",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3056",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/1535",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-5515",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96122",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78409",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89679",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "79715",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82165",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78585",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"db": "BID",
"id": "35263"
},
{
"db": "PACKETSTORM",
"id": "121037"
},
{
"db": "PACKETSTORM",
"id": "96122"
},
{
"db": "PACKETSTORM",
"id": "78409"
},
{
"db": "PACKETSTORM",
"id": "89679"
},
{
"db": "PACKETSTORM",
"id": "93755"
},
{
"db": "PACKETSTORM",
"id": "79715"
},
{
"db": "PACKETSTORM",
"id": "82165"
},
{
"db": "PACKETSTORM",
"id": "78585"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"id": "VAR-200906-0603",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:48:33.753000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Red Hat: Important: JBoss Enterprise Application Platform 4.3.0.CP05 update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20091145 - security advisory"
},
{
"title": "Red Hat: Important: tomcat security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20091164 - security advisory"
},
{
"title": "Ubuntu Security Notice: tomcat6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-788-1"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 CVE-2009-0781: Apache Tomcat 6 Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ac49c4dcad19730a5b7d72eba69e3550"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 CVE-2009-0781: Apache Tomcat 5 Multiple Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b4688be3241a5693241135af6523bb48"
},
{
"title": "Symantec Security Advisories: SA66 : Multiple Tomcat vulnerabilities in IntelligenceCenter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=ce6312b51b7767e26422e4b3dbf8f5cd"
},
{
"title": "VMware Security Advisories: VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4675848a694e2124743f676a2c827ef7"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-5515"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/35263"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2009-0016.html"
},
{
"trust": 2.3,
"url": "http://www.debian.org/security/2011/dsa-2207"
},
{
"trust": 2.2,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"trust": 2.0,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"trust": 2.0,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1520"
},
{
"trust": 1.7,
"url": "http://jvn.jp/en/jp/jvn63832775/index.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35393"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:138"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:136"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35685"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1856"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35788"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37460"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-november/msg01156.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-november/msg01246.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-november/msg01216.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2010//mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4077"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/39317"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:176"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=129070310906557\u0026w=2"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/3056"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42368"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/44183"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=136485229118404\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127420533226623\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a6445"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19452"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10422"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/504202/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/504170/100/0/threaded"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5515"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0033"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0580"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0783"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0781"
},
{
"trust": 0.4,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.3,
"url": "http://jakarta.apache.org/tomcat/"
},
{
"trust": 0.3,
"url": "/archive/1/504170"
},
{
"trust": 0.3,
"url": "/archive/1/504202"
},
{
"trust": 0.3,
"url": "/archive/1/507985"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263529-1"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27012048"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01908935"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02515878"
},
{
"trust": 0.3,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken\u0026javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025919"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa66"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2009-1164.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2009-1506.html"
},
{
"trust": 0.3,
"url": "http://www.blackberry.com/btsc/dynamickc.do?externalid=kb25966\u0026sliceid=1\u0026command=show\u0026forward=nonthreadedkc\u0026kcid=kb25966"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5515"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0033"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0783"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0580"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.2,
"url": "http://software.hp.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0781"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2009:1145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/788-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4858"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-docs_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-user_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-examples_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6_6.0.18-0ubuntu3.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libtomcat6-java_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java-doc_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-common_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/libservlet2.5-java_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu6.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/tomcat6/tomcat6-admin_6.0.18-0ubuntu3.2_all.deb"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/patches"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2227"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2902"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2901"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5333"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2693"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1157"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"db": "BID",
"id": "35263"
},
{
"db": "PACKETSTORM",
"id": "121037"
},
{
"db": "PACKETSTORM",
"id": "96122"
},
{
"db": "PACKETSTORM",
"id": "78409"
},
{
"db": "PACKETSTORM",
"id": "89679"
},
{
"db": "PACKETSTORM",
"id": "93755"
},
{
"db": "PACKETSTORM",
"id": "79715"
},
{
"db": "PACKETSTORM",
"id": "82165"
},
{
"db": "PACKETSTORM",
"id": "78585"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"db": "BID",
"id": "35263"
},
{
"db": "PACKETSTORM",
"id": "121037"
},
{
"db": "PACKETSTORM",
"id": "96122"
},
{
"db": "PACKETSTORM",
"id": "78409"
},
{
"db": "PACKETSTORM",
"id": "89679"
},
{
"db": "PACKETSTORM",
"id": "93755"
},
{
"db": "PACKETSTORM",
"id": "79715"
},
{
"db": "PACKETSTORM",
"id": "82165"
},
{
"db": "PACKETSTORM",
"id": "78585"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-16T00:00:00",
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"date": "2009-06-08T00:00:00",
"db": "BID",
"id": "35263"
},
{
"date": "2013-04-01T15:55:00",
"db": "PACKETSTORM",
"id": "121037"
},
{
"date": "2010-11-27T18:01:33",
"db": "PACKETSTORM",
"id": "96122"
},
{
"date": "2009-06-15T20:42:09",
"db": "PACKETSTORM",
"id": "78409"
},
{
"date": "2010-05-19T06:15:08",
"db": "PACKETSTORM",
"id": "89679"
},
{
"date": "2010-09-13T01:03:39",
"db": "PACKETSTORM",
"id": "93755"
},
{
"date": "2009-07-28T19:23:06",
"db": "PACKETSTORM",
"id": "79715"
},
{
"date": "2009-10-23T18:16:10",
"db": "PACKETSTORM",
"id": "82165"
},
{
"date": "2009-06-23T03:25:29",
"db": "PACKETSTORM",
"id": "78585"
},
{
"date": "2009-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"date": "2009-06-16T21:00:00.313000",
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2008-5515"
},
{
"date": "2015-04-13T22:12:00",
"db": "BID",
"id": "35263"
},
{
"date": "2023-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-265"
},
{
"date": "2023-02-13T02:19:34.757000",
"db": "NVD",
"id": "CVE-2008-5515"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "93755"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Tomcat Path traversal vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-265"
}
],
"trust": 0.6
}
}
VAR-200909-0801
Vulnerability from variot - Updated: 2024-07-23 21:34The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache 'mod_proxy_ftp' module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9
Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14
Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5
Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5
Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)
It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. (CVE-2009-3094)
Another flaw was discovered in mod_proxy_ftp. (CVE-2009-3095)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz
Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc
Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb
Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 834492 818915da9848657833480b1ead6b4a12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 224594 85a4480344a072868758c466f6a98747
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 229128 446b52088b9744fb776e53155403a474
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb
Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb
Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb
Size/MD5: 142730 d43356422176ca29440f3e0572678093
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 269070 bf585dec777b0306cd80663c11b020df
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb
Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz
Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc
Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb
Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 141660 958585d6391847cd5a618464054f7d37
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb
Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb
Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb
Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 206386 06402188459de8dab5279b5bfef768fa
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb
Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 233152 1165607c64c57c84212b6b106254e885
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 143838 28e9c3811feeac70b846279e82c23430
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb
Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz
Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc
Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz
Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb
Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 209550 496d387e315370c0cd83489db663a356
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb
Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb
Size/MD5: 778564 ffd7752394933004094c13b00113b263
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 208528 6672fb116e108687669c89197732fbb0
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb
Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 261510 d3e1155682726cc28859156e647d97b3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 84558 68452b686e89320007e9c5367ce36345
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb
Size/MD5: 926240 8282583e86e84bd256959540f39a515d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 241280 1eea25472875056e34cd2c3283c60171
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 246024 5709e7421814ecfb83fff5804d429971
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb
Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz
Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc
Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz
Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb
Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 258414 8ef063026de9790bac1965427ce1b584
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 213294 09701d434bd102e4205e551b4525afd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 87818 670c62615e107920c45893b3377ab2a0
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb
Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 244914 955bb5121da808d44aa994386d90723f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb
Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb
Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb
Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 214286 a378e2e0418631cec0f398379a446172
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb
Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz
Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc
Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz
Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2336 009d381342b0be5280835a46c91f01d9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2314 17719223d92d46821098ce178b5947d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb
Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb
Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 155166 4347806710edff47fc051b4a68d5b448
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079
http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb
Size/MD5: 90316 add7f446f6b524343c0066a486dd299a
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb
Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb
Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43
http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb
Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2
. Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only).
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0.
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195).
Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).
Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).
Packages for 2008.0 are being provided due to extended support for Corporate products.
This update provides a solution to these vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2
Updated Packages:
Mandriva Linux 2008.0: dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu MUj4lK2Wsb+qzbv2V+Ih30U= =VdZS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1934-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch November 16, 2009 http://www.debian.org/security/faq
Package : apache2 Vulnerability : multiple issues Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555
A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.
As a partial mitigation against this attack, this apache2 update disables client-initiated renegotiations. This should fix the vulnerability for the majority of Apache configurations in use.
NOTE: This is not a complete fix for the problem. The attack is still possible in configurations where the server initiates the renegotiation. This is the case for the following configurations (the information in the changelog of the updated packages is slightly inaccurate):
-
- The "SSLVerifyClient" directive is used in a Directory or Location context.
-
- The "SSLCipherSuite" directive is used in a Directory or Location context.
As a workaround, you may rearrange your configuration in a way that SSLVerifyClient and SSLCipherSuite are only used on the server or virtual host level.
A complete fix for the problem will require a protocol change. Further information will be included in a separate announcement about this issue.
CVE-2009-3095: Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server.
For the stable distribution (lenny), these problems have been fixed in version 2.2.9-10+lenny6. This version also includes some non-security bug fixes that were scheduled for inclusion in the next stable point release (Debian 5.0.4).
The oldstable distribution (etch), these problems have been fixed in version 2.2.3-4+etch11.
For the testing distribution (squeeze) and the unstable distribution (sid), these problems will be fixed in version 2.2.14-2.
This advisory also provides updated apache2-mpm-itk packages which have been recompiled against the new apache2 packages.
Updated apache2-mpm-itk packages for the armel architecture are not included yet. They will be released as soon as they become available.
We recommend that you upgrade your apache2 and apache2-mpm-itk packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874
Debian GNU/Linux 5.0 alias lenny (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db
Architecture independent packages:
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e
These files will probably be moved into the stable distribution on its next update. Patch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . The patch kits and installation instructions are available from the following location using ftp:
Host Account Password
ftp.usa.hp.com ewt01 Welcome1
CSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms.
Itanium Images mod_proxy.exe_ia64 mod_proxy_ftp.exe_ia64
Alpha Images mod_proxy.exe_axp mod_proxy_ftp.exe_axp
The patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02160663 Version: 1
HPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-06-02 Last Updated: 2010-06-02
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
Note: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30; CVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09.
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15
Web Server Suite Version / HP-UX Release / Depot name
Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot
Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot
Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot
Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot
Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot
Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot
Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Web Server Suite before v3.09 HP-UX B.11.23 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 action: install revision B.2.2.8.09 or subsequent
HP-UX B.11.31
hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 action: install revision B.2.2.8.09 or subsequent
For Web Server Suite before v2.30 HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.23
hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY action: install revision B.2.0.59.15 or subsequent
HP-UX B.11.31
hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 2 June 2010 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv nksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100 =/Gfl -----END PGP SIGNATURE----- .
BAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0801",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.64"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "10"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.x"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "opensolaris",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "hp-ux apache-based web server",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v.2.2.15.03"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.4.z (server)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "client",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2008"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0x64"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "3.0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise sp3 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp2 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"model": "hat jboss enterprise web server for rhel server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "51.0"
},
{
"model": "hat jboss enterprise web server for rhel es",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"model": "hat jboss enterprise web server for rhel as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "41.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.25"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.35"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.33"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "compaq secure web server for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.06"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.05"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.55"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.2.5"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.2.4"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.5"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.4"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "software foundation mod proxy ftp",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.9"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "software foundation apache 2.2.7-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.9"
},
{
"model": "business availability center",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.07"
},
{
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.5.2.3"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
}
],
"sources": [
{
"db": "BID",
"id": "36260"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.64",
"versionStartIncluding": "2.0.35",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.14",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Evgeny Legerov",
"sources": [
{
"db": "BID",
"id": "36260"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.9
},
"cve": "CVE-2009-3094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-3094",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2009-3094",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-3094",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2009-3094",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200909-107",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2009-3094",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache \u0027mod_proxy_ftp\u0027 module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. ===========================================================\nUbuntu Security Notice USN-860-1 November 19, 2009\napache2 vulnerabilities\nCVE-2009-3094, CVE-2009-3095, CVE-2009-3555\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.9\n\nUbuntu 8.04 LTS:\n apache2.2-common 2.2.8-1ubuntu0.14\n\nUbuntu 8.10:\n apache2.2-common 2.2.9-7ubuntu3.5\n\nUbuntu 9.04:\n apache2.2-common 2.2.11-2ubuntu2.5\n\nUbuntu 9.10:\n apache2.2-common 2.2.12-1ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at the\nstart of a TLS connection, the attacker could inject arbitrary content at\nthe beginning of the user\u0027s session. The flaw is with TLS renegotiation and\npotentially affects any software that supports this feature. Attacks\nagainst the HTTPS protocol are known, with the severity of the issue\ndepending on the safeguards used in the web application. Until the TLS\nprotocol and underlying libraries are adjusted to defend against this\nvulnerability, a partial, temporary workaround has been applied to Apache\nthat disables client initiated TLS renegotiation. This update does not\nprotect against server initiated TLS renegotiation when using\nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize\nits input when processing replies to EPASV and PASV commands. \n(CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. \n(CVE-2009-3095)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz\n Size/MD5: 130638 5d172b0ca228238e211940fad6b0935d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc\n Size/MD5: 1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb\n Size/MD5: 2125884 643115e9135b9bf626f3a65cfc5f2ed3\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 834492 818915da9848657833480b1ead6b4a12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229578 9086ac3033e0425ecd150b31b377ee76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 224594 85a4480344a072868758c466f6a98747\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 229128 446b52088b9744fb776e53155403a474\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 172850 17e4cd95ecb9d0390274fca9625c2e5e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 173636 b501407d01fa07e5807c28cd1db16cd7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 95454 a06ee30ec14b35003ebcb821624bc2af\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 37510 4c063b1b8d831ea8a02d5ec691995dec\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 287048 9cdc7502ebc526d4bc7df9b59a9d8925\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb\n Size/MD5: 145624 4b613a57da2ca57678e8c8f0c1628556\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 787870 67b1855dc984e5296ac9580e2a2f0a0c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 204122 edf40b0ff5c1824b2d6232da247ce480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 200060 6267a56fcef78f6300372810ce36ea41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 203580 c487929bbf45b5a4dc3d035d86f7b3a0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 172876 bae257127c3d137e407a7db744f3d57a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 173660 9dd0e108ab4d3382799b29d901bf4502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 93410 d5d602c75a28873f1cd7523857e0dd80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 37508 22049e1ea8ea88259ff3f6e94482cfb3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 263066 43fa2ae3b43c4743c98c45ac22fb0250\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb\n Size/MD5: 133484 e70b7f81859cb92e0c50084e92216526\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 860622 6d386da8da90d363414846dbc7fa7f08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 221470 8c207b379f7ba646c94759d3e9079dd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 217132 069cab77278b101c3c4a5b172f36ba9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 220968 2f6ba65769fc964eb6dfec8a842f7621\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 172874 89137c84b5a33f526daf3f8b4c047a7e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 173662 23e576721faccb4aef732cf98e2358d4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 105198 44f9e698567784555db7d7d971b9fce2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 37518 fe7caa2a3cf6d4227ac34692de30635e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 282644 ec0306c04778cf8c8edd622aabb0363c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb\n Size/MD5: 142730 d43356422176ca29440f3e0572678093\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 211674 eb19532b9b759c806e9a95a4ffbfad9b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 207344 9e5770a4c94cbc4f9bc8cc11a6a038f1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 210948 6d1d2357cec5b88c1c2269e5c16724bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 172882 d04dd123def1bc4cfbf2ac0095432eea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 173662 6be46bbb9e92224020da49d657cb4cd4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 94510 9df6ae07a9218d6159b1eebde5d58606\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 37506 89856bb1433e67fb23c8d34423d3e0a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 269070 bf585dec777b0306cd80663c11b020df\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb\n Size/MD5: 131466 340eaf2d2c1f129c7676a152776cfcf3\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz\n Size/MD5: 141838 37d5c93b425758839cbef5afea5353a2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc\n Size/MD5: 1381 78c9a13cc2af0dbf3958a3fc98aeea84\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\n Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 1929318 d4faaf64c2c0af807848ea171a4efa90\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 72920 065d63c19b22f0f7a8f7c28952b0b408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 6258048 33c48a093bbb868ea108a50c051437cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb\n Size/MD5: 45850 07a9463a8e4fdf1a48766d5ad08b9a3c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 253080 3c6467ee604002a5b8ebffff8554c568\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 248676 3c83ce9eb0a27f18b9c3a8c3e651cafa\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 252490 cf379a515d967d89d2009be9e06d4833\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 205592 af6cb62114d2e70bf859c32008a66433\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 141660 958585d6391847cd5a618464054f7d37\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb\n Size/MD5: 803974 76d23bd94465a2f96711dc1c41b31af0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 236060 ad4c00dc10b406cc312982b7113fa468\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 231580 07ae6a192e6c859e49d48f2b2158df40\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 235308 18a44bbffcebde8f2d66fe3a6bdbab6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 205594 73ec71599d4c8a42a69ac3099b9d50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 206374 c1524e4fa8265e7eaac046b114b8c463\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 140644 379a125b8b5b51ff8033449755ab87b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb\n Size/MD5: 755574 9de96c8719740c2525e3c0cf7836d60b\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 235578 0265d4f6ccee2d7b5ee10cfff48fed08\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 231234 611499fb33808ecdd232e2c5350f6838\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 234738 d7757d2da2e542ce0fdad5994be1d8bd\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 205592 c10ac9eb401184c379b7993b6a62cde3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 206358 fc91c0159b096e744c42014e6e5f8909\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 141212 f87d5f443e5d8e1c3eda6f976b3ceb06\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb\n Size/MD5: 749716 86ae389b81b057288ff3c0b69ef68656\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 254134 4337f858972022fa196c9a1f9bb724fb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 249596 44a6e21ff8fa81d09dab19cab4caffdb\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 253698 f101a1709f21320716d4c9afb356f24f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 205604 3f4d4f6733257a7037e35101ef792352\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 206386 06402188459de8dab5279b5bfef768fa\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 158390 0acffbdb7e5602b434c4f2805f8dc4d0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb\n Size/MD5: 906022 28c3e8b63d123a4ca0632b3fed6720b5\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 237422 5651f53b09c0f36e1333c569980a0eb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 233152 1165607c64c57c84212b6b106254e885\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 236606 bbe00d0707c279a16eca35258dd8f13a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 205598 76afcd4085fa6f39055a5a3f1ef34a43\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 206372 5c67270e0a19d1558cf17cb21a114833\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 143838 28e9c3811feeac70b846279e82c23430\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb\n Size/MD5: 765398 92c5b054b80b6258a1c4caac8248a40a\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz\n Size/MD5: 137715 0e8a6128ff37a1c064d4ce881b5d3df9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc\n Size/MD5: 1788 5e3c3d53b68ea3053bcca3a5e19f5911\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 2041786 cd1e98fb2064bad51f7845f203a07d79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 6538578 32e07db65f1e7b3002aedc3afce1748c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb\n Size/MD5: 45474 0f1b4fb499af61a596241bd4f0f4d35d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254968 f2004f847cc5cbc730599352ad1f7dc6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 249196 fb001fc4f192e9b8ae1bb7161925413c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 254360 419b942bad4cf4d959afcfa3ce4314e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 208524 0d87bf6acbf1ab5dc48c68debe7c0d26\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 84490 2a4df4b619debe549f48ac3e9e764305\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 82838 215665711684d5b5dd04cdfa23d36462\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 209550 496d387e315370c0cd83489db663a356\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 147762 48061b9015c78b39b7afd834f4c81ae0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb\n Size/MD5: 820242 3497441009bc9db76a87fd2447ba433c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 241376 488812d1a311fd67dafd5b18b6813920\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 236082 9256681808703f40e822c81b53f4ce3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 240668 2b6b7c11a88ed5a280f603305bee880e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 208532 e0eccceba6cae5fb12f431ff0283a23e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 83922 ea5f69f36e344e493cce5d9c0bc69c46\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 82320 0d9b2f9afff4b9efe924b59e9bb039ea\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 209554 f4e53148ae30d5c4f060d455e4f11f95\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 146596 5ed6a4af9378bacfb7d4a034d9923915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb\n Size/MD5: 778564 ffd7752394933004094c13b00113b263\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 238358 4955c7d577496ea4f3573345fad028a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 232964 76aecf38baba17a8a968329b818ec74a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 237626 83f32bd08e2e206bbdb9f92cfb1a37e5\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 208528 6672fb116e108687669c89197732fbb0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 83870 b8f875f197017aec0fe8203c203065d7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 82296 d6724391ed540b351e2b660ba98af1ca\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 209550 263b43fb11c6d954d5a4bf7839e720a4\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 146282 a225b8d0f48e141eea28b2369d4595c0\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb\n Size/MD5: 766494 454c737e191429c43ad3f28c9e0294a0\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 261510 d3e1155682726cc28859156e647d97b3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 256082 e49d894a6e9ab612a3cbd2f189ca3d8d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 260850 bc3cd7677cd630ac00424e73a3a6b343\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 208542 ae1cc6b1323832528ad8f0e7130ec87d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 84558 68452b686e89320007e9c5367ce36345\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 82908 2b8c5fc4bdec1017735dc16eba41d0a6\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 209562 a8da7487e3dcd1bdff008956728b8dd3\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 161030 a5ffe07d5e3050c8a54c4fccd3732263\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb\n Size/MD5: 926240 8282583e86e84bd256959540f39a515d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246720 e54b4b9b354001a910ec9027dc90b0d2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 241280 1eea25472875056e34cd2c3283c60171\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 246024 5709e7421814ecfb83fff5804d429971\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 208528 25cdfd0177da7e5484d3d44f93257863\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 84096 3ffbacffcc23ffc640a2ce05d35437bf\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 82470 17d1ca84f9455c492013f4f754a1d365\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 209546 696ef3652703523aea6208a4e51e48f1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 150932 44c89e0249c85eed09b6f3a6a23db59d\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb\n Size/MD5: 783902 773a80d7a85a452016da3b10b1f3ae43\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz\n Size/MD5: 141023 50d6737005a6d4fe601e223a39293f99\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc\n Size/MD5: 1795 59720f4d7ad291c986d92ec120750c3d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz\n Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 2219326 d29c903489b894ddf88b23a0fec23e5c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 46636 ee03585b00f277ed98c0de07a683317a\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb\n Size/MD5: 6948222 a3505a83c13cf36c86248079127dd84d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 259028 5e9bddefad4c58c3ef9fd15d7a06988d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 253218 ee1bfbb759ffade3a52a6782e2f4b66d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 258414 8ef063026de9790bac1965427ce1b584\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 213294 09701d434bd102e4205e551b4525afd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 214258 e98de48ea01e1132c5f1248a9a018745\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 151140 2f7c7f14b843b2c24de8c67356406449\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 826834 28abdf1c7be886e9be2825d351abaec7\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 87818 670c62615e107920c45893b3377ab2a0\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb\n Size/MD5: 86094 5a7c68fd37066287b4819cba4cfed1f2\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 245538 952540b7679ebc8d3ffc953f32d3be0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 240048 08a7fd4888ffd9188890e57c613c4be7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 244914 955bb5121da808d44aa994386d90723f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 213308 dd16143608ff8c41cb2d5cd27212a57e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 214280 1e1f5d6feef40413f823a19126a018e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 150046 0769d86d26282d1d31615050ae5b8915\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 784198 8760e9c37147d0472dbbfe941c058829\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 87182 21980cb1035d05f69b857870bbcbc085\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb\n Size/MD5: 85572 6a1b8a5e4cb19e815e88335757b06cf3\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 242386 859ad63822b7e82c81cd6dcaca088c4a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 236924 200538ce94218c9d8af8532636bfd40a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 241822 3a3183ea4ee77d2677919d3b698f92a1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 213286 bf81273b1db0a4a621085171c2b2b421\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 214264 ed278dab71289d2baae2ea409382fbf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 149758 75f6e2d7bd1cdfe5b1806062c3c859df\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 773424 c7cdc26051bd9443ae25b73776537fb5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 87132 32e7ea89c96a0afce7ce1da457d947fb\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb\n Size/MD5: 85550 1d9b5963aa6ea5c01492ec417ab8510a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265476 5d03fe6b2da8de98c876941ff78b066f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 260478 3e3aeaaf496cc86c62a831c59994c1f2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 265154 5eae30e7a33c09b37483f3aab595d0e9\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 213314 879534ebabbb8be86b606e1800dc9cf8\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 214286 922033231a6aa67ecca1c400d47f09c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 164444 74faf68f0baeffcd011155ca9b201039\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 932416 2911758e4ad1b3b401369621301ea76f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 87876 1d45c033ec5498c092f30188cf1d481e\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb\n Size/MD5: 86154 52c1d8806d52fef6f43ab53662953953\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250786 4e8e98dcba5543394ed5f07d141ce408\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 245094 a82bf04fc92b8c275b0c0f25cc81ff91\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 250110 092cf734813ae1d127d7b4f498f936c1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 213312 98d7062a6bdb58637f7e850b76bfbc80\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 214286 a378e2e0418631cec0f398379a446172\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 154284 ce8b7bbccd359675b70426df15becfed\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 789298 11f088b18425b97367d5bc141da2ef2f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 87384 477b6594866c8c73a8a3603e7e646c68\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb\n Size/MD5: 85686 5562ea5a0e6f01ba12adda3afb65c1b0\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz\n Size/MD5: 185244 1ef59f9642bd9efa35e0808ea804cd0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc\n Size/MD5: 1888 d3bfdecefdd8b1adec8ab35dcf85d2b3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz\n Size/MD5: 6678149 17f017b571f88aa60abebfe2945d7caf\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2246560 be12bcc117bf165ffd3401486186762e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2336 009d381342b0be5280835a46c91f01d9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2374 7545a3750acea08e95bee86f6a3247e2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2314 17719223d92d46821098ce178b5947d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 284782 4321e3201d8e8d1a9e3c6fbe6864102b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 1424 7b4d96008368549d5600a8c1f64a7559\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb\n Size/MD5: 2366 46add3d428c97fa69a8848a3e4025bb0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 137080 91e4f72d0f1f0abe91555e1497558fc2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 138176 5fd6a5ed536306528f9f2c1a0281ad70\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 156646 cfa55666363303b3f44a24fa2929bf01\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 1399630 82b36d57faa29a646e72a1125600c11c\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 92488 ddebef9d1a537520380f85b63c512bef\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb\n Size/MD5: 90880 c6d163edf145da8ff6d102dc0dd1f8d7\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 137102 69dcd0519ca612e02102f52dcb50bf7f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 138200 17221b53903d664823a55faa1ec4d9a9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 155166 4347806710edff47fc051b4a68d5b448\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 1309136 d9a7df212b315fc6f77fc87fa8eb4a04\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 91876 289bf732dd4750a2ce61ab121b04b079\n http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb\n Size/MD5: 90316 add7f446f6b524343c0066a486dd299a\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 137088 571e9f0370b5687acff25f71c4efe33e\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 138192 816a6e033f02114553bbb3627b9c6f9c\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 155090 af8272dc794250c30cd2f66b82486dc2\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 1290606 4c51de07f5a6fe9612de45369e6f35a5\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 91830 06866386df811127f4fd71d6fb2a9e2a\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb\n Size/MD5: 90312 9e68bd8111503135a4eae7265b0084ae\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 137096 61b24dbeb12d7998e5d7014c26410a99\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 138202 599898ff374bde8bfa388e2615064c5a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 161058 fea8f5b9a80bef9c4cb3405bc37160af\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 1390150 fb1a244728a509586b77d02930fcf10f\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 92400 572c3b0aa5ab717e8c4e4e8248aff1ff\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb\n Size/MD5: 90774 82011ebc757d31e690698cf9913e3adc\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 137098 7f566dfade1678c72eac7dd923ab5987\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 138202 09fbc3145d768cf1f204d47b50e21528\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 159488 7cb6c81588adaee162b8c85a1f69e7a7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 1297936 106b0b71f5e928c1d543973b5b1f015b\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 92166 28899fe31226880dfa961d8b05e8fa43\n http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb\n Size/MD5: 90554 f207de0099ed259e2af736e8c82f91c2\n\n\n. Note\n that this security issue does not really apply as zlib compression\n is not enabled in the openssl build provided by Mandriva, but apache\n is patched to address this issue anyway (conserns 2008.1 only). \n \n Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the\n mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c\n in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,\n allows remote attackers to inject arbitrary web script or HTML via\n wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this\n security issue was initially addressed with MDVSA-2008:195 but the\n patch fixing the issue was added but not applied in 2009.0. \n \n The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not\n properly handle Options=IncludesNOEXEC in the AllowOverride directive,\n which allows local users to gain privileges by configuring (1) Options\n Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a\n .htaccess file, and then inserting an exec element in a .shtml file\n (CVE-2009-1195). \n \n Fix a potential Denial-of-Service attack against mod_deflate or other\n modules, by forcing the server to consume CPU time in compressing a\n large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903,\n this disclosure has no actionable information. However, because the\n VulnDisco Pack author is a reliable researcher, the issue is being\n assigned a CVE identifier for tracking purposes (CVE-2009-3095). \n \n Apache is affected by SSL injection or man-in-the-middle attacks\n due to a design flaw in the SSL and/or TLS protocols. A short term\n solution was released Sat Nov 07 2009 by the ASF team to mitigate\n these problems. Apache will now reject in-session renegotiation\n (CVE-2009-3555). \n \n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n \n This update provides a solution to these vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm\n 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm\n ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm\n 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm\n b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm\n 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm\n 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm\n a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm\n 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm\n d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm\n 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm\n e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm\n 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm\n d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm\n 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm\n 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm\n 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm\n c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm\n 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm\n ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm\n 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm\n 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm\n dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm\n dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm\n 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm\n f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm\n 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm\n b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm\n 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm\n d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm\n e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm \n 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu\nMUj4lK2Wsb+qzbv2V+Ih30U=\n=VdZS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1934-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 16, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apache2\nVulnerability : multiple issues\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555\n\n\nA design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability. \n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use. \n\nNOTE: This is not a complete fix for the problem. The attack is\nstill possible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations\n(the information in the changelog of the updated packages is\nslightly inaccurate):\n\n- - The \"SSLVerifyClient\" directive is used in a Directory or Location\n context. \n- - The \"SSLCipherSuite\" directive is used in a Directory or Location\n context. \n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level. \n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue. \n\nCVE-2009-3095: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote authenticated attackers to bypass intended access\nrestrictions and send arbitrary FTP commands to an FTP server. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4). \n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 2.2.3-4+etch11. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 2.2.14-2. \n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages. \n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available. \n\n\nWe recommend that you upgrade your apache2 and apache2-mpm-itk packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch (oldstable)\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc\n Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz\n Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb\n Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb\n Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb\n Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb\n Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb\n Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb\n Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb\n Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb\n Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb\n Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb\n Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb\n Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb\n Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb\n Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb\n Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb\n Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb\n Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb\n Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb\n Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb\n Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb\n Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb\n Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb\n Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb\n Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874\n\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz\n Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc\n Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz\n Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870\n http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d\n http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb\n Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb\n Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb\n Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb\n Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb\n Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb\n Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb\n Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb\n Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb\n Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb\n Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb\n Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb\n Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb\n Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb\n Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb\n Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb\n Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb\n Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb\n Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb\n Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb\n Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb\n Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb\n Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d\n http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125\n http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb\n Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129\n http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f\n http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f\n http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728\n http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c\n http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb\n Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nPatch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . \nThe patch kits and installation instructions are available from the following location using ftp:\n\n Host Account Password\n ftp.usa.hp.com ewt01 Welcome1\n\nCSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms. \n\nItanium Images\n mod_proxy.exe_ia64\n mod_proxy_ftp.exe_ia64\n\nAlpha Images\n mod_proxy.exe_axp\n mod_proxy_ftp.exe_axp\n\nThe patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02160663\nVersion: 1\n\nHPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-06-02\nLast Updated: 2010-06-02\n\n- -----------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite. \n\nReferences: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09\nHP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nNote: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30;\nCVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09. \n\nRESOLUTION\n\nHP has provided the following upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor Web Server Suite before v3.09\nHP-UX B.11.23\n==================\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\naction: install revision B.2.2.8.09 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\naction: install revision B.2.2.8.09 or subsequent\n\nFor Web Server Suite before v2.30\nHP-UX B.11.11\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.23\n==================\nhpuxwsAPCH32.APACHE\nhpuxwsAPCH32.APACHE2\nhpuxwsAPCH32.AUTH_LDAP\nhpuxwsAPCH32.AUTH_LDAP2\nhpuxwsAPCH32.MOD_JK\nhpuxwsAPCH32.MOD_JK2\nhpuxwsAPCH32.MOD_PERL\nhpuxwsAPCH32.MOD_PERL2\nhpuxwsAPCH32.PHP\nhpuxwsAPCH32.PHP2\nhpuxwsAPCH32.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 2 June 2010 Initial release\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv\nnksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100\n=/Gfl\n-----END PGP SIGNATURE-----\n. \n\nBAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3094"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3094",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "36549",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "37152",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0609",
"trust": 1.7
},
{
"db": "BID",
"id": "36260",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-2550",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2009-3094",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83521",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87839",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90263",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111587",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"id": "VAR-200909-0801",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16451614
},
"last_update_date": "2024-07-23T21:34:26.443000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 2.0.64",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.64"
},
{
"title": "Fixed in Apache httpd 2.2.14",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"title": "httpd-2.2.3-31.2.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=774"
},
{
"title": "HPUXWSATW313",
"trust": 0.8,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber=hpuxwsatw313"
},
{
"title": "HPSBUX02531",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c02160663"
},
{
"title": "PM10658",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
},
{
"title": "7014463",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7009"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007033#60239"
},
{
"title": "7006876",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876#60239"
},
{
"title": "7007951",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951#61029"
},
{
"title": "PK96858",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96858\u0026loc=en_us"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61029"
},
{
"title": "1819",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1819"
},
{
"title": "1820",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1820"
},
{
"title": "RHSA-2009:1579",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1579.html"
},
{
"title": "RHSA-2009:1580",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1580.html"
},
{
"title": "multiple_vulnerabilities_in_the_apache",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_the_apache"
},
{
"title": "TLSA-2009-30",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2009/tlsa-2009-30j.txt"
},
{
"title": "RHSA-2009:1579",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1579j.html"
},
{
"title": "RHSA-2009:1580",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1580j.html"
},
{
"title": "interstage_as_201007",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201007.html"
},
{
"title": "Red Hat: Moderate: httpd and httpd22 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20100011 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp DoS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a36c9e7334a243cf3d9e15331467e21c"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-860-1"
},
{
"title": "Debian Security Advisories: DSA-1934-1 apache2 -- multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a5a134c3483f034e2df5ced5ad7428ec"
},
{
"title": "Symantec Security Advisories: SA61 : Director multiple Apache vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=508649a9a651b4fb32a5cc0f1310d652"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2009-3094 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36549"
},
{
"trust": 2.0,
"url": "http://www.intevydis.com/blog/?p=59"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96858"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm09161"
},
{
"trust": 1.7,
"url": "http://intevydis.com/vd-list.shtml"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37152"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2009/dsa-1934"
},
{
"trust": 1.7,
"url": "http://wiki.rpath.com/advisories:rpsa-2009-0155"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0609"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=126998684522511\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=133355494609819\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8087"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10981"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3094"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3094"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/36260"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2009/2550"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
},
{
"trust": 0.6,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_the_apache"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs."
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.14"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
},
{
"trust": 0.3,
"url": "http://intevydis.com/company.shtml"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100074555"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03236227"
},
{
"trust": 0.3,
"url": "http://www11.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02002308"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa61\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201007e.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3095"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2009-3094"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0011"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/860-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18978"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1678"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2939"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1195"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1191"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1191"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1678"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2699"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"db": "BID",
"id": "36260"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"db": "PACKETSTORM",
"id": "82799"
},
{
"db": "PACKETSTORM",
"id": "83521"
},
{
"db": "PACKETSTORM",
"id": "82647"
},
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "PACKETSTORM",
"id": "87839"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "PACKETSTORM",
"id": "111587"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"date": "2009-09-03T00:00:00",
"db": "BID",
"id": "36260"
},
{
"date": "2009-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"date": "2009-11-19T18:46:00",
"db": "PACKETSTORM",
"id": "82799"
},
{
"date": "2009-12-07T21:57:59",
"db": "PACKETSTORM",
"id": "83521"
},
{
"date": "2009-11-16T23:36:55",
"db": "PACKETSTORM",
"id": "82647"
},
{
"date": "2009-09-22T21:58:35",
"db": "PACKETSTORM",
"id": "81540"
},
{
"date": "2010-03-31T15:49:00",
"db": "PACKETSTORM",
"id": "87839"
},
{
"date": "2010-06-04T04:25:14",
"db": "PACKETSTORM",
"id": "90263"
},
{
"date": "2012-04-05T00:55:15",
"db": "PACKETSTORM",
"id": "111587"
},
{
"date": "2009-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"date": "2009-09-08T18:30:00.657000",
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3094"
},
{
"date": "2015-04-13T21:44:00",
"db": "BID",
"id": "36260"
},
{
"date": "2010-12-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002187"
},
{
"date": "2022-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-107"
},
{
"date": "2023-11-07T02:04:19.897000",
"db": "NVD",
"id": "CVE-2009-3094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81540"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of ap_proxy_ftp_handler Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002187"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-107"
}
],
"trust": 0.6
}
}
VAR-201105-0094
Vulnerability from variot - Updated: 2024-07-23 21:34The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. This vulnerability CVE-2011-0419 Vulnerability due to incomplete fix.Does not match wildcard pattern type by a third party URI Through service disruption ( infinite loop ) There is a possibility of being put into a state. Apache APR is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause excessive CPU usage, resulting in denial-of-service conditions. Apache APR 1.4.4 is affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Low: apr security update Advisory ID: RHSA-2011:0844-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0844.html Issue date: 2011-05-31 CVE Names: CVE-2011-1928 =====================================================================
- Summary:
Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.
The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
- It provides a free library of C data structures and routines.
The fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. (CVE-2011-1928)
Note: This problem affected httpd configurations using the "Location" directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request.
This update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw.
All apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
706203 - CVE-2011-1928 apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419
- Package List:
Red Hat Enterprise Linux AS version 4:
Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386: apr-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-devel-0.9.4-26.el4.i386.rpm
ia64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.ia64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.ia64.rpm apr-devel-0.9.4-26.el4.ia64.rpm
ppc: apr-0.9.4-26.el4.ppc.rpm apr-0.9.4-26.el4.ppc64.rpm apr-debuginfo-0.9.4-26.el4.ppc.rpm apr-debuginfo-0.9.4-26.el4.ppc64.rpm apr-devel-0.9.4-26.el4.ppc.rpm
s390: apr-0.9.4-26.el4.s390.rpm apr-debuginfo-0.9.4-26.el4.s390.rpm apr-devel-0.9.4-26.el4.s390.rpm
s390x: apr-0.9.4-26.el4.s390.rpm apr-0.9.4-26.el4.s390x.rpm apr-debuginfo-0.9.4-26.el4.s390.rpm apr-debuginfo-0.9.4-26.el4.s390x.rpm apr-devel-0.9.4-26.el4.s390x.rpm
x86_64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.x86_64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.x86_64.rpm apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386: apr-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-devel-0.9.4-26.el4.i386.rpm
x86_64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.x86_64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.x86_64.rpm apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386: apr-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-devel-0.9.4-26.el4.i386.rpm
ia64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.ia64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.ia64.rpm apr-devel-0.9.4-26.el4.ia64.rpm
x86_64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.x86_64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.x86_64.rpm apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm
i386: apr-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-devel-0.9.4-26.el4.i386.rpm
ia64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.ia64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.ia64.rpm apr-devel-0.9.4-26.el4.ia64.rpm
x86_64: apr-0.9.4-26.el4.i386.rpm apr-0.9.4-26.el4.x86_64.rpm apr-debuginfo-0.9.4-26.el4.i386.rpm apr-debuginfo-0.9.4-26.el4.x86_64.rpm apr-devel-0.9.4-26.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386: apr-1.2.7-11.el5_6.5.i386.rpm apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-docs-1.2.7-11.el5_6.5.i386.rpm
x86_64: apr-1.2.7-11.el5_6.5.i386.rpm apr-1.2.7-11.el5_6.5.x86_64.rpm apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm apr-docs-1.2.7-11.el5_6.5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386: apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-devel-1.2.7-11.el5_6.5.i386.rpm
x86_64: apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm apr-devel-1.2.7-11.el5_6.5.i386.rpm apr-devel-1.2.7-11.el5_6.5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm
i386: apr-1.2.7-11.el5_6.5.i386.rpm apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-devel-1.2.7-11.el5_6.5.i386.rpm apr-docs-1.2.7-11.el5_6.5.i386.rpm
ia64: apr-1.2.7-11.el5_6.5.ia64.rpm apr-debuginfo-1.2.7-11.el5_6.5.ia64.rpm apr-devel-1.2.7-11.el5_6.5.ia64.rpm apr-docs-1.2.7-11.el5_6.5.ia64.rpm
ppc: apr-1.2.7-11.el5_6.5.ppc.rpm apr-1.2.7-11.el5_6.5.ppc64.rpm apr-debuginfo-1.2.7-11.el5_6.5.ppc.rpm apr-debuginfo-1.2.7-11.el5_6.5.ppc64.rpm apr-devel-1.2.7-11.el5_6.5.ppc.rpm apr-devel-1.2.7-11.el5_6.5.ppc64.rpm apr-docs-1.2.7-11.el5_6.5.ppc.rpm
s390x: apr-1.2.7-11.el5_6.5.s390.rpm apr-1.2.7-11.el5_6.5.s390x.rpm apr-debuginfo-1.2.7-11.el5_6.5.s390.rpm apr-debuginfo-1.2.7-11.el5_6.5.s390x.rpm apr-devel-1.2.7-11.el5_6.5.s390.rpm apr-devel-1.2.7-11.el5_6.5.s390x.rpm apr-docs-1.2.7-11.el5_6.5.s390x.rpm
x86_64: apr-1.2.7-11.el5_6.5.i386.rpm apr-1.2.7-11.el5_6.5.x86_64.rpm apr-debuginfo-1.2.7-11.el5_6.5.i386.rpm apr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm apr-devel-1.2.7-11.el5_6.5.i386.rpm apr-devel-1.2.7-11.el5_6.5.x86_64.rpm apr-docs-1.2.7-11.el5_6.5.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386: apr-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm
x86_64: apr-1.3.9-3.el6_1.2.i686.rpm apr-1.3.9-3.el6_1.2.x86_64.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386: apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm
x86_64: apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
x86_64: apr-1.3.9-3.el6_1.2.i686.rpm apr-1.3.9-3.el6_1.2.x86_64.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
x86_64: apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386: apr-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm
ppc64: apr-1.3.9-3.el6_1.2.ppc.rpm apr-1.3.9-3.el6_1.2.ppc64.rpm apr-debuginfo-1.3.9-3.el6_1.2.ppc.rpm apr-debuginfo-1.3.9-3.el6_1.2.ppc64.rpm apr-devel-1.3.9-3.el6_1.2.ppc.rpm apr-devel-1.3.9-3.el6_1.2.ppc64.rpm
s390x: apr-1.3.9-3.el6_1.2.s390.rpm apr-1.3.9-3.el6_1.2.s390x.rpm apr-debuginfo-1.3.9-3.el6_1.2.s390.rpm apr-debuginfo-1.3.9-3.el6_1.2.s390x.rpm apr-devel-1.3.9-3.el6_1.2.s390.rpm apr-devel-1.3.9-3.el6_1.2.s390x.rpm
x86_64: apr-1.3.9-3.el6_1.2.i686.rpm apr-1.3.9-3.el6_1.2.x86_64.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm
i386: apr-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm
x86_64: apr-1.3.9-3.el6_1.2.i686.rpm apr-1.3.9-3.el6_1.2.x86_64.rpm apr-debuginfo-1.3.9-3.el6_1.2.i686.rpm apr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm apr-devel-1.3.9-3.el6_1.2.i686.rpm apr-devel-1.3.9-3.el6_1.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-1928.html https://access.redhat.com/security/updates/classification/#low https://rhn.redhat.com/errata/RHSA-2011-0507.html
- Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFN5RAiXlSAg2UNWIIRAuwdAJ9vddMlxPWoOqzsNz37JmvVmqSKfgCfchI5 R4u+hsr+KDZ1nnC2K8wCJ9c= =e0/T -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and database connections. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache Portable Runtime users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/apr-1.4.8-r1"
All users of the APR Utility Library should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/apr-util-1.3.10"
Packages which depend on these libraries may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.
References
[ 1 ] CVE-2010-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1623 [ 2 ] CVE-2011-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0419 [ 3 ] CVE-2011-1928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1928 [ 4 ] CVE-2012-0840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0840
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201405-24.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03280632 Version: 2
HPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2012-04-16 Last Updated: 2012-04-19
Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities.
References: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5 CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com.
The Hewlett-Packard Company thanks Silent Dream for reporting CVE-2012-0135 to security-alert@hp.com
RESOLUTION
HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities.
SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html
HISTORY Version:1 (rev.1) 16 April 2012 Initial release Version:2 (rev.2) 19 April 2012 Remove CVE-2011-4317
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS V2.2 and earlier.
Packages for 2010.0 are provided as of the Extended Maintenance Program.
Update:
Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095 advisory. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD4DBQFN2iiWmqjQ0CJFipgRAtwkAKCAjiWeDSCpeBz8IzxMtpi8XrxLcwCY33lA S7AiWmam6ERQZeIA3TBbYw== =b6Io -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201105-0094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apr-util",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.4.4"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.4.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "portable runtime",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "1.4.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "hp secure web server for openvms",
"scope": "lte",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v2.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.6.z (server)"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux long life",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "(v. 5.6 server)"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.1.z"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage application server web-j edition l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "interstage application server plus l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0-103"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0.95"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1.73"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "interstage apworks modelers-j edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0-95"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage application server plus developer l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "interstage business application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "interstage application server enterprise edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server web-j edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "apr",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.4.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "interstage application server enterprise edition l20",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server web-j edition l20",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.0-68"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition l20a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2-77"
},
{
"model": "interstage application server standard edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "interstage application server web-j edition l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "aura sip enablement services ssp3",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "interstage application server enterprise edition l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "interstage application server plus l10c",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "interstage application server standard edition l20",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "apr",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.4.4"
},
{
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.1-73"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "interstage application server plus developer l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.27"
},
{
"model": "interstage application server standard edition l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "interstage application server standard edition l20a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.96"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "interstage application server enterprise edition l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage application server enterprise edition l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "interstage apworks modelers-j edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.103"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition 9.1.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "meeting exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "interstage application server enterprise edition l10c",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "interstage application server enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "system management homepage b",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.2.77"
},
{
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "interstage application server web-j edition l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.1.1"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "interstage application server enterprise edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.64"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.2"
},
{
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server web-j edition l20a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard edition l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage apworks modelers-j edition l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.1.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura communication manager ssp3",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "interstage application server standard edition l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "interstage business application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "interstage application server enterprise edition l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "interstage application server plus l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2.0-12"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0.68"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1.0.102"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "47929"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Software Foundation",
"sources": [
{
"db": "BID",
"id": "47929"
}
],
"trust": 0.3
},
"cve": "CVE-2011-1928",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-1928",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-1928",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201105-237",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. This vulnerability CVE-2011-0419 Vulnerability due to incomplete fix.Does not match wildcard pattern type by a third party URI Through service disruption ( infinite loop ) There is a possibility of being put into a state. Apache APR is prone to a denial-of-service vulnerability. \nSuccessful exploits may allow the attacker to cause excessive CPU usage, resulting in denial-of-service conditions. \nApache APR 1.4.4 is affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Low: apr security update\nAdvisory ID: RHSA-2011:0844-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2011-0844.html\nIssue date: 2011-05-31\nCVE Names: CVE-2011-1928 \n=====================================================================\n\n1. Summary:\n\nUpdated apr packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4, 5, and 6. \n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop version 4 - i386, x86_64\nRed Hat Enterprise Linux ES version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux WS version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. It provides a free library of C data\nstructures and routines. \n\nThe fix for CVE-2011-0419 (released via RHSA-2011:0507) introduced an\ninfinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME\nmatching flag was used. A remote attacker could possibly use this flaw to\ncause a denial of service on an application using the apr_fnmatch()\nfunction. (CVE-2011-1928)\n\nNote: This problem affected httpd configurations using the \"Location\"\ndirective with wildcard URLs. The denial of service could have been\ntriggered during normal operation; it did not specifically require a\nmalicious HTTP request. \n\nThis update also addresses additional problems introduced by the rewrite of\nthe apr_fnmatch() function, which was necessary to address the\nCVE-2011-0419 flaw. \n\nAll apr users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Applications using the apr library,\nsuch as httpd, must be restarted for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n706203 - CVE-2011-1928 apr: DoS flaw in apr_fnmatch() due to fix for CVE-2011-0419\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm\n\ni386:\napr-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-devel-0.9.4-26.el4.i386.rpm\n\nia64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.ia64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.ia64.rpm\napr-devel-0.9.4-26.el4.ia64.rpm\n\nppc:\napr-0.9.4-26.el4.ppc.rpm\napr-0.9.4-26.el4.ppc64.rpm\napr-debuginfo-0.9.4-26.el4.ppc.rpm\napr-debuginfo-0.9.4-26.el4.ppc64.rpm\napr-devel-0.9.4-26.el4.ppc.rpm\n\ns390:\napr-0.9.4-26.el4.s390.rpm\napr-debuginfo-0.9.4-26.el4.s390.rpm\napr-devel-0.9.4-26.el4.s390.rpm\n\ns390x:\napr-0.9.4-26.el4.s390.rpm\napr-0.9.4-26.el4.s390x.rpm\napr-debuginfo-0.9.4-26.el4.s390.rpm\napr-debuginfo-0.9.4-26.el4.s390x.rpm\napr-devel-0.9.4-26.el4.s390x.rpm\n\nx86_64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.x86_64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.x86_64.rpm\napr-devel-0.9.4-26.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm\n\ni386:\napr-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-devel-0.9.4-26.el4.i386.rpm\n\nx86_64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.x86_64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.x86_64.rpm\napr-devel-0.9.4-26.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm\n\ni386:\napr-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-devel-0.9.4-26.el4.i386.rpm\n\nia64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.ia64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.ia64.rpm\napr-devel-0.9.4-26.el4.ia64.rpm\n\nx86_64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.x86_64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.x86_64.rpm\napr-devel-0.9.4-26.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/apr-0.9.4-26.el4.src.rpm\n\ni386:\napr-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-devel-0.9.4-26.el4.i386.rpm\n\nia64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.ia64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.ia64.rpm\napr-devel-0.9.4-26.el4.ia64.rpm\n\nx86_64:\napr-0.9.4-26.el4.i386.rpm\napr-0.9.4-26.el4.x86_64.rpm\napr-debuginfo-0.9.4-26.el4.i386.rpm\napr-debuginfo-0.9.4-26.el4.x86_64.rpm\napr-devel-0.9.4-26.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm\n\ni386:\napr-1.2.7-11.el5_6.5.i386.rpm\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-docs-1.2.7-11.el5_6.5.i386.rpm\n\nx86_64:\napr-1.2.7-11.el5_6.5.i386.rpm\napr-1.2.7-11.el5_6.5.x86_64.rpm\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm\napr-docs-1.2.7-11.el5_6.5.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm\n\ni386:\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-devel-1.2.7-11.el5_6.5.i386.rpm\n\nx86_64:\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm\napr-devel-1.2.7-11.el5_6.5.i386.rpm\napr-devel-1.2.7-11.el5_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/apr-1.2.7-11.el5_6.5.src.rpm\n\ni386:\napr-1.2.7-11.el5_6.5.i386.rpm\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-devel-1.2.7-11.el5_6.5.i386.rpm\napr-docs-1.2.7-11.el5_6.5.i386.rpm\n\nia64:\napr-1.2.7-11.el5_6.5.ia64.rpm\napr-debuginfo-1.2.7-11.el5_6.5.ia64.rpm\napr-devel-1.2.7-11.el5_6.5.ia64.rpm\napr-docs-1.2.7-11.el5_6.5.ia64.rpm\n\nppc:\napr-1.2.7-11.el5_6.5.ppc.rpm\napr-1.2.7-11.el5_6.5.ppc64.rpm\napr-debuginfo-1.2.7-11.el5_6.5.ppc.rpm\napr-debuginfo-1.2.7-11.el5_6.5.ppc64.rpm\napr-devel-1.2.7-11.el5_6.5.ppc.rpm\napr-devel-1.2.7-11.el5_6.5.ppc64.rpm\napr-docs-1.2.7-11.el5_6.5.ppc.rpm\n\ns390x:\napr-1.2.7-11.el5_6.5.s390.rpm\napr-1.2.7-11.el5_6.5.s390x.rpm\napr-debuginfo-1.2.7-11.el5_6.5.s390.rpm\napr-debuginfo-1.2.7-11.el5_6.5.s390x.rpm\napr-devel-1.2.7-11.el5_6.5.s390.rpm\napr-devel-1.2.7-11.el5_6.5.s390x.rpm\napr-docs-1.2.7-11.el5_6.5.s390x.rpm\n\nx86_64:\napr-1.2.7-11.el5_6.5.i386.rpm\napr-1.2.7-11.el5_6.5.x86_64.rpm\napr-debuginfo-1.2.7-11.el5_6.5.i386.rpm\napr-debuginfo-1.2.7-11.el5_6.5.x86_64.rpm\napr-devel-1.2.7-11.el5_6.5.i386.rpm\napr-devel-1.2.7-11.el5_6.5.x86_64.rpm\napr-docs-1.2.7-11.el5_6.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\ni386:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\n\nx86_64:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-1.3.9-3.el6_1.2.x86_64.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\ni386:\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\n\nx86_64:\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\nx86_64:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-1.3.9-3.el6_1.2.x86_64.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\nx86_64:\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\ni386:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\n\nppc64:\napr-1.3.9-3.el6_1.2.ppc.rpm\napr-1.3.9-3.el6_1.2.ppc64.rpm\napr-debuginfo-1.3.9-3.el6_1.2.ppc.rpm\napr-debuginfo-1.3.9-3.el6_1.2.ppc64.rpm\napr-devel-1.3.9-3.el6_1.2.ppc.rpm\napr-devel-1.3.9-3.el6_1.2.ppc64.rpm\n\ns390x:\napr-1.3.9-3.el6_1.2.s390.rpm\napr-1.3.9-3.el6_1.2.s390x.rpm\napr-debuginfo-1.3.9-3.el6_1.2.s390.rpm\napr-debuginfo-1.3.9-3.el6_1.2.s390x.rpm\napr-devel-1.3.9-3.el6_1.2.s390.rpm\napr-devel-1.3.9-3.el6_1.2.s390x.rpm\n\nx86_64:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-1.3.9-3.el6_1.2.x86_64.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/apr-1.3.9-3.el6_1.2.src.rpm\n\ni386:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\n\nx86_64:\napr-1.3.9-3.el6_1.2.i686.rpm\napr-1.3.9-3.el6_1.2.x86_64.rpm\napr-debuginfo-1.3.9-3.el6_1.2.i686.rpm\napr-debuginfo-1.3.9-3.el6_1.2.x86_64.rpm\napr-devel-1.3.9-3.el6_1.2.i686.rpm\napr-devel-1.3.9-3.el6_1.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-1928.html\nhttps://access.redhat.com/security/updates/classification/#low\nhttps://rhn.redhat.com/errata/RHSA-2011-0507.html\n\n8. Contact:\n\nThe Red Hat security contact is \u0026lt;secalert@redhat.com\u0026gt;. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFN5RAiXlSAg2UNWIIRAuwdAJ9vddMlxPWoOqzsNz37JmvVmqSKfgCfchI5\nR4u+hsr+KDZ1nnC2K8wCJ9c=\n=e0/T\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. The Apache Portable Runtime\nUtility Library (aka APR-Util) provides an interface to functionality\nsuch as XML parsing, string matching and database connections. Please review the CVE identifiers\nreferenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache Portable Runtime users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/apr-1.4.8-r1\"\n\nAll users of the APR Utility Library should upgrade to the latest\nversion:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/apr-util-1.3.10\"\n\nPackages which depend on these libraries may need to be recompiled. \nTools such as revdep-rebuild may assist in identifying some of these\npackages. \n\nReferences\n==========\n\n[ 1 ] CVE-2010-1623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1623\n[ 2 ] CVE-2011-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0419\n[ 3 ] CVE-2011-1928\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1928\n[ 4 ] CVE-2012-0840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0840\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201405-24.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03280632\nVersion: 2\n\nHPSBMU02764 SSRT100827 rev.2 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2012-04-16\nLast Updated: 2012-04-19\n\nPotential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. \n\nReferences: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) before v7.0 running on Linux and Windows. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\nCVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5\nCVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nThe Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com. \n\nThe Hewlett-Packard Company thanks Silent Dream for reporting CVE-2012-0135 to security-alert@hp.com\n\nRESOLUTION\n\nHP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities. \n\nSMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html\n\nHISTORY\nVersion:1 (rev.1) 16 April 2012 Initial release\nVersion:2 (rev.2) 19 April 2012 Remove CVE-2011-4317\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS V2.2 and earlier. \n \n Packages for 2010.0 are provided as of the Extended Maintenance\n Program. \n\n Update:\n\n Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095\n advisory. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD4DBQFN2iiWmqjQ0CJFipgRAtwkAKCAjiWeDSCpeBz8IzxMtpi8XrxLcwCY33lA\nS7AiWmam6ERQZeIA3TBbYw==\n=b6Io\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1928"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "BID",
"id": "47929"
},
{
"db": "PACKETSTORM",
"id": "101874"
},
{
"db": "PACKETSTORM",
"id": "126689"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "101574"
},
{
"db": "PACKETSTORM",
"id": "117251"
},
{
"db": "PACKETSTORM",
"id": "101611"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1928",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "44558",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "44661",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "44613",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "48308",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "44780",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2011-1290",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2011-1289",
"trust": 1.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2011/05/19/10",
"trust": 1.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2011/05/19/5",
"trust": 1.6
},
{
"db": "BID",
"id": "47929",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "101874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126689",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112043",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101574",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117251",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101611",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "47929"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "PACKETSTORM",
"id": "101874"
},
{
"db": "PACKETSTORM",
"id": "126689"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "101574"
},
{
"db": "PACKETSTORM",
"id": "117251"
},
{
"db": "PACKETSTORM",
"id": "101611"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"id": "VAR-201105-0094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.18880563
},
"last_update_date": "2024-07-23T21:34:14.063000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apache HTTP Server 2.2.19 Released",
"trust": 0.8,
"url": "http://www.apache.org/dist/httpd/announcement2.2.html"
},
{
"title": "Changes for APR 1.4.5",
"trust": 0.8,
"url": "http://www.apache.org/dist/apr/changes-apr-1.4"
},
{
"title": "apr-1.2.7-11.AXS3.5",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1444"
},
{
"title": "HPSBOV02822 SSRT100966",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03517954"
},
{
"title": "2223",
"trust": 0.8,
"url": "https://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2223"
},
{
"title": "2229",
"trust": 0.8,
"url": "https://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2229"
},
{
"title": "RHSA-2011:0844",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0844.html"
},
{
"title": "multiple_vulnerabilities_in_apache_portable",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_portable"
},
{
"title": "Apache HTTP Server and Apache Portable Runtime Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234644"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/44558"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/44661"
},
{
"trust": 1.6,
"url": "http://openwall.com/lists/oss-security/2011/05/19/10"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2011/1290"
},
{
"trust": 1.6,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/48308"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:095"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/44613"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2011-0844.html"
},
{
"trust": 1.6,
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=51219"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2011/1289"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=bugtraq\u0026m=134987041210674\u0026w=2"
},
{
"trust": 1.6,
"url": "http://openwall.com/lists/oss-security/2011/05/19/5"
},
{
"trust": 1.6,
"url": "http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4dd55076.1060005%40apache.org%3e"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/44780"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1928"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3c4dd55092.3030403%40apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1928"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/47929"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1928"
},
{
"trust": 0.6,
"url": "httpd-announce/201105.mbox/%3c4dd55092.3030403%40apache.org%3e"
},
{
"trust": 0.6,
"url": "http://mail-archives.apache.org/mod_mbox/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
},
{
"trust": 0.3,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/browser"
},
{
"trust": 0.3,
"url": "http://apr.apache.org/"
},
{
"trust": 0.3,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/raw/%3c4dd55092.3030403@apache.org%3e/2"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100144224"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100150721"
},
{
"trust": 0.3,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03231301\u0026ac.admitted=1332965374461.876444892.492883150"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03517954\u0026ac.admitted=1349807398574.876444892.199480143"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201104e.html"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_portable"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1623"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3192"
},
{
"trust": 0.2,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0844.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2011-0507.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-1928.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0419"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0840"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201405-24.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0840"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1623"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1468"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1148"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3182"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1467"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1471"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1470"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2202"
},
{
"trust": 0.1,
"url": "http://h18000.www1.hp.com/products/servers/management/agents/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1945"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2068"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1938"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0037"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3189"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4317"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3607"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_patches.html"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
}
],
"sources": [
{
"db": "BID",
"id": "47929"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "PACKETSTORM",
"id": "101874"
},
{
"db": "PACKETSTORM",
"id": "126689"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "101574"
},
{
"db": "PACKETSTORM",
"id": "117251"
},
{
"db": "PACKETSTORM",
"id": "101611"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "47929"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"db": "PACKETSTORM",
"id": "101874"
},
{
"db": "PACKETSTORM",
"id": "126689"
},
{
"db": "PACKETSTORM",
"id": "112043"
},
{
"db": "PACKETSTORM",
"id": "101574"
},
{
"db": "PACKETSTORM",
"id": "117251"
},
{
"db": "PACKETSTORM",
"id": "101611"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-19T00:00:00",
"db": "BID",
"id": "47929"
},
{
"date": "2011-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"date": "2011-06-01T06:15:42",
"db": "PACKETSTORM",
"id": "101874"
},
{
"date": "2014-05-19T03:19:12",
"db": "PACKETSTORM",
"id": "126689"
},
{
"date": "2012-04-20T20:15:33",
"db": "PACKETSTORM",
"id": "112043"
},
{
"date": "2011-05-20T14:20:08",
"db": "PACKETSTORM",
"id": "101574"
},
{
"date": "2012-10-10T02:28:54",
"db": "PACKETSTORM",
"id": "117251"
},
{
"date": "2011-05-23T14:26:23",
"db": "PACKETSTORM",
"id": "101611"
},
{
"date": "2011-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"date": "2011-05-24T23:55:03.573000",
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T22:01:00",
"db": "BID",
"id": "47929"
},
{
"date": "2012-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001668"
},
{
"date": "2023-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-237"
},
{
"date": "2023-11-07T02:07:16.003000",
"db": "NVD",
"id": "CVE-2011-1928"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "101874"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "APR Library and Apache HTTP Server of fnmatch Service disruption in implementation ( infinite loop ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-001668"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-237"
}
],
"trust": 0.6
}
}
VAR-201208-0141
Vulnerability from variot - Updated: 2024-07-23 21:32Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list. Apache HTTP Server is prone to an HTML-injection vulnerability and an information disclosure vulnerability. Attackers may leverage these issues to obtain potentially sensitive session information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or control how the site is rendered to the user; other attacks are also possible. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
- Description:
The httpd packages contain the Apache HTTP Server (httpd), which is the namesake project of The Apache Software Foundation. (CVE-2008-0455, CVE-2012-2687)
It was discovered that mod_proxy_ajp, when used in configurations with mod_proxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP (Apache JServ Protocol) CPing request was responded to by the back-end. A remote attacker able to make a back-end use an excessive amount of time to process a request could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed. Space precludes documenting all of these changes in this advisory. After installing the updated packages, the httpd daemon will be restarted automatically. Bugs fixed (http://bugzilla.redhat.com/):
757735 - [RFE] httpd's rotatelogs needs a way to rotate files into a custom location 757739 - [RFE] rotatelogs needs to create files even if they are empty 805720 - Only a single interface is available for SSL 805810 - init script for htcacheclean is missing 828896 - mod_authnz_ldap unable to set environment variables for authorize only 829689 - mod_ldap: fix occasional 500 Internal Server Error 842376 - httpd fails in processing chunked requests with > 31 bytes chunk-size / -extension line 848954 - Putting private key first in SSLProxyMachineCertificateFile causes segfault 850794 - CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled 867745 - mod_ssl post install script can cause failures 868283 - mod_cache regression in httpd 2.2.3-65: non-cacheable 304 responses serve bad data 871685 - CVE-2012-4557 httpd: mod_proxy_ajp worker moved to error state when timeout exceeded 876923 - "if" condition always true - detected by Coverity
- 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-26.el6.src.rpm
x86_64: httpd-2.2.15-26.el6.x86_64.rpm httpd-debuginfo-2.2.15-26.el6.x86_64.rpm httpd-tools-2.2.15-26.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v.
Problem Description:
Multiple vulnerabilities has been found and corrected in apache (ASF HTTPD):
Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory (CVE-2012-0883).
Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled (CVE-2012-2687).
Update:
Packages for Mandriva Linux 2011 is also being provided. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQaa9/mqjQ0CJFipgRAhruAJ9EC4FWiuzvbIXRyxeJEa6ifXWfngCfdzew 7eKtlYj6mMOMjJJ0oekKwnQ= =t10D -----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Hitachi Multiple Products Apache HTTP Server Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA51458
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51458
RELEASE DATE: 2012-11-30
DISCUSS ADVISORY: http://secunia.com/advisories/51458/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51458/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51458
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Hitachi has acknowledged some vulnerabilities in multiple Hitachi products, which can be exploited by malicious people to conduct cross-site scripting attacks.
For more information see vulnerability #2 in: SA50363
See the vendor's advisory for a list of affected products and versions.
SOLUTION: As a workaround the vendor recommends to disable the mod_negotiation module or remove "MultiViews" from the "Options" lines in the Directory specifications.
ORIGINAL ADVISORY: http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-028/index.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03734195
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03734195 Version: 1
HPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Execution of Arbitrary Code and other vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-04-15 Last Updated: 2013-04-12
Potential Security Impact: Remote Denial of Service (DoS), execution of arbitrary code and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Running Apache. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code and other vulnerabilities.
References: HP-UX Apache: CVE-2007-6750, CVE-2012-2687, CVE-2012-3499, CVE-2012-4557, CVE-2012 -4558, CVE-2012-4929 Tomcat v6.0 and v7.0: CVE-2012-2733, CVE-2012-3546, CVE-2012-4431, CVE-2012-4534, CVE-2012-5885
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.25 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6750 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-2687 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6 CVE-2012-2733 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-3499 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-3546 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-4431 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-4534 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6 CVE-2012-4557 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-4558 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-4929 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5885 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates to resolve the vulnerability. The update for B.11.23 and B.11.31 is available for download from ftp://sb_02866:6hq{PM6a@ftp.usa.hp.com
Web Server Suite Version Apache Depot Name
HP-UX Web Server Suite v.3.26 containing Apache v2.2.15.15 and Tomcat B.5.5.36.01 HP-UX_11.23_HPUXWS22ATW-B326-11-23-64.depot
HP-UX_11.23_HPUXWS22ATW-B326-11-23-32.depot
HP-UX Web Server Suite v.3.26 containing Apache v2.2.15.15 and Tomcat C.6.0.36.01 HP-UX_11.31_HPUXWS22ATW-B326-11-31-64.depot
HP-UX_11.31_HPUXWS22ATW-B326-11-31-32.depot
Tomcat D.7.035.01 HP-UX_11.31_hpuxws22Tomcat_D.7.0.35.01_HP-UX_B.11.31_IA_PA.depot
MANUAL ACTIONS: Yes - Update Install HP-UX Web Server Suite v3.26 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 action: install revision B.2.2.15.15 or subsequent
HP-UX B.11.31
hpuxws22TOMCAT.TOMCAT action: install revision C.6.0.36.01 or subsequent
HP-UX B.11.31
hpuxws22TOMCAT.TOMCAT action: install revision D.7.0.35.01 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 15 April 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. ============================================================================ Ubuntu Security Notice USN-1627-1 November 08, 2012
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary:
Several security issues were fixed in the Apache HTTP server. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Although this issue had been mitigated on the client with newer web browsers, this update also disables SSL data compression on the server. A new SSLCompression directive for Apache has been backported that may be used to re-enable SSL data compression in certain environments. For more information, please refer to: http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcompression (CVE-2012-4929)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: apache2.2-common 2.2.22-6ubuntu2.1
Ubuntu 12.04 LTS: apache2.2-common 2.2.22-1ubuntu1.2
Ubuntu 11.10: apache2.2-common 2.2.20-1ubuntu1.3
Ubuntu 10.04 LTS: apache2.2-common 2.2.14-5ubuntu8.10
Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.24
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: JBoss Enterprise Application Platform 6.0.1 update Advisory ID: RHSA-2012:1592-01 Product: JBoss Enterprise Application Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1592.html Issue date: 2012-12-18 CVE Names: CVE-2008-0455 CVE-2012-2378 CVE-2012-2379 CVE-2012-2672 CVE-2012-2687 CVE-2012-3428 CVE-2012-3451 CVE-2012-4549 CVE-2012-4550 =====================================================================
- Summary:
Updated JBoss Enterprise Application Platform 6.0.1 packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
JBoss Enterprise Application Platform 6 for RHEL 6 Server - i386, noarch, x86_64
- Description:
JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.
This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1 Release Notes for information on the most significant of these changes, available shortly from https://access.redhat.com/knowledge/docs/
This update removes unused signed JARs; unused SHA1 checksums from JAR MANIFEST.MF files to reduce the Server memory footprint; adds MANIFEST.MF to JAR files where it was previously missing; and removes redundant Javadoc files from the main packages. (BZ#830291)
Security fixes:
Apache CXF checked to ensure XML elements were signed or encrypted by a Supporting Token, but not whether the correct token was used. A remote attacker could transmit confidential information without the appropriate security, and potentially circumvent access controls on web services exposed via Apache CXF. (CVE-2012-2379)
When using role-based authorization to configure EJB access, JACC permissions should be used to determine access; however, due to a flaw the configured authorization modules (JACC, XACML, etc.) were not called, and the JACC permissions were not used to determine access to an EJB. (CVE-2012-4550)
A flaw in the way Apache CXF enforced child policies of WS-SecurityPolicy 1.1 on the client side could, in certain cases, lead to a client failing to sign or encrypt certain elements as directed by the security policy, leading to information disclosure and insecure information transmission. (CVE-2012-2378)
A flaw was found in the way IronJacamar authenticated credentials and returned a valid datasource connection when configured to "allow-multiple-users". A remote attacker, provided the correct subject, could obtain a datasource connection that might belong to a privileged user. (CVE-2012-3428)
It was found that Apache CXF was vulnerable to SOAPAction spoofing attacks under certain conditions. Note that WS-Policy validation is performed against the operation being invoked, and an attack must pass validation to be successful. (CVE-2012-3451)
When there are no allowed roles for an EJB method invocation, the invocation should be denied for all users. It was found that the processInvocation() method in org.jboss.as.ejb3.security.AuthorizationInterceptor incorrectly authorizes all method invocations to proceed when the list of allowed roles is empty. (CVE-2012-4549)
It was found that in Mojarra, the FacesContext that is made available during application startup is held in a ThreadLocal. The reference is not properly cleaned up in all cases. As a result, if a JavaServer Faces (JSF) WAR calls FacesContext.getCurrentInstance() during application startup, another WAR can get access to the leftover context and thus get access to the other WAR's resources. A local attacker could use this flaw to access another WAR's resources using a crafted, deployed application. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687)
Red Hat would like to thank the Apache CXF project for reporting CVE-2012-2379, CVE-2012-2378, and CVE-2012-3451. The CVE-2012-4550 issue was discovered by Josef Cacek of the Red Hat JBoss EAP Quality Engineering team; CVE-2012-3428 and CVE-2012-4549 were discovered by Arun Neelicattu of the Red Hat Security Response Team; and CVE-2012-2672 was discovered by Marek Schmidt and Stan Silvert of Red Hat.
Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications. Refer to the Solution section for further details.
- Solution:
All users of JBoss Enterprise Application Platform 6.0.0 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.
Before applying this update, make sure all previously released errata relevant to your system have been applied. Also, back up any customized JBoss Enterprise Application Platform 6 configuration files. On update, the configuration files that have been locally modified will not be updated. The updated version of such files will be stored as the rpmnew files. Make sure to locate any such files after the update and merge any changes manually.
For more details, refer to the Release Notes for JBoss Enterprise Application Platform 6.0.1, available shortly from https://access.redhat.com/knowledge/docs/
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
826533 - CVE-2012-2378 jbossws-cxf, apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side 826534 - CVE-2012-2379 jbossws-cxf, apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token 829560 - CVE-2012-2672 Mojarra: deployed web applications can read FacesContext from other applications under certain conditions 843358 - CVE-2012-3428 JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains 850794 - CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled 851896 - CVE-2012-3451 jbossws-cxf, apache-cxf: SOAPAction spoofing on document literal web services 870868 - CVE-2012-4549 JBoss AS: EJB authorization succeeds for any role when allowed roles list is empty 870871 - CVE-2012-4550 JBoss JACC: Security constraints configured for EJBs are incorrectly interpreted and not applied
- Package List:
JBoss Enterprise Application Platform 6 for RHEL 6 Server:
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/antlr-eap6-2.7.7-15_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-beanutils-1.8.3-10.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-cli-1.2-7.5.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-codec-eap6-1.4-14.redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-collections-eap6-3.2.1-13.redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-configuration-1.6-7.2.redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-io-eap6-2.1-6.redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-lang-eap6-2.6-5redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-pool-eap6-1.5.6-8.redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-cxf-2.4.9-4.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-cxf-xjc-utils-2.4.0-11.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-mime4j-0.6-7.redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/atinject-1-8.2_redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/cal10n-0.7.3-8.redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/codehaus-jackson-1.9.2-6_redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/dom4j-1.6.1-14_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jaf-1.1.1-14.redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-javamail-1.4.4-16.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jaxb-2.2.5-10_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jsf-2.1.13-1_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jsf12-1.2_15-8_b01_redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/gnu-getopt-1.0.13-1.2_redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/guava-libraries-11.0.2-0.5.redhat_2.ep6.el6.6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/h2database-1.3.168-2_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate-beanvalidation-api-1.0.0-4.7.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate-jpa-2.0-api-1.0.1-5.Final_redhat_2.1.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate3-commons-annotations-4.0.1-5.Final_redhat_2.1.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate4-4.1.6-7.Final_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate4-validator-4.2.0-7.Final_redhat_2.1.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hornetq-2.2.23-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hornetq-native-2.2.21-1.Final.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpcomponents-5-4_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpd-2.2.22-14.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpserver-1.0.1-3.Final_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/infinispan-5.1.8-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ironjacamar-1.0.13-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jacorb-jboss-2.3.2-3.redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jandex-1.0.3-7.Final_redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/javassist-eap6-3.15.0-5.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxbintros-1.0.2-11.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxen-1.1.3-8.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxws-jboss-httpserver-httpspi-1.0.1-3.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-deployment-1.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-framework-core-1.3.1-3.CR1_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-metadata-2.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-repository-1.2.0-1.Final_redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-resolver-2.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-spi-3.1.0-3.Final_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-vfs-1.1.0-1.Final_redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-annotations-api_1.1_spec-1.0.1-3.2.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-appclient-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-cli-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-client-all-7.1.3-4.1.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-clustering-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-cmp-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-connector-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-console-1.4.2-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-controller-client-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-deployment-repository-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-deployment-scanner-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-domain-http-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-domain-management-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ee-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ee-deployment-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ejb3-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-embedded-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-host-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jacorb-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jaxr-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jaxrs-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jdr-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jmx-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jpa-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jsf-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jsr77-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-logging-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-mail-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-management-client-content-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-messaging-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-modcluster-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-naming-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-network-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-osgi-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-osgi-service-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-platform-mbean-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-pojo-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-process-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-protocol-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-remoting-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-sar-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-security-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-server-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-threads-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-transactions-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-web-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-webservices-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-weld-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-xts-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-classfilewriter-1.0.3-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-common-beans-1.0.0-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-common-core-2.2.17-10.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-connector-api_1.6_spec-1.0.1-3.3.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-dmr-1.1.1-8.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb-api_3.1_spec-1.0.2-10.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb-client-1.0.11-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb3-ext-api-2.0.0-9.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-el-api_2.2_spec-1.0.2-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-iiop-client-1.0.0-4.Final_redhat_2.1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-interceptors-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-invocation-1.1.1-5.Final_redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-j2eemgmt-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jacc-api_1.4_spec-1.0.2-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jad-api_1.2_spec-1.0.1-6.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaspi-api_1.0_spec-1.0.1-6.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxb-api_2.2_spec-1.0.4-3.Final_redhat_2.1.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxr-api_1.0_spec-1.0.2-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxrpc-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxrs-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxws-api_2.2_spec-2.0.1-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jms-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jsf-api_2.1_spec-2.0.7-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jsp-api_2.2_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jstl-api_1.2_spec-1.0.3-3.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-logging-3.1.2-3.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-logmanager-1.3.2-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-marshalling-1.3.15-2.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-metadata-7.0.4-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-modules-1.1.3-2.GA_redhat_1.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-msc-1.0.2-3.GA_redhat_2.2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-osgi-logging-1.0.0-4._redhat_2.1.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remote-naming-1.0.4-2.Final_redhat_1.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remoting3-3.2.14-1.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remoting3-jmx-1.0.4-2.Final_redhat_1.ep6.el6.7.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-rmi-api_1.0_spec-1.0.4-9.2.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-saaj-api_1.3_spec-1.0.2-4_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-sasl-1.0.3-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-seam-int-6.0.0-8.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-security-negotiation-2.2.1-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-security-xacml-2.0.8-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-servlet-api_2.5_spec-1.0.1-9.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-servlet-api_3.0_spec-1.0.1-11.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-specs-parent-1.0.0-5.Beta2_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-stdio-1.0.1-7.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-threads-2.0.0-7.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-transaction-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-transaction-spi-7.0.0-0.10.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-vfs2-3.1.0-4.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-weld-1.1-api-1.1-6.Final_redhat_2.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-xnio-base-3.0.7-1.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-appclient-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-bundles-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-core-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-domain-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-javadocs-7.1.3-4.Final_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-modules-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-product-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-standalone-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-welcome-content-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossts-4.16.6-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossweb-7.0.17-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-api-1.0.0-3.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-common-2.0.4-5.GA_redhat_3.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-common-tools-1.0.2-1.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-cxf-4.0.6-2.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-native-4.0.6-1.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-spi-2.0.4-3.1.GA_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossxb2-2.0.3-13.GA_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jcip-annotations-1.0-2.2.3_redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jdom-eap6-1.1.2-4.GA_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jettison-1.3.1-7_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jgroups-3.0.14-2.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jline-eap6-0.9.94-10.GA_redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/joda-time-1.6.2-5.redhat_3.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jtype-0.1.1-9_redhat_2.3.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/juddi-3.1.3-2_redhat_2.1.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jul-to-slf4j-stub-1.0.0-4.Final_redhat_2.1.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jython-eap6-2.5.2-5.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/log4j-eap6-1.2.16-11.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/log4j-jboss-logmanager-1.0.1-3.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_cluster-1.2.3-1.Final_redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_cluster-native-1.2.3-3.Final.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_jk-1.2.36-5.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/netty-3.2.6-2_redhat_2.2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/objectweb-asm-eap6-3.3.1-5_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.apache.felix.configadmin-1.2.8-4_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.apache.felix.log-1.0.0-5.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.osgi-4.2.0-4.redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketbox-4.0.14-2.Final_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketbox-commons-1.0.0-0.8.final_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketlink-federation-2.1.3.1-3.redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/relaxngDatatype-2011.1-0.1_redhat_3.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/resteasy-2.3.4-4.Final_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/rngom-201103-0.5.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/scannotation-1.0.2-8.redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/shrinkwrap-1.0.0-16.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/slf4j-eap6-1.6.1-23.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/slf4j-jboss-logmanager-1.0.0-7.GA_redhat_2.3.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/snakeyaml-1.8-8.redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/staxmapper-1.1.0-6.Final_redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/stilts-0.1.26-6.GA.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-codemodel-2.6-3_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-istack-commons-2.6.1-9_redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-saaj-1.3-impl-1.3.16-8.redhat_2.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-txw2-20110809-5_redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-ws-metadata-2.0-api-1.0.MR1-12_MR1_redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-xsom-20110809-5_redhat_3.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/tomcat-native-1.1.24-1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/velocity-eap6-1.6.3-7.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/weld-cdi-1.0-api-1.0-6.SP4_redhat_2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/weld-core-1.1.10-2.Final_redhat_1.ep6.el6.1.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/woodstox-core-4.1.1-1.redhat_2.ep6.el6.4.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-commons-XmlSchema-2.0.2-7.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-commons-neethi-3.0.2-5.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-scout-1.2.6-3.redhat_2.2.ep6.el6.5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/wsdl4j-eap6-1.6.2-11.redhat_2.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/wss4j-1.6.7-1.redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xalan-j2-eap6-2.7.1-6.12.redhat_3.ep6.el6.2.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xerces-j2-eap6-2.9.1-13_redhat_3.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xml-commons-resolver-eap6-1.2-10.redhat_2.ep6.el6.3.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xml-security-1.5.2-2.redhat_1.ep6.el6.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xom-1.2.7-1._redhat_3.1.ep6.el6.6.src.rpm
i386: apache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.i386.rpm apache-commons-daemon-jsvc-eap6-debuginfo-1.0.10-3.ep6.el6.i386.rpm hornetq-native-2.2.21-1.Final.ep6.el6.i386.rpm hornetq-native-debuginfo-2.2.21-1.Final.ep6.el6.i386.rpm httpd-2.2.22-14.ep6.el6.i386.rpm httpd-debuginfo-2.2.22-14.ep6.el6.i386.rpm httpd-devel-2.2.22-14.ep6.el6.i386.rpm httpd-tools-2.2.22-14.ep6.el6.i386.rpm jbossas-hornetq-native-2.2.21-1.Final.ep6.el6.i386.rpm jbossas-jbossweb-native-1.1.24-1.ep6.el6.i386.rpm mod_cluster-native-1.2.3-3.Final.ep6.el6.i386.rpm mod_cluster-native-debuginfo-1.2.3-3.Final.ep6.el6.i386.rpm mod_jk-ap22-1.2.36-5.ep6.el6.i386.rpm mod_jk-debuginfo-1.2.36-5.ep6.el6.i386.rpm mod_ssl-2.2.22-14.ep6.el6.i386.rpm tomcat-native-1.1.24-1.ep6.el6.i386.rpm tomcat-native-debuginfo-1.1.24-1.ep6.el6.i386.rpm
noarch: antlr-eap6-2.7.7-15_redhat_2.ep6.el6.noarch.rpm apache-commons-beanutils-1.8.3-10.redhat_2.ep6.el6.noarch.rpm apache-commons-cli-1.2-7.5.redhat_2.ep6.el6.4.noarch.rpm apache-commons-codec-eap6-1.4-14.redhat_2.ep6.el6.1.noarch.rpm apache-commons-collections-eap6-3.2.1-13.redhat_2.ep6.el6.1.noarch.rpm apache-commons-configuration-1.6-7.2.redhat_2.ep6.el6.5.noarch.rpm apache-commons-io-eap6-2.1-6.redhat_2.ep6.el6.1.noarch.rpm apache-commons-lang-eap6-2.6-5redhat_2.ep6.el6.1.noarch.rpm apache-commons-pool-eap6-1.5.6-8.redhat_2.ep6.el6.1.noarch.rpm apache-cxf-2.4.9-4.redhat_2.ep6.el6.noarch.rpm apache-cxf-xjc-utils-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm apache-mime4j-0.6-7.redhat_2.ep6.el6.5.noarch.rpm atinject-1-8.2_redhat_2.ep6.el6.5.noarch.rpm cal10n-0.7.3-8.redhat_2.ep6.el6.5.noarch.rpm codehaus-jackson-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm codehaus-jackson-core-asl-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm codehaus-jackson-jaxrs-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm codehaus-jackson-mapper-asl-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm codehaus-jackson-xc-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm cxf-xjc-boolean-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm cxf-xjc-dv-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm cxf-xjc-ts-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm dom4j-1.6.1-14_redhat_3.ep6.el6.noarch.rpm glassfish-jaf-1.1.1-14.redhat_2.ep6.el6.3.noarch.rpm glassfish-javamail-1.4.4-16.redhat_2.ep6.el6.noarch.rpm glassfish-jaxb-2.2.5-10_redhat_3.ep6.el6.noarch.rpm glassfish-jsf-2.1.13-1_redhat_1.ep6.el6.noarch.rpm glassfish-jsf12-1.2_15-8_b01_redhat_2.ep6.el6.4.noarch.rpm gnu-getopt-1.0.13-1.2_redhat_2.ep6.el6.5.noarch.rpm guava-11.0.2-0.5.redhat_2.ep6.el6.6.noarch.rpm h2database-1.3.168-2_redhat_1.ep6.el6.noarch.rpm hibernate-beanvalidation-api-1.0.0-4.7.GA_redhat_2.ep6.el6.3.noarch.rpm hibernate-jpa-2.0-api-1.0.1-5.Final_redhat_2.1.ep6.el6.4.noarch.rpm hibernate3-commons-annotations-4.0.1-5.Final_redhat_2.1.ep6.el6.3.noarch.rpm hibernate4-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm hibernate4-core-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm hibernate4-entitymanager-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm hibernate4-envers-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm hibernate4-infinispan-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm hibernate4-validator-4.2.0-7.Final_redhat_2.1.ep6.el6.4.noarch.rpm hornetq-2.2.23-1.Final_redhat_1.ep6.el6.noarch.rpm httpcomponents-httpclient-4.1.3-4_redhat_2.ep6.el6.noarch.rpm httpcomponents-httpcore-4.1.4-4_redhat_2.ep6.el6.noarch.rpm httpserver-1.0.1-3.Final_redhat_2.ep6.el6.3.noarch.rpm infinispan-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm infinispan-cachestore-jdbc-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm infinispan-cachestore-remote-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm infinispan-client-hotrod-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm infinispan-core-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm ironjacamar-1.0.13-1.Final_redhat_1.ep6.el6.noarch.rpm jacorb-jboss-2.3.2-3.redhat_2.ep6.el6.3.noarch.rpm jandex-1.0.3-7.Final_redhat_2.ep6.el6.2.noarch.rpm javassist-3.15.0-5.GA_redhat_2.ep6.el6.3.noarch.rpm javassist-eap6-3.15.0-5.GA_redhat_2.ep6.el6.3.noarch.rpm jaxbintros-1.0.2-11.GA_redhat_2.ep6.el6.3.noarch.rpm jaxen-1.1.3-8.redhat_2.ep6.el6.4.noarch.rpm jaxws-jboss-httpserver-httpspi-1.0.1-3.GA_redhat_2.ep6.el6.3.noarch.rpm jbosgi-deployment-1.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm jbosgi-framework-core-1.3.1-3.CR1_redhat_1.ep6.el6.noarch.rpm jbosgi-metadata-2.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm jbosgi-repository-1.2.0-1.Final_redhat_2.ep6.el6.2.noarch.rpm jbosgi-resolver-2.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm jbosgi-spi-3.1.0-3.Final_redhat_3.ep6.el6.noarch.rpm jbosgi-vfs-1.1.0-1.Final_redhat_2.ep6.el6.2.noarch.rpm jboss-annotations-api_1.1_spec-1.0.1-3.2.Final_redhat_2.ep6.el6.noarch.rpm jboss-as-appclient-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-cli-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-client-all-7.1.3-4.1.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-clustering-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-cmp-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-connector-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-console-1.4.2-1.Final_redhat_1.ep6.el6.noarch.rpm jboss-as-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-controller-client-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-deployment-repository-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-deployment-scanner-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-domain-http-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-domain-management-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-ee-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-ee-deployment-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-ejb3-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-embedded-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-host-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jacorb-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jaxr-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jaxrs-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jdr-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jmx-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jpa-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jsf-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-jsr77-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-logging-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-mail-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-management-client-content-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-messaging-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-modcluster-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-naming-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-network-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-osgi-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-osgi-service-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-platform-mbean-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-pojo-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-process-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-protocol-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-remoting-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-sar-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-security-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-server-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-threads-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-transactions-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-web-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-webservices-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-weld-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-as-xts-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jboss-classfilewriter-1.0.3-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-common-beans-1.0.0-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-common-core-2.2.17-10.GA_redhat_2.ep6.el6.noarch.rpm jboss-connector-api_1.6_spec-1.0.1-3.3.Final_redhat_2.ep6.el6.noarch.rpm jboss-dmr-1.1.1-8.Final_redhat_2.ep6.el6.noarch.rpm jboss-ejb-api_3.1_spec-1.0.2-10.Final_redhat_2.ep6.el6.noarch.rpm jboss-ejb-client-1.0.11-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-ejb3-ext-api-2.0.0-9.redhat_2.ep6.el6.noarch.rpm jboss-el-api_2.2_spec-1.0.2-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-iiop-client-1.0.0-4.Final_redhat_2.1.ep6.el6.noarch.rpm jboss-interceptors-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-invocation-1.1.1-5.Final_redhat_2.ep6.el6.4.noarch.rpm jboss-j2eemgmt-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-jacc-api_1.4_spec-1.0.2-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-jad-api_1.2_spec-1.0.1-6.Final_redhat_2.ep6.el6.noarch.rpm jboss-jaspi-api_1.0_spec-1.0.1-6.Final_redhat_2.ep6.el6.noarch.rpm jboss-jaxb-api_2.2_spec-1.0.4-3.Final_redhat_2.1.ep6.el6.1.noarch.rpm jboss-jaxr-api_1.0_spec-1.0.2-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-jaxrpc-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-jaxrs-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-jaxws-api_2.2_spec-2.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-jms-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-jsf-api_2.1_spec-2.0.7-1.Final_redhat_1.ep6.el6.noarch.rpm jboss-jsp-api_2.2_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-jstl-api_1.2_spec-1.0.3-3.Final_redhat_2.ep6.el6.noarch.rpm jboss-logging-3.1.2-3.GA_redhat_1.ep6.el6.noarch.rpm jboss-logmanager-1.3.2-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-marshalling-1.3.15-2.GA_redhat_1.ep6.el6.noarch.rpm jboss-metadata-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-metadata-appclient-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-metadata-common-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-metadata-ear-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-metadata-ejb-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-metadata-web-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-modules-1.1.3-2.GA_redhat_1.ep6.el6.1.noarch.rpm jboss-msc-1.0.2-3.GA_redhat_2.2.ep6.el6.noarch.rpm jboss-osgi-logging-1.0.0-4._redhat_2.1.ep6.el6.2.noarch.rpm jboss-remote-naming-1.0.4-2.Final_redhat_1.ep6.el6.1.noarch.rpm jboss-remoting3-3.2.14-1.GA_redhat_1.ep6.el6.noarch.rpm jboss-remoting3-jmx-1.0.4-2.Final_redhat_1.ep6.el6.7.noarch.rpm jboss-rmi-api_1.0_spec-1.0.4-9.2.Final_redhat_2.ep6.el6.noarch.rpm jboss-saaj-api_1.3_spec-1.0.2-4_redhat_2.ep6.el6.noarch.rpm jboss-sasl-1.0.3-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-seam-int-6.0.0-8.GA_redhat_2.ep6.el6.noarch.rpm jboss-security-negotiation-2.2.1-2.Final_redhat_1.ep6.el6.noarch.rpm jboss-security-xacml-2.0.8-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-servlet-api_2.5_spec-1.0.1-9.Final_redhat_2.ep6.el6.noarch.rpm jboss-servlet-api_3.0_spec-1.0.1-11.Final_redhat_2.ep6.el6.noarch.rpm jboss-specs-parent-1.0.0-5.Beta2_redhat_2.ep6.el6.noarch.rpm jboss-stdio-1.0.1-7.GA_redhat_2.ep6.el6.noarch.rpm jboss-threads-2.0.0-7.GA_redhat_2.ep6.el6.noarch.rpm jboss-transaction-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm jboss-transaction-spi-7.0.0-0.10.Final_redhat_2.ep6.el6.noarch.rpm jboss-vfs2-3.1.0-4.Final_redhat_2.ep6.el6.noarch.rpm jboss-weld-1.1-api-1.1-6.Final_redhat_2.ep6.el6.1.noarch.rpm jboss-xnio-base-3.0.7-1.GA_redhat_1.ep6.el6.noarch.rpm jbossas-appclient-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-bundles-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-core-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-domain-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-javadocs-7.1.3-4.Final_redhat_3.ep6.el6.noarch.rpm jbossas-modules-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-product-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-standalone-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossas-welcome-content-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm jbossts-4.16.6-1.Final_redhat_1.ep6.el6.noarch.rpm jbossweb-7.0.17-1.Final_redhat_1.ep6.el6.noarch.rpm jbossweb-lib-7.0.17-1.Final_redhat_1.ep6.el6.noarch.rpm jbossws-api-1.0.0-3.GA_redhat_2.ep6.el6.3.noarch.rpm jbossws-common-2.0.4-5.GA_redhat_3.ep6.el6.5.noarch.rpm jbossws-common-tools-1.0.2-1.GA_redhat_1.ep6.el6.noarch.rpm jbossws-cxf-4.0.6-2.GA_redhat_2.ep6.el6.noarch.rpm jbossws-native-4.0.6-1.GA_redhat_1.ep6.el6.noarch.rpm jbossws-spi-2.0.4-3.1.GA_redhat_1.ep6.el6.noarch.rpm jbossxb2-2.0.3-13.GA_redhat_2.ep6.el6.3.noarch.rpm jcip-annotations-1.0-2.2.3_redhat_2.ep6.el6.5.noarch.rpm jdom-eap6-1.1.2-4.GA_redhat_2.ep6.el6.noarch.rpm jettison-1.3.1-7_redhat_2.ep6.el6.noarch.rpm jgroups-3.0.14-2.Final_redhat_1.ep6.el6.noarch.rpm jline-eap6-0.9.94-10.GA_redhat_2.ep6.el6.4.noarch.rpm joda-time-1.6.2-5.redhat_3.ep6.el6.4.noarch.rpm jtype-0.1.1-9_redhat_2.3.ep6.el6.4.noarch.rpm juddi-3.1.3-2_redhat_2.1.ep6.el6.3.noarch.rpm jul-to-slf4j-stub-1.0.0-4.Final_redhat_2.1.ep6.el6.2.noarch.rpm jython-eap6-2.5.2-5.redhat_2.ep6.el6.4.noarch.rpm log4j-eap6-1.2.16-11.redhat_2.ep6.el6.4.noarch.rpm log4j-jboss-logmanager-1.0.1-3.Final_redhat_2.ep6.el6.noarch.rpm mod_cluster-1.2.3-1.Final_redhat_1.ep6.el6.noarch.rpm mod_cluster-demo-1.2.3-1.Final_redhat_1.ep6.el6.noarch.rpm netty-3.2.6-2_redhat_2.2.ep6.el6.4.noarch.rpm objectweb-asm-eap6-3.3.1-5_redhat_2.ep6.el6.3.noarch.rpm org.apache.felix.configadmin-1.2.8-4_redhat_2.ep6.el6.noarch.rpm org.apache.felix.log-1.0.0-5.redhat_2.ep6.el6.noarch.rpm org.osgi.core-4.2.0-4.redhat_2.ep6.el6.3.noarch.rpm org.osgi.enterprise-4.2.0-4.redhat_2.ep6.el6.3.noarch.rpm picketbox-4.0.14-2.Final_redhat_2.ep6.el6.noarch.rpm picketbox-commons-1.0.0-0.8.final_redhat_2.ep6.el6.3.noarch.rpm picketlink-federation-2.1.3.1-3.redhat_1.ep6.el6.noarch.rpm relaxngDatatype-2011.1-0.1_redhat_3.ep6.el6.4.noarch.rpm resteasy-2.3.4-4.Final_redhat_2.ep6.el6.3.noarch.rpm rngom-201103-0.5.redhat_2.ep6.el6.4.noarch.rpm scannotation-1.0.2-8.redhat_2.ep6.el6.2.noarch.rpm shrinkwrap-1.0.0-16.redhat_2.ep6.el6.noarch.rpm slf4j-eap6-1.6.1-23.redhat_2.ep6.el6.noarch.rpm slf4j-jboss-logmanager-1.0.0-7.GA_redhat_2.3.ep6.el6.2.noarch.rpm snakeyaml-1.8-8.redhat_2.ep6.el6.2.noarch.rpm staxmapper-1.1.0-6.Final_redhat_2.ep6.el6.2.noarch.rpm stilts-0.1.26-6.GA.redhat_2.ep6.el6.4.noarch.rpm sun-codemodel-2.6-3_redhat_2.ep6.el6.3.noarch.rpm sun-istack-commons-2.6.1-9_redhat_2.ep6.el6.noarch.rpm sun-saaj-1.3-impl-1.3.16-8.redhat_2.ep6.el6.2.noarch.rpm sun-txw2-20110809-5_redhat_2.ep6.el6.3.noarch.rpm sun-ws-metadata-2.0-api-1.0.MR1-12_MR1_redhat_2.ep6.el6.4.noarch.rpm sun-xsom-20110809-5_redhat_3.ep6.el6.3.noarch.rpm velocity-eap6-1.6.3-7.redhat_2.ep6.el6.4.noarch.rpm weld-cdi-1.0-api-1.0-6.SP4_redhat_2.ep6.el6.5.noarch.rpm weld-core-1.1.10-2.Final_redhat_1.ep6.el6.1.noarch.rpm woodstox-core-4.1.1-1.redhat_2.ep6.el6.4.noarch.rpm woodstox-stax2-api-3.1.1-1.redhat_2.ep6.el6.4.noarch.rpm ws-commons-XmlSchema-2.0.2-7.redhat_2.ep6.el6.noarch.rpm ws-commons-neethi-3.0.2-5.redhat_2.ep6.el6.noarch.rpm ws-scout-1.2.6-3.redhat_2.2.ep6.el6.5.noarch.rpm wsdl4j-eap6-1.6.2-11.redhat_2.ep6.el6.noarch.rpm wss4j-1.6.7-1.redhat_1.ep6.el6.noarch.rpm xalan-j2-eap6-2.7.1-6.12.redhat_3.ep6.el6.2.noarch.rpm xerces-j2-eap6-2.9.1-13_redhat_3.ep6.el6.noarch.rpm xml-commons-resolver-eap6-1.2-10.redhat_2.ep6.el6.3.noarch.rpm xml-security-1.5.2-2.redhat_1.ep6.el6.noarch.rpm xom-1.2.7-1._redhat_3.1.ep6.el6.6.noarch.rpm
x86_64: apache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.x86_64.rpm apache-commons-daemon-jsvc-eap6-debuginfo-1.0.10-3.ep6.el6.x86_64.rpm hornetq-native-2.2.21-1.Final.ep6.el6.x86_64.rpm hornetq-native-debuginfo-2.2.21-1.Final.ep6.el6.x86_64.rpm httpd-2.2.22-14.ep6.el6.x86_64.rpm httpd-debuginfo-2.2.22-14.ep6.el6.x86_64.rpm httpd-devel-2.2.22-14.ep6.el6.x86_64.rpm httpd-tools-2.2.22-14.ep6.el6.x86_64.rpm jbossas-hornetq-native-2.2.21-1.Final.ep6.el6.x86_64.rpm jbossas-jbossweb-native-1.1.24-1.ep6.el6.x86_64.rpm mod_cluster-native-1.2.3-3.Final.ep6.el6.x86_64.rpm mod_cluster-native-debuginfo-1.2.3-3.Final.ep6.el6.x86_64.rpm mod_jk-ap22-1.2.36-5.ep6.el6.x86_64.rpm mod_jk-debuginfo-1.2.36-5.ep6.el6.x86_64.rpm mod_ssl-2.2.22-14.ep6.el6.x86_64.rpm tomcat-native-1.1.24-1.ep6.el6.x86_64.rpm tomcat-native-debuginfo-1.1.24-1.ep6.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2008-0455.html https://www.redhat.com/security/data/cve/CVE-2012-2378.html https://www.redhat.com/security/data/cve/CVE-2012-2379.html https://www.redhat.com/security/data/cve/CVE-2012-2672.html https://www.redhat.com/security/data/cve/CVE-2012-2687.html https://www.redhat.com/security/data/cve/CVE-2012-3428.html https://www.redhat.com/security/data/cve/CVE-2012-3451.html https://www.redhat.com/security/data/cve/CVE-2012-4549.html https://www.redhat.com/security/data/cve/CVE-2012-4550.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/knowledge/docs/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQ0PO5XlSAg2UNWIIRAjJRAJ9QFqqoJhlgmQrzuoZXDIvbc6/o2QCghrxb 5aCU1dYi+C5LEheTdDLkSz0= =FyC+ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ucosminexus application server enterprise 06-70-/b",
"scope": null,
"trust": 2.1,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/c",
"scope": null,
"trust": 2.1,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/c",
"scope": null,
"trust": 2.1,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/b",
"scope": null,
"trust": 2.1,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/a",
"scope": null,
"trust": 1.8,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "02-03"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-00-01"
},
{
"model": "ucosminexus application server standard 06-70-/a",
"scope": null,
"trust": 1.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/f",
"scope": null,
"trust": 1.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "08-00-01"
},
{
"model": "ucosminexus application server standard 06-70-/f",
"scope": null,
"trust": 1.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.8,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.8"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.20"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.9"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "ucosminexus application server enterprise 06-70-/e",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/e",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server standard 06-70-/d",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/g",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "web server 02-04-/a",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.5,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "ucosminexus application server enterprise 06-70-/d",
"scope": null,
"trust": 1.5,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "02-01"
},
{
"model": "cosminexus application server 05-05-/g",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00-06"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-60"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00-12"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "cosminexus application server 05-05-/a",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/c",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/i",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/d",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "05-05"
},
{
"model": "cosminexus application server 05-05-/h",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-60"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "web server",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "02-02"
},
{
"model": "ucosminexus application server enterprise 06-70-/g",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/f",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 1.2,
"vendor": "hitachi",
"version": "07-00-06"
},
{
"model": "cosminexus application server 05-05-/b",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/e",
"scope": null,
"trust": 1.2,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.23"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.21"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.22"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.17"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.15"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.16"
},
{
"model": "web server 01-02-/b",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-50"
},
{
"model": "ucosminexus application server enterprise 06-71-/b",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-10-01"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "web server 01-02-/a",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00-01"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00-01"
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-50-01"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-50"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-10-06"
},
{
"model": "cosminexus application server 05-05-/m",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-71-/c",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "05-00"
},
{
"model": "web server 01-02-/c",
"scope": null,
"trust": 0.9,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-00-03"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.9,
"vendor": "hitachi",
"version": "07-50-01"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-00-02"
},
{
"model": "ucosminexus application server enterprise 06-71-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-71-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/j",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-71-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-60"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-10-01"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "02-00"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00-01"
},
{
"model": "web server linux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "cosminexus application server 05-00-/i",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server 06-71-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/b )",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-71-/h",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus application server 05-05-/o",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-03-02"
},
{
"model": "ucosminexus application server standard 06-72-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/h",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00-10"
},
{
"model": "cosminexus application server 05-00-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-03-02"
},
{
"model": "ucosminexus application server enterprise 06-70-/n",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "web server linux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-53"
},
{
"model": "web server 02-04-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus application server 05-05-/k",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server 06-70-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-71-/g",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-60"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-10-08"
},
{
"model": "cosminexus application server 05-00-/a",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-00-02"
},
{
"model": "ucosminexus application server standard 06-71-/g",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-71-/a",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server enterprise 06-71-/h",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-71-/c",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-71-/a",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "cosminexus application server 05-05-/l",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-00-/b",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-53"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00-09"
},
{
"model": "ucosminexus application server 06-70-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "02-04"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "01-02"
},
{
"model": "ucosminexus application server standard 06-72-/d",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "07-00-09"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "ucosminexus application server standard 06-70-/n",
"scope": null,
"trust": 0.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-72-/b )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.2"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-02"
},
{
"model": "cosminexus application server 05-00-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "ucosminexus application server standard version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"model": "cosminexus application server 05-02-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-02-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "ucosminexus application server enterprise 06-72-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.10"
},
{
"model": "ucosminexus application server express (solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20(x6)"
},
{
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "ucosminexus application server enterprise 06-72-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-70-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-02"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-10"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.32"
},
{
"model": "ucosminexus application server enterprise version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6"
},
{
"model": "ucosminexus application server enterprise 06-70-/a linux )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-05"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "ucosminexus application server standard (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-70"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.15"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"model": "ucosminexus application server enterprise 06-70-/h",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-01"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72(*1)"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"model": "ucosminexus application server enterprise 06-70-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-01-/b",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-71-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server 06-70-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "http server roll up",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.22"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-03-03"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "cosminexus application server 05-00-/r",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-02"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.10"
},
{
"model": "ucosminexus application server standard 06-70-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "cosminexus application server 05-01-/a",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.1"
},
{
"model": "cosminexus application server 05-02-/a",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-02"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-50"
},
{
"model": "cosminexus application server 05-01-/k",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "ucosminexus application server enterprise 06-70-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-00"
},
{
"model": "ucosminexus application server enterprise 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-02-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server version 05-00-/q",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"model": "ucosminexus application server standard 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "cosminexus application server version 05-05-/l",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-03"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "cosminexus application server version 05-05-/k",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus application server standard 06-70-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "freeflow print server 73.c0.41",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.6.0"
},
{
"model": "cosminexus application server 05-01-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-72-/a",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "ucosminexus application server standard 06-70-/k",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "11.1.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-05"
},
{
"model": "os/400 v6r1m0",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.4"
},
{
"model": "ucosminexus application server 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "505-00"
},
{
"model": "ucosminexus application server enterprise 06-72-/g )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "11.0.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "ucosminexus client 06-70-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-02"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-12"
},
{
"model": "ucosminexus application server )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "web server )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-03"
},
{
"model": "ucosminexus application server express )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-02"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-10"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-70"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.3"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.0.6"
},
{
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "freeflow print server 73.b3.61",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "ucosminexus application server light )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-02"
},
{
"model": "ucosminexus client 06-71-/h",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise hp-ux )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "web server 02-04-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.7"
},
{
"model": "cosminexus application server 05-01-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-71"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11"
},
{
"model": "ucosminexus application server enterprise hp-ux )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-05"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "ucosminexus application server 06-70-/d (windows",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "11.0.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "ucosminexus application server enterpris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-09"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.33"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-09"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-20"
},
{
"model": "interstage application server enterprise edition l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "cosminexus application server 05-00-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.3"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.2"
},
{
"model": "ucosminexus application server standard 06-70-/b )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client 06-70-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-00-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "ucosminexus application server enterprise 06-71-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-01-/h",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-01"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus application server enterprise 06-72-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition l11",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "ucosminexus service platform hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00-04"
},
{
"model": "freeflow print server 73.c5.11",
"scope": null,
"trust": 0.3,
"vendor": "xerox",
"version": null
},
{
"model": "cosminexus application server 05-00-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-01"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-01"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.17"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "cosminexus application server 05-00-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.22"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "ucosminexus application server enterprise 06-71-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.1"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "ucosminexus application server standard 06-71-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-03-03"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "ucosminexus application server enterprise hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-01"
},
{
"model": "cosminexus client 06-02-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-06"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "ucosminexus application server standard 06-71-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-09"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.4"
},
{
"model": "ucosminexus application server enterprise 06-70-/g )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-01"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-03"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.2"
},
{
"model": "ucosminexus application server light (windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00(x64)"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-70"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-51"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-10"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-00"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-05"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "cosminexus client 06-51-/k",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "ucosminexus application server enterprise 06-70-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "web server )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "02-04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ucosminexus application server 06-71-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-00-/q",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-05"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus application server standard 06-72-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition l10",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "web server 01-02-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-70"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "cosminexus application server 05-01-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-10-10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.3"
},
{
"model": "ucosminexus application server standard 06-70-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cosminexus client 06-50-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-80"
},
{
"model": "cosminexus application server 05-00-/d",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-50"
},
{
"model": "ucosminexus application server standard 06-70-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server express (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "04-00"
},
{
"model": "cosminexus application server 05-01-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-01"
},
{
"model": "web server windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-060"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "10.0.0"
},
{
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "cosminexus application server 05-01-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterpris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-10"
},
{
"model": "cosminexus application server 05-01-/e",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "ucosminexus application server standard 06-70-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-01-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "05-02"
},
{
"model": "cosminexus application server 05-00-/o",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-00-/h",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server express",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10"
},
{
"model": "ucosminexus application server enterprise 06-70-/a (windows(ip",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.18"
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "11.1.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-02"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20"
},
{
"model": "cosminexus application server 05-00-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.1.5"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.21"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.31"
},
{
"model": "jboss enterprise application platform",
"scope": "ne",
"trust": 0.3,
"vendor": "redhat",
"version": "6.0.1"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-08"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "7"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus service platform aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00(64)"
},
{
"model": "cosminexus application server 05-05-/n",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-01"
},
{
"model": "web server aix",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "ucosminexus application server standard 06-72-/g )",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-20-01"
},
{
"model": "interstage application server enterprise edition l10b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "cosminexus application server 05-00-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus client 06-71-/f",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "web server 02-04-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-01-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "ucosminexus client 06-71-/g",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-05-/p",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "web server solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00"
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "8"
},
{
"model": "web server hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "03-00-01"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "ucosminexus service platform windows",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00(x64)"
},
{
"model": "cosminexus application server 05-00-/k",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-00(x64)"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-00-05"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "06-72(*1)"
},
{
"model": "interstage business application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-09"
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.12"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "ucosminexus application server 06-70-/j",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard 06-72-/c",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0.2"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ucosminexus application server enterprise (solaris(sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "08-00"
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-10-1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "ucosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "6.7"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "cosminexus application server 05-00-/l",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server version 05-00-/r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "5"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "07-50-10"
},
{
"model": "ucosminexus application server standard 06-70-/m",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server 05-00-/s",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "hp-ux web server suite",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.14"
},
{
"model": "cosminexus client 06-00-/i",
"scope": null,
"trust": 0.3,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage studio standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
}
],
"sources": [
{
"db": "BID",
"id": "55131"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rainer Jung and Niels Heinen",
"sources": [
{
"db": "BID",
"id": "55131"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2687",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2012-2687",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2687",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-378",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2012-2687",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list. Apache HTTP Server is prone to an HTML-injection vulnerability and an information disclosure vulnerability. \nAttackers may leverage these issues to obtain potentially sensitive session information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or control how the site is rendered to the user; other attacks are also possible. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThe httpd packages contain the Apache HTTP Server (httpd), which is the\nnamesake project of The Apache Software Foundation. (CVE-2008-0455, CVE-2012-2687)\n\nIt was discovered that mod_proxy_ajp, when used in configurations with\nmod_proxy in load balancer mode, would mark a back-end server as failed\nwhen request processing timed out, even when a previous AJP (Apache JServ\nProtocol) CPing request was responded to by the back-end. A remote\nattacker able to make a back-end use an excessive amount of time to\nprocess a request could cause mod_proxy to not send requests to back-end\nAJP servers for the retry timeout period or until all back-end servers\nwere marked as failed. \nSpace precludes documenting all of these changes in this advisory. After installing the updated packages, the httpd daemon will\nbe restarted automatically. Bugs fixed (http://bugzilla.redhat.com/):\n\n757735 - [RFE] httpd\u0027s rotatelogs needs a way to rotate files into a custom location\n757739 - [RFE] rotatelogs needs to create files even if they are empty\n805720 - Only a single interface is available for SSL\n805810 - init script for htcacheclean is missing\n828896 - mod_authnz_ldap unable to set environment variables for authorize only\n829689 - mod_ldap: fix occasional 500 Internal Server Error\n842376 - httpd fails in processing chunked requests with \u003e 31 bytes chunk-size / -extension line\n848954 - Putting private key first in SSLProxyMachineCertificateFile causes segfault\n850794 - CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled\n867745 - mod_ssl post install script can cause failures\n868283 - mod_cache regression in httpd 2.2.3-65: non-cacheable 304 responses serve bad data\n871685 - CVE-2012-4557 httpd: mod_proxy_ajp worker moved to error state when timeout exceeded\n876923 - \"if\" condition always true - detected by Coverity\n\n6. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-26.el6.src.rpm\n\nx86_64:\nhttpd-2.2.15-26.el6.x86_64.rpm\nhttpd-debuginfo-2.2.15-26.el6.x86_64.rpm\nhttpd-tools-2.2.15-26.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. \n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in apache\n (ASF HTTPD):\n \n Insecure handling of LD_LIBRARY_PATH was found that could lead to\n the current working directory to be searched for DSOs. This could\n allow a local user to execute code as root if an administrator runs\n apachectl from an untrusted directory (CVE-2012-0883). \n \n Possible XSS for sites which use mod_negotiation and allow untrusted\n uploads to locations which have MultiViews enabled (CVE-2012-2687). \n\n Update:\n\n Packages for Mandriva Linux 2011 is also being provided. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFQaa9/mqjQ0CJFipgRAhruAJ9EC4FWiuzvbIXRyxeJEa6ifXWfngCfdzew\n7eKtlYj6mMOMjJJ0oekKwnQ=\n=t10D\n-----END PGP SIGNATURE-----\n\n\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Multiple Products Apache HTTP Server Cross-Site Scripting\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51458\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51458/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51458\n\nRELEASE DATE:\n2012-11-30\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51458/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51458/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51458\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nHitachi has acknowledged some vulnerabilities in multiple Hitachi\nproducts, which can be exploited by malicious people to conduct\ncross-site scripting attacks. \n\nFor more information see vulnerability #2 in:\nSA50363\n\nSee the vendor\u0027s advisory for a list of affected products and\nversions. \n\nSOLUTION:\nAs a workaround the vendor recommends to disable the mod_negotiation\nmodule or remove \"MultiViews\" from the \"Options\" lines in the\nDirectory specifications. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS12-028/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03734195\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03734195\nVersion: 1\n\nHPSBUX02866 SSRT101139 rev.1 - HP-UX Running Apache, Remote Denial of Service\n(DoS), Execution of Arbitrary Code and other vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-04-15\nLast Updated: 2013-04-12\n\nPotential Security Impact: Remote Denial of Service (DoS), execution of\narbitrary code and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX Running\nApache. These vulnerabilities could be exploited remotely to create a Denial\nof Service (DoS) or to execute arbitrary code and other vulnerabilities. \n\nReferences: HP-UX Apache: CVE-2007-6750, CVE-2012-2687, CVE-2012-3499,\nCVE-2012-4557, CVE-2012 -4558, CVE-2012-4929\nTomcat v6.0 and v7.0: CVE-2012-2733, CVE-2012-3546, CVE-2012-4431,\nCVE-2012-4534, CVE-2012-5885\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.25 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2007-6750 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-2687 (AV:N/AC:H/Au:N/C:N/I:P/A:N) 2.6\nCVE-2012-2733 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-3499 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-3546 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-4431 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-4534 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6\nCVE-2012-4557 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-4558 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-4929 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2012-5885 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates to resolve the vulnerability. \nThe update for B.11.23 and B.11.31 is available for download from\nftp://sb_02866:6hq{PM6a@ftp.usa.hp.com\n\nWeb Server Suite Version\n Apache Depot Name\n\nHP-UX Web Server Suite v.3.26 containing Apache v2.2.15.15 and Tomcat\nB.5.5.36.01\n HP-UX_11.23_HPUXWS22ATW-B326-11-23-64.depot\n\nHP-UX_11.23_HPUXWS22ATW-B326-11-23-32.depot\n\nHP-UX Web Server Suite v.3.26 containing Apache v2.2.15.15 and Tomcat\nC.6.0.36.01\n HP-UX_11.31_HPUXWS22ATW-B326-11-31-64.depot\n\nHP-UX_11.31_HPUXWS22ATW-B326-11-31-32.depot\n\nTomcat D.7.035.01\n HP-UX_11.31_hpuxws22Tomcat_D.7.0.35.01_HP-UX_B.11.31_IA_PA.depot\n\nMANUAL ACTIONS: Yes - Update\nInstall HP-UX Web Server Suite v3.26 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\naction: install revision B.2.2.15.15 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22TOMCAT.TOMCAT\naction: install revision C.6.0.36.01 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22TOMCAT.TOMCAT\naction: install revision D.7.0.35.01 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 15 April 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. ============================================================================\nUbuntu Security Notice USN-1627-1\nNovember 08, 2012\n\napache2 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Apache HTTP server. With cross-site\nscripting vulnerabilities, if a user were tricked into viewing server\noutput during a crafted server request, a remote attacker could exploit\nthis to modify the contents, or steal confidential data (such as\npasswords), within the same domain. Although this issue had been mitigated on the\nclient with newer web browsers, this update also disables SSL data\ncompression on the server. A new SSLCompression directive for Apache has\nbeen backported that may be used to re-enable SSL data compression in\ncertain environments. For more information, please refer to:\nhttp://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcompression\n(CVE-2012-4929)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n apache2.2-common 2.2.22-6ubuntu2.1\n\nUbuntu 12.04 LTS:\n apache2.2-common 2.2.22-1ubuntu1.2\n\nUbuntu 11.10:\n apache2.2-common 2.2.20-1ubuntu1.3\n\nUbuntu 10.04 LTS:\n apache2.2-common 2.2.14-5ubuntu8.10\n\nUbuntu 8.04 LTS:\n apache2.2-common 2.2.8-1ubuntu0.24\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: JBoss Enterprise Application Platform 6.0.1 update\nAdvisory ID: RHSA-2012:1592-01\nProduct: JBoss Enterprise Application Platform\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1592.html\nIssue date: 2012-12-18\nCVE Names: CVE-2008-0455 CVE-2012-2378 CVE-2012-2379 \n CVE-2012-2672 CVE-2012-2687 CVE-2012-3428 \n CVE-2012-3451 CVE-2012-4549 CVE-2012-4550 \n=====================================================================\n\n1. Summary:\n\nUpdated JBoss Enterprise Application Platform 6.0.1 packages that fix\nmultiple security issues, various bugs, and add enhancements are now\navailable for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nJBoss Enterprise Application Platform 6 for RHEL 6 Server - i386, noarch, x86_64\n\n3. Description:\n\nJBoss Enterprise Application Platform 6 is a platform for Java applications\nbased on JBoss Application Server 7. \n\nThis release serves as a replacement for JBoss Enterprise Application\nPlatform 6.0.0, and includes bug fixes and enhancements. Refer to the 6.0.1\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/knowledge/docs/\n\nThis update removes unused signed JARs; unused SHA1 checksums from JAR\nMANIFEST.MF files to reduce the Server memory footprint; adds MANIFEST.MF\nto JAR files where it was previously missing; and removes redundant Javadoc\nfiles from the main packages. (BZ#830291)\n\nSecurity fixes:\n\nApache CXF checked to ensure XML elements were signed or encrypted by a\nSupporting Token, but not whether the correct token was used. A remote\nattacker could transmit confidential information without the appropriate\nsecurity, and potentially circumvent access controls on web services\nexposed via Apache CXF. (CVE-2012-2379)\n\nWhen using role-based authorization to configure EJB access, JACC\npermissions should be used to determine access; however, due to a flaw the\nconfigured authorization modules (JACC, XACML, etc.) were not called, and\nthe JACC permissions were not used to determine access to an EJB. \n(CVE-2012-4550)\n\nA flaw in the way Apache CXF enforced child policies of WS-SecurityPolicy\n1.1 on the client side could, in certain cases, lead to a client failing to\nsign or encrypt certain elements as directed by the security policy,\nleading to information disclosure and insecure information transmission. \n(CVE-2012-2378)\n\nA flaw was found in the way IronJacamar authenticated credentials and\nreturned a valid datasource connection when configured to\n\"allow-multiple-users\". A remote attacker, provided the correct subject,\ncould obtain a datasource connection that might belong to a privileged\nuser. (CVE-2012-3428)\n\nIt was found that Apache CXF was vulnerable to SOAPAction spoofing attacks\nunder certain conditions. Note that WS-Policy validation is performed\nagainst the operation being invoked, and an attack must pass validation to\nbe successful. (CVE-2012-3451)\n\nWhen there are no allowed roles for an EJB method invocation, the\ninvocation should be denied for all users. It was found that the\nprocessInvocation() method in\norg.jboss.as.ejb3.security.AuthorizationInterceptor incorrectly authorizes\nall method invocations to proceed when the list of allowed roles is empty. \n(CVE-2012-4549)\n\nIt was found that in Mojarra, the FacesContext that is made available\nduring application startup is held in a ThreadLocal. The reference is not\nproperly cleaned up in all cases. As a result, if a JavaServer Faces (JSF)\nWAR calls FacesContext.getCurrentInstance() during application startup,\nanother WAR can get access to the leftover context and thus get access to\nthe other WAR\u0027s resources. A local attacker could use this flaw to access\nanother WAR\u0027s resources using a crafted, deployed application. A remote attacker able to upload or create files with\narbitrary names in a directory that has the MultiViews options enabled,\ncould use this flaw to conduct cross-site scripting attacks against users\nvisiting the site. (CVE-2008-0455, CVE-2012-2687)\n\nRed Hat would like to thank the Apache CXF project for reporting\nCVE-2012-2379, CVE-2012-2378, and CVE-2012-3451. The CVE-2012-4550 issue\nwas discovered by Josef Cacek of the Red Hat JBoss EAP Quality Engineering\nteam; CVE-2012-3428 and CVE-2012-4549 were discovered by Arun Neelicattu of\nthe Red Hat Security Response Team; and CVE-2012-2672 was discovered by\nMarek Schmidt and Stan Silvert of Red Hat. \n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications. \nRefer to the Solution section for further details. \n\n4. Solution:\n\nAll users of JBoss Enterprise Application Platform 6.0.0 on Red Hat\nEnterprise Linux 6 are advised to upgrade to these updated packages. The\nJBoss server process must be restarted for the update to take effect. \n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Also, back up any customized\nJBoss Enterprise Application Platform 6 configuration files. On update, the\nconfiguration files that have been locally modified will not be updated. \nThe updated version of such files will be stored as the rpmnew files. Make\nsure to locate any such files after the update and merge any changes\nmanually. \n\nFor more details, refer to the Release Notes for JBoss Enterprise\nApplication Platform 6.0.1, available shortly from\nhttps://access.redhat.com/knowledge/docs/\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n826533 - CVE-2012-2378 jbossws-cxf, apache-cxf: Certain child policies of WS-SecurityPolicy 1.1 SupportingToken policy not applied on the client side\n826534 - CVE-2012-2379 jbossws-cxf, apache-cxf: Apache CXF does not verify that elements were signed / encrypted by a particular Supporting Token\n829560 - CVE-2012-2672 Mojarra: deployed web applications can read FacesContext from other applications under certain conditions\n843358 - CVE-2012-3428 JBoss: Datasource connection manager returns valid connection for wrong credentials when using security-domains\n850794 - CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled\n851896 - CVE-2012-3451 jbossws-cxf, apache-cxf: SOAPAction spoofing on document literal web services\n870868 - CVE-2012-4549 JBoss AS: EJB authorization succeeds for any role when allowed roles list is empty\n870871 - CVE-2012-4550 JBoss JACC: Security constraints configured for EJBs are incorrectly interpreted and not applied\n\n6. Package List:\n\nJBoss Enterprise Application Platform 6 for RHEL 6 Server:\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/antlr-eap6-2.7.7-15_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-beanutils-1.8.3-10.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-cli-1.2-7.5.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-codec-eap6-1.4-14.redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-collections-eap6-3.2.1-13.redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-configuration-1.6-7.2.redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-io-eap6-2.1-6.redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-lang-eap6-2.6-5redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-commons-pool-eap6-1.5.6-8.redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-cxf-2.4.9-4.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-cxf-xjc-utils-2.4.0-11.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/apache-mime4j-0.6-7.redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/atinject-1-8.2_redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/cal10n-0.7.3-8.redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/codehaus-jackson-1.9.2-6_redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/dom4j-1.6.1-14_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jaf-1.1.1-14.redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-javamail-1.4.4-16.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jaxb-2.2.5-10_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jsf-2.1.13-1_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/glassfish-jsf12-1.2_15-8_b01_redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/gnu-getopt-1.0.13-1.2_redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/guava-libraries-11.0.2-0.5.redhat_2.ep6.el6.6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/h2database-1.3.168-2_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate-beanvalidation-api-1.0.0-4.7.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate-jpa-2.0-api-1.0.1-5.Final_redhat_2.1.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate3-commons-annotations-4.0.1-5.Final_redhat_2.1.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate4-4.1.6-7.Final_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hibernate4-validator-4.2.0-7.Final_redhat_2.1.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hornetq-2.2.23-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/hornetq-native-2.2.21-1.Final.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpcomponents-5-4_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpd-2.2.22-14.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/httpserver-1.0.1-3.Final_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/infinispan-5.1.8-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ironjacamar-1.0.13-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jacorb-jboss-2.3.2-3.redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jandex-1.0.3-7.Final_redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/javassist-eap6-3.15.0-5.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxbintros-1.0.2-11.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxen-1.1.3-8.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jaxws-jboss-httpserver-httpspi-1.0.1-3.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-deployment-1.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-framework-core-1.3.1-3.CR1_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-metadata-2.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-repository-1.2.0-1.Final_redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-resolver-2.1.0-2.Final_redhat_3.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-spi-3.1.0-3.Final_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbosgi-vfs-1.1.0-1.Final_redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-annotations-api_1.1_spec-1.0.1-3.2.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-appclient-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-cli-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-client-all-7.1.3-4.1.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-clustering-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-cmp-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-connector-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-console-1.4.2-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-controller-client-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-deployment-repository-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-deployment-scanner-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-domain-http-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-domain-management-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ee-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ee-deployment-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-ejb3-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-embedded-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-host-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jacorb-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jaxr-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jaxrs-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jdr-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jmx-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jpa-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jsf-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-jsr77-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-logging-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-mail-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-management-client-content-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-messaging-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-modcluster-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-naming-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-network-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-osgi-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-osgi-service-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-platform-mbean-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-pojo-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-process-controller-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-protocol-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-remoting-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-sar-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-security-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-server-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-threads-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-transactions-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-web-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-webservices-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-weld-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-as-xts-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-classfilewriter-1.0.3-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-common-beans-1.0.0-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-common-core-2.2.17-10.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-connector-api_1.6_spec-1.0.1-3.3.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-dmr-1.1.1-8.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb-api_3.1_spec-1.0.2-10.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb-client-1.0.11-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-ejb3-ext-api-2.0.0-9.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-el-api_2.2_spec-1.0.2-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-iiop-client-1.0.0-4.Final_redhat_2.1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-interceptors-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-invocation-1.1.1-5.Final_redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-j2eemgmt-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jacc-api_1.4_spec-1.0.2-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jad-api_1.2_spec-1.0.1-6.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaspi-api_1.0_spec-1.0.1-6.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxb-api_2.2_spec-1.0.4-3.Final_redhat_2.1.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxr-api_1.0_spec-1.0.2-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxrpc-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxrs-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jaxws-api_2.2_spec-2.0.1-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jms-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jsf-api_2.1_spec-2.0.7-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jsp-api_2.2_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-jstl-api_1.2_spec-1.0.3-3.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-logging-3.1.2-3.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-logmanager-1.3.2-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-marshalling-1.3.15-2.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-metadata-7.0.4-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-modules-1.1.3-2.GA_redhat_1.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-msc-1.0.2-3.GA_redhat_2.2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-osgi-logging-1.0.0-4._redhat_2.1.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remote-naming-1.0.4-2.Final_redhat_1.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remoting3-3.2.14-1.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-remoting3-jmx-1.0.4-2.Final_redhat_1.ep6.el6.7.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-rmi-api_1.0_spec-1.0.4-9.2.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-saaj-api_1.3_spec-1.0.2-4_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-sasl-1.0.3-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-seam-int-6.0.0-8.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-security-negotiation-2.2.1-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-security-xacml-2.0.8-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-servlet-api_2.5_spec-1.0.1-9.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-servlet-api_3.0_spec-1.0.1-11.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-specs-parent-1.0.0-5.Beta2_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-stdio-1.0.1-7.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-threads-2.0.0-7.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-transaction-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-transaction-spi-7.0.0-0.10.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-vfs2-3.1.0-4.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-weld-1.1-api-1.1-6.Final_redhat_2.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jboss-xnio-base-3.0.7-1.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-appclient-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-bundles-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-core-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-domain-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-javadocs-7.1.3-4.Final_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-modules-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-product-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-standalone-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossas-welcome-content-eap-7.1.3-4.Final_redhat_4.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossts-4.16.6-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossweb-7.0.17-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-api-1.0.0-3.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-common-2.0.4-5.GA_redhat_3.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-common-tools-1.0.2-1.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-cxf-4.0.6-2.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-native-4.0.6-1.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossws-spi-2.0.4-3.1.GA_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jbossxb2-2.0.3-13.GA_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jcip-annotations-1.0-2.2.3_redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jdom-eap6-1.1.2-4.GA_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jettison-1.3.1-7_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jgroups-3.0.14-2.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jline-eap6-0.9.94-10.GA_redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/joda-time-1.6.2-5.redhat_3.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jtype-0.1.1-9_redhat_2.3.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/juddi-3.1.3-2_redhat_2.1.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jul-to-slf4j-stub-1.0.0-4.Final_redhat_2.1.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/jython-eap6-2.5.2-5.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/log4j-eap6-1.2.16-11.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/log4j-jboss-logmanager-1.0.1-3.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_cluster-1.2.3-1.Final_redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_cluster-native-1.2.3-3.Final.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/mod_jk-1.2.36-5.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/netty-3.2.6-2_redhat_2.2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/objectweb-asm-eap6-3.3.1-5_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.apache.felix.configadmin-1.2.8-4_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.apache.felix.log-1.0.0-5.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/org.osgi-4.2.0-4.redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketbox-4.0.14-2.Final_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketbox-commons-1.0.0-0.8.final_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/picketlink-federation-2.1.3.1-3.redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/relaxngDatatype-2011.1-0.1_redhat_3.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/resteasy-2.3.4-4.Final_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/rngom-201103-0.5.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/scannotation-1.0.2-8.redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/shrinkwrap-1.0.0-16.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/slf4j-eap6-1.6.1-23.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/slf4j-jboss-logmanager-1.0.0-7.GA_redhat_2.3.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/snakeyaml-1.8-8.redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/staxmapper-1.1.0-6.Final_redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/stilts-0.1.26-6.GA.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-codemodel-2.6-3_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-istack-commons-2.6.1-9_redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-saaj-1.3-impl-1.3.16-8.redhat_2.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-txw2-20110809-5_redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-ws-metadata-2.0-api-1.0.MR1-12_MR1_redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/sun-xsom-20110809-5_redhat_3.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/tomcat-native-1.1.24-1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/velocity-eap6-1.6.3-7.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/weld-cdi-1.0-api-1.0-6.SP4_redhat_2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/weld-core-1.1.10-2.Final_redhat_1.ep6.el6.1.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/woodstox-core-4.1.1-1.redhat_2.ep6.el6.4.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-commons-XmlSchema-2.0.2-7.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-commons-neethi-3.0.2-5.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/ws-scout-1.2.6-3.redhat_2.2.ep6.el6.5.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/wsdl4j-eap6-1.6.2-11.redhat_2.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/wss4j-1.6.7-1.redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xalan-j2-eap6-2.7.1-6.12.redhat_3.ep6.el6.2.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xerces-j2-eap6-2.9.1-13_redhat_3.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xml-commons-resolver-eap6-1.2-10.redhat_2.ep6.el6.3.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xml-security-1.5.2-2.redhat_1.ep6.el6.src.rpm\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/JBEAP/SRPMS/xom-1.2.7-1._redhat_3.1.ep6.el6.6.src.rpm\n\ni386:\napache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.i386.rpm\napache-commons-daemon-jsvc-eap6-debuginfo-1.0.10-3.ep6.el6.i386.rpm\nhornetq-native-2.2.21-1.Final.ep6.el6.i386.rpm\nhornetq-native-debuginfo-2.2.21-1.Final.ep6.el6.i386.rpm\nhttpd-2.2.22-14.ep6.el6.i386.rpm\nhttpd-debuginfo-2.2.22-14.ep6.el6.i386.rpm\nhttpd-devel-2.2.22-14.ep6.el6.i386.rpm\nhttpd-tools-2.2.22-14.ep6.el6.i386.rpm\njbossas-hornetq-native-2.2.21-1.Final.ep6.el6.i386.rpm\njbossas-jbossweb-native-1.1.24-1.ep6.el6.i386.rpm\nmod_cluster-native-1.2.3-3.Final.ep6.el6.i386.rpm\nmod_cluster-native-debuginfo-1.2.3-3.Final.ep6.el6.i386.rpm\nmod_jk-ap22-1.2.36-5.ep6.el6.i386.rpm\nmod_jk-debuginfo-1.2.36-5.ep6.el6.i386.rpm\nmod_ssl-2.2.22-14.ep6.el6.i386.rpm\ntomcat-native-1.1.24-1.ep6.el6.i386.rpm\ntomcat-native-debuginfo-1.1.24-1.ep6.el6.i386.rpm\n\nnoarch:\nantlr-eap6-2.7.7-15_redhat_2.ep6.el6.noarch.rpm\napache-commons-beanutils-1.8.3-10.redhat_2.ep6.el6.noarch.rpm\napache-commons-cli-1.2-7.5.redhat_2.ep6.el6.4.noarch.rpm\napache-commons-codec-eap6-1.4-14.redhat_2.ep6.el6.1.noarch.rpm\napache-commons-collections-eap6-3.2.1-13.redhat_2.ep6.el6.1.noarch.rpm\napache-commons-configuration-1.6-7.2.redhat_2.ep6.el6.5.noarch.rpm\napache-commons-io-eap6-2.1-6.redhat_2.ep6.el6.1.noarch.rpm\napache-commons-lang-eap6-2.6-5redhat_2.ep6.el6.1.noarch.rpm\napache-commons-pool-eap6-1.5.6-8.redhat_2.ep6.el6.1.noarch.rpm\napache-cxf-2.4.9-4.redhat_2.ep6.el6.noarch.rpm\napache-cxf-xjc-utils-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm\napache-mime4j-0.6-7.redhat_2.ep6.el6.5.noarch.rpm\natinject-1-8.2_redhat_2.ep6.el6.5.noarch.rpm\ncal10n-0.7.3-8.redhat_2.ep6.el6.5.noarch.rpm\ncodehaus-jackson-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm\ncodehaus-jackson-core-asl-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm\ncodehaus-jackson-jaxrs-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm\ncodehaus-jackson-mapper-asl-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm\ncodehaus-jackson-xc-1.9.2-6_redhat_2.ep6.el6.5.noarch.rpm\ncxf-xjc-boolean-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm\ncxf-xjc-dv-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm\ncxf-xjc-ts-2.4.0-11.redhat_2.ep6.el6.4.noarch.rpm\ndom4j-1.6.1-14_redhat_3.ep6.el6.noarch.rpm\nglassfish-jaf-1.1.1-14.redhat_2.ep6.el6.3.noarch.rpm\nglassfish-javamail-1.4.4-16.redhat_2.ep6.el6.noarch.rpm\nglassfish-jaxb-2.2.5-10_redhat_3.ep6.el6.noarch.rpm\nglassfish-jsf-2.1.13-1_redhat_1.ep6.el6.noarch.rpm\nglassfish-jsf12-1.2_15-8_b01_redhat_2.ep6.el6.4.noarch.rpm\ngnu-getopt-1.0.13-1.2_redhat_2.ep6.el6.5.noarch.rpm\nguava-11.0.2-0.5.redhat_2.ep6.el6.6.noarch.rpm\nh2database-1.3.168-2_redhat_1.ep6.el6.noarch.rpm\nhibernate-beanvalidation-api-1.0.0-4.7.GA_redhat_2.ep6.el6.3.noarch.rpm\nhibernate-jpa-2.0-api-1.0.1-5.Final_redhat_2.1.ep6.el6.4.noarch.rpm\nhibernate3-commons-annotations-4.0.1-5.Final_redhat_2.1.ep6.el6.3.noarch.rpm\nhibernate4-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm\nhibernate4-core-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm\nhibernate4-entitymanager-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm\nhibernate4-envers-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm\nhibernate4-infinispan-4.1.6-7.Final_redhat_3.ep6.el6.noarch.rpm\nhibernate4-validator-4.2.0-7.Final_redhat_2.1.ep6.el6.4.noarch.rpm\nhornetq-2.2.23-1.Final_redhat_1.ep6.el6.noarch.rpm\nhttpcomponents-httpclient-4.1.3-4_redhat_2.ep6.el6.noarch.rpm\nhttpcomponents-httpcore-4.1.4-4_redhat_2.ep6.el6.noarch.rpm\nhttpserver-1.0.1-3.Final_redhat_2.ep6.el6.3.noarch.rpm\ninfinispan-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm\ninfinispan-cachestore-jdbc-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm\ninfinispan-cachestore-remote-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm\ninfinispan-client-hotrod-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm\ninfinispan-core-5.1.8-1.Final_redhat_1.ep6.el6.noarch.rpm\nironjacamar-1.0.13-1.Final_redhat_1.ep6.el6.noarch.rpm\njacorb-jboss-2.3.2-3.redhat_2.ep6.el6.3.noarch.rpm\njandex-1.0.3-7.Final_redhat_2.ep6.el6.2.noarch.rpm\njavassist-3.15.0-5.GA_redhat_2.ep6.el6.3.noarch.rpm\njavassist-eap6-3.15.0-5.GA_redhat_2.ep6.el6.3.noarch.rpm\njaxbintros-1.0.2-11.GA_redhat_2.ep6.el6.3.noarch.rpm\njaxen-1.1.3-8.redhat_2.ep6.el6.4.noarch.rpm\njaxws-jboss-httpserver-httpspi-1.0.1-3.GA_redhat_2.ep6.el6.3.noarch.rpm\njbosgi-deployment-1.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm\njbosgi-framework-core-1.3.1-3.CR1_redhat_1.ep6.el6.noarch.rpm\njbosgi-metadata-2.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm\njbosgi-repository-1.2.0-1.Final_redhat_2.ep6.el6.2.noarch.rpm\njbosgi-resolver-2.1.0-2.Final_redhat_3.ep6.el6.3.noarch.rpm\njbosgi-spi-3.1.0-3.Final_redhat_3.ep6.el6.noarch.rpm\njbosgi-vfs-1.1.0-1.Final_redhat_2.ep6.el6.2.noarch.rpm\njboss-annotations-api_1.1_spec-1.0.1-3.2.Final_redhat_2.ep6.el6.noarch.rpm\njboss-as-appclient-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-cli-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-client-all-7.1.3-4.1.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-clustering-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-cmp-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-connector-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-console-1.4.2-1.Final_redhat_1.ep6.el6.noarch.rpm\njboss-as-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-controller-client-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-deployment-repository-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-deployment-scanner-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-domain-http-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-domain-management-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-ee-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-ee-deployment-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-ejb3-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-embedded-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-host-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jacorb-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jaxr-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jaxrs-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jdr-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jmx-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jpa-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jsf-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-jsr77-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-logging-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-mail-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-management-client-content-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-messaging-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-modcluster-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-naming-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-network-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-osgi-configadmin-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-osgi-service-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-platform-mbean-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-pojo-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-process-controller-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-protocol-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-remoting-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-sar-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-security-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-server-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-threads-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-transactions-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-web-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-webservices-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-weld-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-as-xts-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njboss-classfilewriter-1.0.3-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-common-beans-1.0.0-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-common-core-2.2.17-10.GA_redhat_2.ep6.el6.noarch.rpm\njboss-connector-api_1.6_spec-1.0.1-3.3.Final_redhat_2.ep6.el6.noarch.rpm\njboss-dmr-1.1.1-8.Final_redhat_2.ep6.el6.noarch.rpm\njboss-ejb-api_3.1_spec-1.0.2-10.Final_redhat_2.ep6.el6.noarch.rpm\njboss-ejb-client-1.0.11-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-ejb3-ext-api-2.0.0-9.redhat_2.ep6.el6.noarch.rpm\njboss-el-api_2.2_spec-1.0.2-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-iiop-client-1.0.0-4.Final_redhat_2.1.ep6.el6.noarch.rpm\njboss-interceptors-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-invocation-1.1.1-5.Final_redhat_2.ep6.el6.4.noarch.rpm\njboss-j2eemgmt-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jacc-api_1.4_spec-1.0.2-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jad-api_1.2_spec-1.0.1-6.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jaspi-api_1.0_spec-1.0.1-6.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jaxb-api_2.2_spec-1.0.4-3.Final_redhat_2.1.ep6.el6.1.noarch.rpm\njboss-jaxr-api_1.0_spec-1.0.2-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jaxrpc-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jaxrs-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jaxws-api_2.2_spec-2.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jms-api_1.1_spec-1.0.1-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jsf-api_2.1_spec-2.0.7-1.Final_redhat_1.ep6.el6.noarch.rpm\njboss-jsp-api_2.2_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-jstl-api_1.2_spec-1.0.3-3.Final_redhat_2.ep6.el6.noarch.rpm\njboss-logging-3.1.2-3.GA_redhat_1.ep6.el6.noarch.rpm\njboss-logmanager-1.3.2-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-marshalling-1.3.15-2.GA_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-appclient-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-common-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-ear-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-ejb-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-metadata-web-7.0.4-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-modules-1.1.3-2.GA_redhat_1.ep6.el6.1.noarch.rpm\njboss-msc-1.0.2-3.GA_redhat_2.2.ep6.el6.noarch.rpm\njboss-osgi-logging-1.0.0-4._redhat_2.1.ep6.el6.2.noarch.rpm\njboss-remote-naming-1.0.4-2.Final_redhat_1.ep6.el6.1.noarch.rpm\njboss-remoting3-3.2.14-1.GA_redhat_1.ep6.el6.noarch.rpm\njboss-remoting3-jmx-1.0.4-2.Final_redhat_1.ep6.el6.7.noarch.rpm\njboss-rmi-api_1.0_spec-1.0.4-9.2.Final_redhat_2.ep6.el6.noarch.rpm\njboss-saaj-api_1.3_spec-1.0.2-4_redhat_2.ep6.el6.noarch.rpm\njboss-sasl-1.0.3-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-seam-int-6.0.0-8.GA_redhat_2.ep6.el6.noarch.rpm\njboss-security-negotiation-2.2.1-2.Final_redhat_1.ep6.el6.noarch.rpm\njboss-security-xacml-2.0.8-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-servlet-api_2.5_spec-1.0.1-9.Final_redhat_2.ep6.el6.noarch.rpm\njboss-servlet-api_3.0_spec-1.0.1-11.Final_redhat_2.ep6.el6.noarch.rpm\njboss-specs-parent-1.0.0-5.Beta2_redhat_2.ep6.el6.noarch.rpm\njboss-stdio-1.0.1-7.GA_redhat_2.ep6.el6.noarch.rpm\njboss-threads-2.0.0-7.GA_redhat_2.ep6.el6.noarch.rpm\njboss-transaction-api_1.1_spec-1.0.1-5.Final_redhat_2.ep6.el6.noarch.rpm\njboss-transaction-spi-7.0.0-0.10.Final_redhat_2.ep6.el6.noarch.rpm\njboss-vfs2-3.1.0-4.Final_redhat_2.ep6.el6.noarch.rpm\njboss-weld-1.1-api-1.1-6.Final_redhat_2.ep6.el6.1.noarch.rpm\njboss-xnio-base-3.0.7-1.GA_redhat_1.ep6.el6.noarch.rpm\njbossas-appclient-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-bundles-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-core-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-domain-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-javadocs-7.1.3-4.Final_redhat_3.ep6.el6.noarch.rpm\njbossas-modules-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-product-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-standalone-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossas-welcome-content-eap-7.1.3-4.Final_redhat_4.ep6.el6.noarch.rpm\njbossts-4.16.6-1.Final_redhat_1.ep6.el6.noarch.rpm\njbossweb-7.0.17-1.Final_redhat_1.ep6.el6.noarch.rpm\njbossweb-lib-7.0.17-1.Final_redhat_1.ep6.el6.noarch.rpm\njbossws-api-1.0.0-3.GA_redhat_2.ep6.el6.3.noarch.rpm\njbossws-common-2.0.4-5.GA_redhat_3.ep6.el6.5.noarch.rpm\njbossws-common-tools-1.0.2-1.GA_redhat_1.ep6.el6.noarch.rpm\njbossws-cxf-4.0.6-2.GA_redhat_2.ep6.el6.noarch.rpm\njbossws-native-4.0.6-1.GA_redhat_1.ep6.el6.noarch.rpm\njbossws-spi-2.0.4-3.1.GA_redhat_1.ep6.el6.noarch.rpm\njbossxb2-2.0.3-13.GA_redhat_2.ep6.el6.3.noarch.rpm\njcip-annotations-1.0-2.2.3_redhat_2.ep6.el6.5.noarch.rpm\njdom-eap6-1.1.2-4.GA_redhat_2.ep6.el6.noarch.rpm\njettison-1.3.1-7_redhat_2.ep6.el6.noarch.rpm\njgroups-3.0.14-2.Final_redhat_1.ep6.el6.noarch.rpm\njline-eap6-0.9.94-10.GA_redhat_2.ep6.el6.4.noarch.rpm\njoda-time-1.6.2-5.redhat_3.ep6.el6.4.noarch.rpm\njtype-0.1.1-9_redhat_2.3.ep6.el6.4.noarch.rpm\njuddi-3.1.3-2_redhat_2.1.ep6.el6.3.noarch.rpm\njul-to-slf4j-stub-1.0.0-4.Final_redhat_2.1.ep6.el6.2.noarch.rpm\njython-eap6-2.5.2-5.redhat_2.ep6.el6.4.noarch.rpm\nlog4j-eap6-1.2.16-11.redhat_2.ep6.el6.4.noarch.rpm\nlog4j-jboss-logmanager-1.0.1-3.Final_redhat_2.ep6.el6.noarch.rpm\nmod_cluster-1.2.3-1.Final_redhat_1.ep6.el6.noarch.rpm\nmod_cluster-demo-1.2.3-1.Final_redhat_1.ep6.el6.noarch.rpm\nnetty-3.2.6-2_redhat_2.2.ep6.el6.4.noarch.rpm\nobjectweb-asm-eap6-3.3.1-5_redhat_2.ep6.el6.3.noarch.rpm\norg.apache.felix.configadmin-1.2.8-4_redhat_2.ep6.el6.noarch.rpm\norg.apache.felix.log-1.0.0-5.redhat_2.ep6.el6.noarch.rpm\norg.osgi.core-4.2.0-4.redhat_2.ep6.el6.3.noarch.rpm\norg.osgi.enterprise-4.2.0-4.redhat_2.ep6.el6.3.noarch.rpm\npicketbox-4.0.14-2.Final_redhat_2.ep6.el6.noarch.rpm\npicketbox-commons-1.0.0-0.8.final_redhat_2.ep6.el6.3.noarch.rpm\npicketlink-federation-2.1.3.1-3.redhat_1.ep6.el6.noarch.rpm\nrelaxngDatatype-2011.1-0.1_redhat_3.ep6.el6.4.noarch.rpm\nresteasy-2.3.4-4.Final_redhat_2.ep6.el6.3.noarch.rpm\nrngom-201103-0.5.redhat_2.ep6.el6.4.noarch.rpm\nscannotation-1.0.2-8.redhat_2.ep6.el6.2.noarch.rpm\nshrinkwrap-1.0.0-16.redhat_2.ep6.el6.noarch.rpm\nslf4j-eap6-1.6.1-23.redhat_2.ep6.el6.noarch.rpm\nslf4j-jboss-logmanager-1.0.0-7.GA_redhat_2.3.ep6.el6.2.noarch.rpm\nsnakeyaml-1.8-8.redhat_2.ep6.el6.2.noarch.rpm\nstaxmapper-1.1.0-6.Final_redhat_2.ep6.el6.2.noarch.rpm\nstilts-0.1.26-6.GA.redhat_2.ep6.el6.4.noarch.rpm\nsun-codemodel-2.6-3_redhat_2.ep6.el6.3.noarch.rpm\nsun-istack-commons-2.6.1-9_redhat_2.ep6.el6.noarch.rpm\nsun-saaj-1.3-impl-1.3.16-8.redhat_2.ep6.el6.2.noarch.rpm\nsun-txw2-20110809-5_redhat_2.ep6.el6.3.noarch.rpm\nsun-ws-metadata-2.0-api-1.0.MR1-12_MR1_redhat_2.ep6.el6.4.noarch.rpm\nsun-xsom-20110809-5_redhat_3.ep6.el6.3.noarch.rpm\nvelocity-eap6-1.6.3-7.redhat_2.ep6.el6.4.noarch.rpm\nweld-cdi-1.0-api-1.0-6.SP4_redhat_2.ep6.el6.5.noarch.rpm\nweld-core-1.1.10-2.Final_redhat_1.ep6.el6.1.noarch.rpm\nwoodstox-core-4.1.1-1.redhat_2.ep6.el6.4.noarch.rpm\nwoodstox-stax2-api-3.1.1-1.redhat_2.ep6.el6.4.noarch.rpm\nws-commons-XmlSchema-2.0.2-7.redhat_2.ep6.el6.noarch.rpm\nws-commons-neethi-3.0.2-5.redhat_2.ep6.el6.noarch.rpm\nws-scout-1.2.6-3.redhat_2.2.ep6.el6.5.noarch.rpm\nwsdl4j-eap6-1.6.2-11.redhat_2.ep6.el6.noarch.rpm\nwss4j-1.6.7-1.redhat_1.ep6.el6.noarch.rpm\nxalan-j2-eap6-2.7.1-6.12.redhat_3.ep6.el6.2.noarch.rpm\nxerces-j2-eap6-2.9.1-13_redhat_3.ep6.el6.noarch.rpm\nxml-commons-resolver-eap6-1.2-10.redhat_2.ep6.el6.3.noarch.rpm\nxml-security-1.5.2-2.redhat_1.ep6.el6.noarch.rpm\nxom-1.2.7-1._redhat_3.1.ep6.el6.6.noarch.rpm\n\nx86_64:\napache-commons-daemon-jsvc-eap6-1.0.10-3.ep6.el6.x86_64.rpm\napache-commons-daemon-jsvc-eap6-debuginfo-1.0.10-3.ep6.el6.x86_64.rpm\nhornetq-native-2.2.21-1.Final.ep6.el6.x86_64.rpm\nhornetq-native-debuginfo-2.2.21-1.Final.ep6.el6.x86_64.rpm\nhttpd-2.2.22-14.ep6.el6.x86_64.rpm\nhttpd-debuginfo-2.2.22-14.ep6.el6.x86_64.rpm\nhttpd-devel-2.2.22-14.ep6.el6.x86_64.rpm\nhttpd-tools-2.2.22-14.ep6.el6.x86_64.rpm\njbossas-hornetq-native-2.2.21-1.Final.ep6.el6.x86_64.rpm\njbossas-jbossweb-native-1.1.24-1.ep6.el6.x86_64.rpm\nmod_cluster-native-1.2.3-3.Final.ep6.el6.x86_64.rpm\nmod_cluster-native-debuginfo-1.2.3-3.Final.ep6.el6.x86_64.rpm\nmod_jk-ap22-1.2.36-5.ep6.el6.x86_64.rpm\nmod_jk-debuginfo-1.2.36-5.ep6.el6.x86_64.rpm\nmod_ssl-2.2.22-14.ep6.el6.x86_64.rpm\ntomcat-native-1.1.24-1.ep6.el6.x86_64.rpm\ntomcat-native-debuginfo-1.1.24-1.ep6.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2008-0455.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-2378.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-2379.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-2672.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-2687.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3428.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3451.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4549.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4550.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/knowledge/docs/\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQ0PO5XlSAg2UNWIIRAjJRAJ9QFqqoJhlgmQrzuoZXDIvbc6/o2QCghrxb\n5aCU1dYi+C5LEheTdDLkSz0=\n=FyC+\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2687"
},
{
"db": "BID",
"id": "55131"
},
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "PACKETSTORM",
"id": "120438"
},
{
"db": "PACKETSTORM",
"id": "117037"
},
{
"db": "PACKETSTORM",
"id": "118513"
},
{
"db": "PACKETSTORM",
"id": "121319"
},
{
"db": "PACKETSTORM",
"id": "122279"
},
{
"db": "PACKETSTORM",
"id": "116986"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "PACKETSTORM",
"id": "118913"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2687",
"trust": 2.7
},
{
"db": "BID",
"id": "55131",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "50894",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "51607",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378",
"trust": 0.6
},
{
"db": "HITACHI",
"id": "HS12-028",
"trust": 0.4
},
{
"db": "SECUNIA",
"id": "51458",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2012-2687",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120438",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121319",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "122279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "116986",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117972",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118913",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "BID",
"id": "55131"
},
{
"db": "PACKETSTORM",
"id": "120438"
},
{
"db": "PACKETSTORM",
"id": "117037"
},
{
"db": "PACKETSTORM",
"id": "118513"
},
{
"db": "PACKETSTORM",
"id": "121319"
},
{
"db": "PACKETSTORM",
"id": "122279"
},
{
"db": "PACKETSTORM",
"id": "116986"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "PACKETSTORM",
"id": "118913"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"id": "VAR-201208-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.19062972666666667
},
"last_update_date": "2024-07-23T21:32:40.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "httpd-2.4.3",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=44210"
},
{
"title": "httpd-2.4.3",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=44209"
},
{
"title": "Red Hat: Low: httpd security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130130 - security advisory"
},
{
"title": "Red Hat: Low: httpd security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20130512 - security advisory"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1627-1"
},
{
"title": "Red Hat: Important: JBoss Enterprise Application Platform 6.0.1 update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121591 - security advisory"
},
{
"title": "Red Hat: Important: JBoss Enterprise Application Platform 6.0.1 update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121592 - security advisory"
},
{
"title": "Red Hat: Important: JBoss Enterprise Application Platform 6.0.1 update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121594 - security advisory"
},
{
"title": "Pentest-Cheetsheet",
"trust": 0.1,
"url": "https://github.com/mrfrozenpepe/pentest-cheetsheet "
},
{
"title": "ReconScan",
"trust": 0.1,
"url": "https://github.com/rolisoft/reconscan "
},
{
"title": "ReconScan",
"trust": 0.1,
"url": "https://github.com/gij03/reconscan "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/issdp/test "
},
{
"title": "ReconScan",
"trust": 0.1,
"url": "https://github.com/kira1111/reconscan "
},
{
"title": "DC-1-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-1-vulnhub-walkthrough "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1592.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1591.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2012-1594.html"
},
{
"trust": 2.0,
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 2.0,
"url": "http://support.apple.com/kb/ht5880"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-1627-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51607"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html"
},
{
"trust": 1.7,
"url": "http://rhn.redhat.com/errata/rhsa-2013-0130.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/55131"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/50894"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2013/sep/msg00002.html"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19539"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a18832"
},
{
"trust": 1.4,
"url": "http://www.apache.org/dist/httpd/changes_2.4.3"
},
{
"trust": 1.1,
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3c0bffea9b-801b-4baa-9534-56f640268e30%40apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.7,
"url": "http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3c0bffea9b-801b-4baa-9534-56f640268e30@apache.org%3e"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2687"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd/changes_2.4.3"
},
{
"trust": 0.6,
"url": "http://www.apache.org/dist/"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3ccvs."
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.2.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.4.html"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03734195-1"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http2"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100170251"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-028/index.html"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jlu35g..t.ciuo.7ywm.bw89mq%5f%5fcefsfqc0"
},
{
"trust": 0.3,
"url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4557"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2008-0455.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2687.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0455"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2687"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0883"
},
{
"trust": 0.2,
"url": "http://www.apache.org/dist/httpd/changes_2.2.23"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0883"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4929"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2013:0130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1627-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26712"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2013-0512.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4557.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/docs/en-us/red_hat_enterprise_linux/6/html/6.4_technical_notes/httpd.html"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51458"
},
{
"trust": 0.1,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/./vuls/hs12-028/index.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51458/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51458/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3499"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4534"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-5885"
},
{
"trust": 0.1,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4558"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3546"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.8-1ubuntu0.24"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.14-5ubuntu8.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.22-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.22-6ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.2.20-1ubuntu1.3"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcompression"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4550"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4549.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3451.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-4550.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2379.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/docs/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-3428.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2672.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-4549"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2378.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2379"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "BID",
"id": "55131"
},
{
"db": "PACKETSTORM",
"id": "120438"
},
{
"db": "PACKETSTORM",
"id": "117037"
},
{
"db": "PACKETSTORM",
"id": "118513"
},
{
"db": "PACKETSTORM",
"id": "121319"
},
{
"db": "PACKETSTORM",
"id": "122279"
},
{
"db": "PACKETSTORM",
"id": "116986"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "PACKETSTORM",
"id": "118913"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"db": "BID",
"id": "55131"
},
{
"db": "PACKETSTORM",
"id": "120438"
},
{
"db": "PACKETSTORM",
"id": "117037"
},
{
"db": "PACKETSTORM",
"id": "118513"
},
{
"db": "PACKETSTORM",
"id": "121319"
},
{
"db": "PACKETSTORM",
"id": "122279"
},
{
"db": "PACKETSTORM",
"id": "116986"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "PACKETSTORM",
"id": "118913"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-22T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"date": "2012-08-21T00:00:00",
"db": "BID",
"id": "55131"
},
{
"date": "2013-02-21T16:26:58",
"db": "PACKETSTORM",
"id": "120438"
},
{
"date": "2012-10-02T03:46:41",
"db": "PACKETSTORM",
"id": "117037"
},
{
"date": "2012-12-02T04:43:56",
"db": "PACKETSTORM",
"id": "118513"
},
{
"date": "2013-04-16T23:44:17",
"db": "PACKETSTORM",
"id": "121319"
},
{
"date": "2013-07-03T19:19:31",
"db": "PACKETSTORM",
"id": "122279"
},
{
"date": "2012-09-28T23:55:37",
"db": "PACKETSTORM",
"id": "116986"
},
{
"date": "2012-11-08T23:21:36",
"db": "PACKETSTORM",
"id": "117972"
},
{
"date": "2012-12-19T05:34:42",
"db": "PACKETSTORM",
"id": "118913"
},
{
"date": "2012-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"date": "2012-08-22T19:55:01.633000",
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-06T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2687"
},
{
"date": "2015-04-13T21:14:00",
"db": "BID",
"id": "55131"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-378"
},
{
"date": "2023-11-07T02:10:40.107000",
"db": "NVD",
"id": "CVE-2012-2687"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120438"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server Multiple cross-site scripting vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "118513"
},
{
"db": "PACKETSTORM",
"id": "122279"
},
{
"db": "PACKETSTORM",
"id": "117972"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-378"
}
],
"trust": 0.9
}
}
VAR-200711-0538
Vulnerability from variot - Updated: 2024-07-23 21:28Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. In order to use this problem to perform cross-site scripting attacks, the attacker is malicious to the user. HTTP It is reported as a prerequisite to have the method submitted. An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks. Apache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gentoo Linux Security Advisory GLSA 200803-19
http://security.gentoo.org/
Severity: Normal Title: Apache: Multiple vulnerabilities Date: March 11, 2008 Bugs: #201163, #204410, #205195, #209899 ID: 200803-19
Synopsis
Multiple vulnerabilities have been discovered in Apache.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.8 >= 2.2.8
Description
Adrian Pastor and Amir Azam (ProCheckUp) reported that the HTTP Method specifier header is not properly sanitized when the HTTP return code is "413 Request Entity too large" (CVE-2007-6203). The mod_proxy_balancer module does not properly check the balancer name before using it (CVE-2007-6422). The mod_proxy_ftp does not define a charset in its answers (CVE-2008-0005). Stefano Di Paola (Minded Security) reported that filenames are not properly sanitized within the mod_negociation module (CVE-2008-0455, CVE-2008-0456).
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.8"
References
[ 1 ] CVE-2007-6203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203 [ 2 ] CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 [ 3 ] CVE-2008-0005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 [ 4 ] CVE-2008-0455 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455 [ 5 ] CVE-2008-0456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200803-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. =========================================================== Ubuntu Security Notice USN-731-1 March 10, 2009 apache2 vulnerabilities CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168, CVE-2008-2364, CVE-2008-2939 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.4 apache2-mpm-perchild 2.0.55-4ubuntu2.4 apache2-mpm-prefork 2.0.55-4ubuntu2.4 apache2-mpm-worker 2.0.55-4ubuntu2.4
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.2 apache2-mpm-perchild 2.2.4-3ubuntu0.2 apache2-mpm-prefork 2.2.4-3ubuntu0.2 apache2-mpm-worker 2.2.4-3ubuntu0.2 apache2.2-common 2.2.4-3ubuntu0.2
Ubuntu 8.04 LTS: apache2-mpm-event 2.2.8-1ubuntu0.4 apache2-mpm-perchild 2.2.8-1ubuntu0.4 apache2-mpm-prefork 2.2.8-1ubuntu0.4 apache2-mpm-worker 2.2.8-1ubuntu0.4 apache2.2-common 2.2.8-1ubuntu0.4
In general, a standard system upgrade is sufficient to effect the necessary changes. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This issue only affected Ubuntu 6.06 LTS and 7.10. (CVE-2007-6203)
It was discovered that Apache was vulnerable to a cross-site request forgery (CSRF) in the mod_proxy_balancer balancer manager. If an Apache administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the balancer manager configuration. This issue only affected Ubuntu 7.10 and 8.04 LTS. (CVE-2007-6420)
It was discovered that Apache had a memory leak when using mod_ssl with compression. A remote attacker could exploit this to exhaust server memory, leading to a denial of service. This issue only affected Ubuntu 7.10. (CVE-2008-1678)
It was discovered that in certain conditions, Apache did not specify a default character set when returning certain error messages containing UTF-7 encoded data, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. This issue only affected Ubuntu 6.06 LTS and 7.10. (CVE-2008-2168)
It was discovered that when configured as a proxy server, Apache did not limit the number of forwarded interim responses. A malicious remote server could send a large number of interim responses and cause a denial of service via memory exhaustion. (CVE-2008-2364)
It was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when they are returned in directory listings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2008-2939)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.diff.gz
Size/MD5: 123478 7a5b444231dc27ee60c1bd63f42420c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.dsc
Size/MD5: 1156 4f9a0f31d136914cf7d6e1a92656a47b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.4_all.deb
Size/MD5: 2124948 5153435633998e4190b54eb101afd271
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 833336 d5b9ecf82467eb04a94957321c4a95a2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 228588 f4b9b82016eb22a60da83ae716fd028a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 223600 2cf77e3daaadcc4e07da5e19ecac2867
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 228216 60ff106ddefe9b68c055825bcd6ec52f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 171724 bae5e3d30111e97d34b25594993ad488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 172508 77bdf00092378c89ae8be7f5139963e0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 94562 f3a168c57db1f5be11cfdba0bdc20062
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 36618 a7f34da28f7bae0cffb3fdb73da70143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 286028 a5b380d9c6a651fe043ad2358ef61143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_amd64.deb
Size/MD5: 144590 9a4031c258cfa264fb8baf305bc0cea6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 786528 353ed1839a8201d0211ede114565e60d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 203256 7b0caa06fd47a28a8a92d1b69c0b4667
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 199114 6a77314579722ca085726e4220be4e9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 202654 ffad2838e3c8c79ecd7e21f79aa78216
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 171716 771492b2b238424e33e3e7853185c0ca
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 172498 b5f7a4ed03ebafa4c4ff75c05ebf53b7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 92520 787a673994d746b4ad3788c16516832a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 36620 4d5f0f18c3035f41cb8234af3cc1092c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 262082 d6a7111b9f2ed61e1aeb2f18f8713873
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_i386.deb
Size/MD5: 132518 5a335222829c066cb9a0ddcaeee8a0da
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 859446 cf555341c1a8b4a39808b8a3bd76e03a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 220622 85b902b9eecf3d40577d9e1e8bf61467
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 216314 146e689e30c6e1681048f6cf1dd659e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 220128 10f65b3961a164e070d2f18d610df67b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 171726 9e341f225cb19d5c44f343cc68c0bba5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 172512 331dff8d3de7cd694d8e115417bed4f8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 104284 7ab80f14cd9072d23389e27f934079f3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 36620 713bfffcca8ec4e9531c635069f1cd0d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 281600 ad1671807965e2291b5568c7b4e95e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_powerpc.deb
Size/MD5: 141744 6b04155aa1dbf6f657dbfa27d6086617
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 803706 f14be1535acf528f89d301c8ec092015
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 211028 28b74d86e10301276cadef208b460658
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 206566 6d6b2e1e3e0bbf8fc0a0bcca60a33339
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 210280 45690384f2e7e0a2168d7867283f9145
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 171732 6595a330344087593a9443b9cdf5e4ba
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 172498 f1ac3a442b21db9d2733e8221b218e25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 93606 f229d1c258363d2d0dfb3688ec96638e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 36616 6f470e2e17dfc6d587fbe2bf861bfb06
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 268178 5a853d01127853405a677c53dc2bf254
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_sparc.deb
Size/MD5: 130456 a0a51bb9405224948b88903779347427
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.diff.gz
Size/MD5: 125080 c5c1b91f6918d42a75d23e95799b3707
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.dsc
Size/MD5: 1333 b028e602b998a666681d1aa73b980c06
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 2211750 9dc3a7e0431fe603bbd82bf647d2d1f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 278670 985dd1538d0d2c6bb74c458eaada1cb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 6702036 3cdb5e1a9d22d7172adfd066dd42d71a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2_all.deb
Size/MD5: 42846 ba7b0cbf7f33ac3b6321c132bc2fec71
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 457286 b37825dc4bb0215284181aa5dfc9dd44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 453094 380ea917048a64c2c9bc12d768ac2ffa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 456804 b075ef4e563a55c7977af4d82d90e493
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 410658 6dff5030f33af340b2100e8591598d9d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 411244 9c79a2c0a2d4d8a88fae1b3f10d0e27c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 348256 ef1e159b64fe2524dc94b6ab9e22cefb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb
Size/MD5: 992256 0e9bac368bc57637079f839bcce8ebbc
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 440388 bdb2ced3ca782cda345fcfb109e8b02a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 436030 44d372ff590a6e42a83bcd1fb5e546fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 439732 5119be595fb6ac6f9dd94d01353da257
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 410656 01be0eca15fe252bbcab7562462af5ca
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 411250 10d8929e9d37050488f2906fde13b2fd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 347322 d229c56720ae5f1f83645f66e1bfbdf1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_i386.deb
Size/MD5: 947460 3dc120127b16134b42e0124a1fdfa4ab
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 439896 8e856643ebeed84ffbeb6150f6e917c5
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 435524 ce18d9e09185526c93c6af6db7a6b5cf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 439180 9622bf2dfee7941533faedd2e2d4ebbd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 410674 684ad4367bc9250468351b5807dee424
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 411258 17f53e8d3898607ce155dc333237690c
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 347664 1197aa4145372ae6db497fb157cb0da1
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb
Size/MD5: 939924 470a7163e2834781b2db0689750ce0f2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 458848 4efbbcc96f05a03301a13448f9cb3c01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 454226 1fe4c7712fd4597ed37730a27df95113
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 458134 5786d901931cecd340cc1879e27bcef7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 410676 9fc94d5b21a8b0f7f8aab9dc60339abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 411266 c44cde12a002910f9df02c10cdd26b0c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 367392 612ddcebee145f765163a0b30124393a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb
Size/MD5: 1094288 72fd7d87f4876648d1e14a5022c61b00
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 441650 28e5a2c2d18239c0810b6de3584af221
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 437796 3ee7408c58fbdf8de6bf681970c1c9ad
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 441114 b1b1bb871fe0385ea4418d533f0669aa
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 410676 cf7bed097f63e3c24337813621866498
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 411252 5a30177f7039f52783576e126cf042d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 350468 ce216a4e9739966cd2aca4262ba0ea4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb
Size/MD5: 959090 98ad8ee7328f25e1e81e110bbfce10c2
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.diff.gz
Size/MD5: 132376 1a3c4e93f08a23c3a3323cb02f5963b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.dsc
Size/MD5: 1379 ed1a1e5de71b0e35100f60b21f959db4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 1928164 86b52d997fe3e4baf9712be0562eed2d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 72176 1f4efe37abf317c3c42c4c0a79a4f232
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 6254152 fe271b0e4aa0cf80e99b866c23707b6a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4_all.deb
Size/MD5: 45090 3f44651df13cfd495d7c33dda1c709ea
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 252272 3d27b0311303e7c5912538fb7d4fc37c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 247850 1ce7ff6190c21da119d98b7568f2e5d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 251658 ac7bc78b449cf8d28d4c10478c6f1409
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 204658 66e95c370f2662082f3ec41e4a033877
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 205336 6b1e7e0ab97b7dd4470c153275f1109c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 140940 cad14e08ab48ca8eb06480c0db686779
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb
Size/MD5: 801764 3759103e3417d44bea8866399ba34a66
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 235194 dddbc62f458d9f1935087a072e1c6f67
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 230748 db0a1dc277de5886655ad7b1cc5b0f1a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 234542 0e4997e9ed55d6086c439948cf1347ff
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 204672 1f58383838b3b9f066e855af9f4e47e0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 205348 fa032fc136c5b26ccf364289a93a1cda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 139904 b503316d420ccb7efae5082368b95e01
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_i386.deb
Size/MD5: 754788 140fddccc1a6d3dc743d37ab422438c2
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 234752 bc06d67259257109fe8fc17204bc9950
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 230424 9421376c8f6d64e5c87af4f484b8aacf
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 233908 179236460d7b7b71dff5e1d1ac9f0509
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 204664 764d773d28d032767d697eec6c6fd50a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 205342 2891770939b51b1ca6b8ac8ca9142db1
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 140478 4a062088427f1d8b731e06d64eb7e2ea
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb
Size/MD5: 748672 b66dbda7126616894cf97eb93a959af9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 253368 bad43203ed4615216bf28f6da7feb81b
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 248800 aa757fd46cd79543a020dcd3c6aa1b26
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 252904 682a940b7f3d14333037c80f7f01c793
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 204678 30af6c826869b647bc60ed2d99cc30f7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 205376 cd02ca263703a6049a6fe7e11f72c98a
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 157662 df6cdceecb8ae9d25bbd614142da0151
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb
Size/MD5: 904904 34581d1b3c448a5de72a06393557dd48
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 236418 2eda543f97646f966f5678e2f2a0ba90
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 232386 69e2419f27867b77d94a652a83478ad7
http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 235788 414a49286d9e8dd7b343bd9207dc727b
http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 204668 f7d099cd9d3ebc0baccbdd896c94a88f
http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 205352 0a5cb5dfd823b4e6708a9bcc633a90cd
http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 143108 ad78ead4ac992aec97983704b1a3877f
http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb
Size/MD5: 763946 0d40a8ebecfef8c1a099f2170fcddb73
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01905287 Version: 1
HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-10-21 Last Updated: 2009-10-21
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
References: CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658. HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.05 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.12
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-4465 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6203 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0599 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2008-2168 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2364 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-2371 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2008-2665 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2008-2666 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2008-2829 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-3658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2008-3659 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2008-3660 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2008-5498 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2008-5557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2008-5624 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2008-5625 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2008-5658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.06 contains HP-UX Apache-based Web Server v2.2.8.05 Note: HP-UX Web Server Suite v2.27 contains HP-UX Apache-based Web Server v2.0.59.12
Web Server Suite Version HP-UX Release Depot name
Web Server v3.06 B.11.23 and B.11.31 PA-32 HPUX22SATW-1123-32.depot
Web Server v3.06 B.11.23 and B.11.31 IA-64 HPUX22SATW-1123-64.depot
Web Server v2.27 B.11.11 PA-32 HPUXSATW-1111-64-32.depot
Web Server v2.27 B.11.23 PA-32 and IA-64 HPUXWSATW-1123-64-bit.depot
Web Server v2.27 B.11.31 IA-32 and IA-64 HPUXSATW-1131-64.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.27 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.06 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
For Web Server Suite before v3.06 HP-UX B.11.23 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 action: install revision B.2.2.8.05 or subsequent
HP-UX B.11.31
hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 action: install revision B.2.2.8.05 or subsequent
For Web Server Suite before v2.27 HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.12 or subsequent
HP-UX B.11.23
hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.12 or subsequent
HP-UX B.11.31
hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.12 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 21 October 2009 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEUEARECAAYFAkrguYgACgkQ4B86/C0qfVliOACWIZufVcaJyE/ap8OAmQqT87S7 hQCeKCPftsEV+4JPzQKz4B+EnYzQsJ0= =TAoy -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200711-0538",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.57"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.62"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.7"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition version 4"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86-64"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
}
],
"sources": [
{
"db": "BID",
"id": "26663"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amit Klein Amit.Klein@SanctumInc.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
}
],
"trust": 0.6
},
"cve": "CVE-2007-6203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-6203",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6203",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-012",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-6203",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a \"413 Request Entity Too Large\" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. In order to use this problem to perform cross-site scripting attacks, the attacker is malicious to the user. HTTP It is reported as a prerequisite to have the method submitted. \nAn attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks. \nApache 2.0.46 through 2.2.4 are vulnerable; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200803-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Apache: Multiple vulnerabilities\n Date: March 11, 2008\n Bugs: #201163, #204410, #205195, #209899\n ID: 200803-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Apache. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.8 \u003e= 2.2.8\n\nDescription\n===========\n\nAdrian Pastor and Amir Azam (ProCheckUp) reported that the HTTP Method\nspecifier header is not properly sanitized when the HTTP return code is\n\"413 Request Entity too large\" (CVE-2007-6203). The mod_proxy_balancer\nmodule does not properly check the balancer name before using it\n(CVE-2007-6422). The mod_proxy_ftp does not define a charset in its\nanswers (CVE-2008-0005). Stefano Di Paola (Minded Security) reported\nthat filenames are not properly sanitized within the mod_negociation\nmodule (CVE-2008-0455, CVE-2008-0456). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.2.8\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-6203\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203\n [ 2 ] CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n [ 3 ] CVE-2008-0005\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n [ 4 ] CVE-2008-0455\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455\n [ 5 ] CVE-2008-0456\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200803-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. ===========================================================\nUbuntu Security Notice USN-731-1 March 10, 2009\napache2 vulnerabilities\nCVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168,\nCVE-2008-2364, CVE-2008-2939\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.4\n apache2-mpm-perchild 2.0.55-4ubuntu2.4\n apache2-mpm-prefork 2.0.55-4ubuntu2.4\n apache2-mpm-worker 2.0.55-4ubuntu2.4\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.2\n apache2-mpm-perchild 2.2.4-3ubuntu0.2\n apache2-mpm-prefork 2.2.4-3ubuntu0.2\n apache2-mpm-worker 2.2.4-3ubuntu0.2\n apache2.2-common 2.2.4-3ubuntu0.2\n\nUbuntu 8.04 LTS:\n apache2-mpm-event 2.2.8-1ubuntu0.4\n apache2-mpm-perchild 2.2.8-1ubuntu0.4\n apache2-mpm-prefork 2.2.8-1ubuntu0.4\n apache2-mpm-worker 2.2.8-1ubuntu0.4\n apache2.2-common 2.2.8-1ubuntu0.4\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. With cross-site scripting vulnerabilities, if a user were tricked into\nviewing server output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. This issue only affected Ubuntu 6.06 LTS and\n7.10. (CVE-2007-6203)\n\nIt was discovered that Apache was vulnerable to a cross-site request forgery\n(CSRF) in the mod_proxy_balancer balancer manager. If an Apache administrator\nwere tricked into clicking a link on a specially crafted web page, an attacker\ncould trigger commands that could modify the balancer manager configuration. \nThis issue only affected Ubuntu 7.10 and 8.04 LTS. (CVE-2007-6420)\n\nIt was discovered that Apache had a memory leak when using mod_ssl with\ncompression. A remote attacker could exploit this to exhaust server memory,\nleading to a denial of service. This issue only affected Ubuntu 7.10. \n(CVE-2008-1678)\n\nIt was discovered that in certain conditions, Apache did not specify a default\ncharacter set when returning certain error messages containing UTF-7 encoded\ndata, which could result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. This issue only affected Ubuntu 6.06 LTS and\n7.10. (CVE-2008-2168)\n\nIt was discovered that when configured as a proxy server, Apache did not limit\nthe number of forwarded interim responses. A malicious remote server could send\na large number of interim responses and cause a denial of service via memory\nexhaustion. (CVE-2008-2364)\n\nIt was discovered that mod_proxy_ftp did not sanitize wildcard pathnames when\nthey are returned in directory listings, which could result in browsers becoming\nvulnerable to cross-site scripting attacks when processing the output. \n(CVE-2008-2939)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.diff.gz\n Size/MD5: 123478 7a5b444231dc27ee60c1bd63f42420c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.dsc\n Size/MD5: 1156 4f9a0f31d136914cf7d6e1a92656a47b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.4_all.deb\n Size/MD5: 2124948 5153435633998e4190b54eb101afd271\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 833336 d5b9ecf82467eb04a94957321c4a95a2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 228588 f4b9b82016eb22a60da83ae716fd028a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 223600 2cf77e3daaadcc4e07da5e19ecac2867\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 228216 60ff106ddefe9b68c055825bcd6ec52f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 171724 bae5e3d30111e97d34b25594993ad488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 172508 77bdf00092378c89ae8be7f5139963e0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 94562 f3a168c57db1f5be11cfdba0bdc20062\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 36618 a7f34da28f7bae0cffb3fdb73da70143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 286028 a5b380d9c6a651fe043ad2358ef61143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_amd64.deb\n Size/MD5: 144590 9a4031c258cfa264fb8baf305bc0cea6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 786528 353ed1839a8201d0211ede114565e60d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 203256 7b0caa06fd47a28a8a92d1b69c0b4667\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 199114 6a77314579722ca085726e4220be4e9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 202654 ffad2838e3c8c79ecd7e21f79aa78216\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 171716 771492b2b238424e33e3e7853185c0ca\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 172498 b5f7a4ed03ebafa4c4ff75c05ebf53b7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 92520 787a673994d746b4ad3788c16516832a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 36620 4d5f0f18c3035f41cb8234af3cc1092c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 262082 d6a7111b9f2ed61e1aeb2f18f8713873\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_i386.deb\n Size/MD5: 132518 5a335222829c066cb9a0ddcaeee8a0da\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 859446 cf555341c1a8b4a39808b8a3bd76e03a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 220622 85b902b9eecf3d40577d9e1e8bf61467\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 216314 146e689e30c6e1681048f6cf1dd659e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 220128 10f65b3961a164e070d2f18d610df67b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 171726 9e341f225cb19d5c44f343cc68c0bba5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 172512 331dff8d3de7cd694d8e115417bed4f8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 104284 7ab80f14cd9072d23389e27f934079f3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 36620 713bfffcca8ec4e9531c635069f1cd0d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 281600 ad1671807965e2291b5568c7b4e95e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_powerpc.deb\n Size/MD5: 141744 6b04155aa1dbf6f657dbfa27d6086617\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 803706 f14be1535acf528f89d301c8ec092015\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 211028 28b74d86e10301276cadef208b460658\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 206566 6d6b2e1e3e0bbf8fc0a0bcca60a33339\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 210280 45690384f2e7e0a2168d7867283f9145\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 171732 6595a330344087593a9443b9cdf5e4ba\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 172498 f1ac3a442b21db9d2733e8221b218e25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 93606 f229d1c258363d2d0dfb3688ec96638e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 36616 6f470e2e17dfc6d587fbe2bf861bfb06\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 268178 5a853d01127853405a677c53dc2bf254\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_sparc.deb\n Size/MD5: 130456 a0a51bb9405224948b88903779347427\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.diff.gz\n Size/MD5: 125080 c5c1b91f6918d42a75d23e95799b3707\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.dsc\n Size/MD5: 1333 b028e602b998a666681d1aa73b980c06\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.2_all.deb\n Size/MD5: 2211750 9dc3a7e0431fe603bbd82bf647d2d1f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb\n Size/MD5: 278670 985dd1538d0d2c6bb74c458eaada1cb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.2_all.deb\n Size/MD5: 6702036 3cdb5e1a9d22d7172adfd066dd42d71a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2_all.deb\n Size/MD5: 42846 ba7b0cbf7f33ac3b6321c132bc2fec71\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 457286 b37825dc4bb0215284181aa5dfc9dd44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 453094 380ea917048a64c2c9bc12d768ac2ffa\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 456804 b075ef4e563a55c7977af4d82d90e493\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 410658 6dff5030f33af340b2100e8591598d9d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 411244 9c79a2c0a2d4d8a88fae1b3f10d0e27c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 348256 ef1e159b64fe2524dc94b6ab9e22cefb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb\n Size/MD5: 992256 0e9bac368bc57637079f839bcce8ebbc\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 440388 bdb2ced3ca782cda345fcfb109e8b02a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 436030 44d372ff590a6e42a83bcd1fb5e546fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 439732 5119be595fb6ac6f9dd94d01353da257\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 410656 01be0eca15fe252bbcab7562462af5ca\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 411250 10d8929e9d37050488f2906fde13b2fd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 347322 d229c56720ae5f1f83645f66e1bfbdf1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_i386.deb\n Size/MD5: 947460 3dc120127b16134b42e0124a1fdfa4ab\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 439896 8e856643ebeed84ffbeb6150f6e917c5\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 435524 ce18d9e09185526c93c6af6db7a6b5cf\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 439180 9622bf2dfee7941533faedd2e2d4ebbd\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 410674 684ad4367bc9250468351b5807dee424\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 411258 17f53e8d3898607ce155dc333237690c\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 347664 1197aa4145372ae6db497fb157cb0da1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb\n Size/MD5: 939924 470a7163e2834781b2db0689750ce0f2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 458848 4efbbcc96f05a03301a13448f9cb3c01\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 454226 1fe4c7712fd4597ed37730a27df95113\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 458134 5786d901931cecd340cc1879e27bcef7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 410676 9fc94d5b21a8b0f7f8aab9dc60339abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 411266 c44cde12a002910f9df02c10cdd26b0c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 367392 612ddcebee145f765163a0b30124393a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb\n Size/MD5: 1094288 72fd7d87f4876648d1e14a5022c61b00\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 441650 28e5a2c2d18239c0810b6de3584af221\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 437796 3ee7408c58fbdf8de6bf681970c1c9ad\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 441114 b1b1bb871fe0385ea4418d533f0669aa\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 410676 cf7bed097f63e3c24337813621866498\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 411252 5a30177f7039f52783576e126cf042d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 350468 ce216a4e9739966cd2aca4262ba0ea4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb\n Size/MD5: 959090 98ad8ee7328f25e1e81e110bbfce10c2\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.diff.gz\n Size/MD5: 132376 1a3c4e93f08a23c3a3323cb02f5963b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.dsc\n Size/MD5: 1379 ed1a1e5de71b0e35100f60b21f959db4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\n Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.4_all.deb\n Size/MD5: 1928164 86b52d997fe3e4baf9712be0562eed2d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb\n Size/MD5: 72176 1f4efe37abf317c3c42c4c0a79a4f232\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.4_all.deb\n Size/MD5: 6254152 fe271b0e4aa0cf80e99b866c23707b6a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4_all.deb\n Size/MD5: 45090 3f44651df13cfd495d7c33dda1c709ea\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 252272 3d27b0311303e7c5912538fb7d4fc37c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 247850 1ce7ff6190c21da119d98b7568f2e5d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 251658 ac7bc78b449cf8d28d4c10478c6f1409\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 204658 66e95c370f2662082f3ec41e4a033877\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 205336 6b1e7e0ab97b7dd4470c153275f1109c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 140940 cad14e08ab48ca8eb06480c0db686779\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb\n Size/MD5: 801764 3759103e3417d44bea8866399ba34a66\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 235194 dddbc62f458d9f1935087a072e1c6f67\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 230748 db0a1dc277de5886655ad7b1cc5b0f1a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 234542 0e4997e9ed55d6086c439948cf1347ff\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 204672 1f58383838b3b9f066e855af9f4e47e0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 205348 fa032fc136c5b26ccf364289a93a1cda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 139904 b503316d420ccb7efae5082368b95e01\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_i386.deb\n Size/MD5: 754788 140fddccc1a6d3dc743d37ab422438c2\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 234752 bc06d67259257109fe8fc17204bc9950\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 230424 9421376c8f6d64e5c87af4f484b8aacf\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 233908 179236460d7b7b71dff5e1d1ac9f0509\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 204664 764d773d28d032767d697eec6c6fd50a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 205342 2891770939b51b1ca6b8ac8ca9142db1\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 140478 4a062088427f1d8b731e06d64eb7e2ea\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb\n Size/MD5: 748672 b66dbda7126616894cf97eb93a959af9\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 253368 bad43203ed4615216bf28f6da7feb81b\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 248800 aa757fd46cd79543a020dcd3c6aa1b26\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 252904 682a940b7f3d14333037c80f7f01c793\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 204678 30af6c826869b647bc60ed2d99cc30f7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 205376 cd02ca263703a6049a6fe7e11f72c98a\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 157662 df6cdceecb8ae9d25bbd614142da0151\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb\n Size/MD5: 904904 34581d1b3c448a5de72a06393557dd48\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 236418 2eda543f97646f966f5678e2f2a0ba90\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 232386 69e2419f27867b77d94a652a83478ad7\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 235788 414a49286d9e8dd7b343bd9207dc727b\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 204668 f7d099cd9d3ebc0baccbdd896c94a88f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 205352 0a5cb5dfd823b4e6708a9bcc633a90cd\n http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 143108 ad78ead4ac992aec97983704b1a3877f\n http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb\n Size/MD5: 763946 0d40a8ebecfef8c1a099f2170fcddb73\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01905287\nVersion: 1\n\nHPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-10-21\nLast Updated: 2009-10-21\n\nPotential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite. \n\nReferences: CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658. \nHP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.05\nHP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.12\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-4465 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6203 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0599 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2008-2168 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-2364 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2008-2371 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2008-2665 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2008-2666 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2008-2829 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-3658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2008-3659 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\nCVE-2008-3660 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2008-5498 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2008-5557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2008-5624 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2008-5625 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2008-5658 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.06 contains HP-UX Apache-based Web Server v2.2.8.05\nNote: HP-UX Web Server Suite v2.27 contains HP-UX Apache-based Web Server v2.0.59.12\n\nWeb Server Suite Version\n HP-UX Release\n Depot name\n\nWeb Server v3.06\n B.11.23 and B.11.31 PA-32\n HPUX22SATW-1123-32.depot\n\nWeb Server v3.06\n B.11.23 and B.11.31 IA-64\n HPUX22SATW-1123-64.depot\n\nWeb Server v2.27\n B.11.11 PA-32\n HPUXSATW-1111-64-32.depot\n\nWeb Server v2.27\n B.11.23 PA-32 and IA-64\n HPUXWSATW-1123-64-bit.depot\n\nWeb Server v2.27\n B.11.31 IA-32 and IA-64\n HPUXSATW-1131-64.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.27 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.06 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor Web Server Suite before v3.06\nHP-UX B.11.23\n==================\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\naction: install revision B.2.2.8.05 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\naction: install revision B.2.2.8.05 or subsequent\n\nFor Web Server Suite before v2.27\nHP-UX B.11.11\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.12 or subsequent\n\nHP-UX B.11.23\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.12 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.12 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 21 October 2009 Initial release\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEUEARECAAYFAkrguYgACgkQ4B86/C0qfVliOACWIZufVcaJyE/ap8OAmQqT87S7\nhQCeKCPftsEV+4JPzQKz4B+EnYzQsJ0=\n=TAoy\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6203"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "BID",
"id": "26663"
},
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "PACKETSTORM",
"id": "96536"
},
{
"db": "PACKETSTORM",
"id": "64520"
},
{
"db": "PACKETSTORM",
"id": "75604"
},
{
"db": "PACKETSTORM",
"id": "82164"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=30835",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6203",
"trust": 3.2
},
{
"db": "BID",
"id": "26663",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "27906",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1019030",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "29348",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33105",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28196",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "34219",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3411",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4301",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1875",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4060",
"trust": 1.7
},
{
"db": "XF",
"id": "38800",
"trust": 1.4
},
{
"db": "USCERT",
"id": "TA08-079A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA08-079A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017",
"trust": 0.8
},
{
"db": "GENTOO",
"id": "GLSA-200803-19",
"trust": 0.6
},
{
"db": "HP",
"id": "SSRT090192",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2008:021",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20071130 PR07-37: XSS ON APACHE HTTP SERVER 413 ERROR PAGES VIA MALFORMED HTTP METHOD",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "PK65782",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "PK57952",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-731-1",
"trust": 0.6
},
{
"db": "XF",
"id": "413",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2008-03-18",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "30835",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-6203",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96536",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64520",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75604",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82164",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "BID",
"id": "26663"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "PACKETSTORM",
"id": "96536"
},
{
"db": "PACKETSTORM",
"id": "64520"
},
{
"db": "PACKETSTORM",
"id": "75604"
},
{
"db": "PACKETSTORM",
"id": "82164"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"id": "VAR-200711-0538",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:28:49.905000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "httpd-2.3",
"trust": 0.8,
"url": "http://httpd.apache.org/dev/devnotes.html"
},
{
"title": "600645",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=600645"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-ja"
},
{
"title": "Changes with Apache 2.0.62",
"trust": 0.8,
"url": "http://www.apache.org/dist/httpd/changes_2.0.63"
},
{
"title": "Changes with Apache 2.2.7",
"trust": 0.8,
"url": "http://www.apache.org/dist/httpd/changes_2.2.8"
},
{
"title": "HS08-004",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs08-004/index.html"
},
{
"title": "HPSBUX02612",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c02579879"
},
{
"title": "HPSBUX02465",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01905287"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61015"
},
{
"title": " PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk65782"
},
{
"title": "PK57952",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk57952"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "1266",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1266"
},
{
"title": "TLSA-2008-24",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/tlsa-2008-24j.txt"
},
{
"title": "HS08-004",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security/vuls/hs08-004/index.html"
},
{
"title": "interstage_as_200807",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200807.html"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-731-1"
},
{
"title": "Debian CVElist Bug Report Logs: apache2: CVE-2007-4465",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8a7503dd359ab44b424a9918eb8a6f66"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/26663"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1019030"
},
{
"trust": 2.3,
"url": "http://marc.info/?l=bugtraq\u0026m=125631037611762\u0026w=2"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk57952"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200803-19.xml"
},
{
"trust": 1.7,
"url": "http://procheckup.com/vulnerability_pr07-37.php"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27906"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29348"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3411"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33105"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-731-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/34219"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/4060"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/38800"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=129190899612998\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/4301"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/4060"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/1875/references"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38800"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12166"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/484410/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6203"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-6203"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/27906/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/484410/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1875/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/4301"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/1623/references"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0924/references"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6203"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=44014"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.8"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "/archive/1/484410"
},
{
"trust": 0.2,
"url": "http://software.hp.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2168"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/30835/"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/731-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1890"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0456"
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0455"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0455"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1678"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.4_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.4.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.4_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.4_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.4_amd64.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2371"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5498"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3658"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "BID",
"id": "26663"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "PACKETSTORM",
"id": "96536"
},
{
"db": "PACKETSTORM",
"id": "64520"
},
{
"db": "PACKETSTORM",
"id": "75604"
},
{
"db": "PACKETSTORM",
"id": "82164"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"db": "BID",
"id": "26663"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"db": "PACKETSTORM",
"id": "96536"
},
{
"db": "PACKETSTORM",
"id": "64520"
},
{
"db": "PACKETSTORM",
"id": "75604"
},
{
"db": "PACKETSTORM",
"id": "82164"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"date": "2007-11-30T00:00:00",
"db": "BID",
"id": "26663"
},
{
"date": "2007-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"date": "2010-12-09T12:11:11",
"db": "PACKETSTORM",
"id": "96536"
},
{
"date": "2008-03-13T04:49:36",
"db": "PACKETSTORM",
"id": "64520"
},
{
"date": "2009-03-10T21:13:00",
"db": "PACKETSTORM",
"id": "75604"
},
{
"date": "2009-10-23T18:14:28",
"db": "PACKETSTORM",
"id": "82164"
},
{
"date": "2007-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"date": "2007-12-03T22:46:00",
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6203"
},
{
"date": "2014-02-11T00:26:00",
"db": "BID",
"id": "26663"
},
{
"date": "2010-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001017"
},
{
"date": "2009-03-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-012"
},
{
"date": "2018-10-15T21:50:58.373000",
"db": "NVD",
"id": "CVE-2007-6203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of 413 In the error message HTTP Problems not checking the method properly",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "82164"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-012"
}
],
"trust": 0.7
}
}
VAR-200701-0295
Vulnerability from variot - Updated: 2024-07-23 21:24The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. As a result, authentication information may be leaked. Konquerer is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. All versions of KDE up to and including KDE 3.5.6 are vulnerable to this issue. Apple Safari web browser is also vulnerable to this issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200703-10
http://security.gentoo.org/
Severity: Low Title: KHTML: Cross-site scripting (XSS) vulnerability Date: March 10, 2007 Bugs: #165606 ID: 200703-10
Synopsis
The KHTML component shipped with the KDE libraries is prone to a cross-site scripting (XSS) vulnerability.
Background
KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. KHTML is the HTML interpreter used in Konqueror and other parts of KDE.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 kde-base/kdelibs < 3.5.5-r8 >= 3.5.5-r8
Description
The KHTML code allows for the execution of JavaScript code located inside the "Title" HTML element, a related issue to the Safari error found by Jose Avila.
Impact
When viewing a HTML page that renders unsanitized attacker-supplied input in the page title, Konqueror and other parts of KDE will execute arbitrary JavaScript code contained in the page title, allowing for the theft of browser session data or cookies.
Workaround
There is no known workaround at this time.
Resolution
All KDElibs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=kde-base/kdelibs-3.5.5-r8"
References
[ 1 ] CVE-2007-0537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537 [ 2 ] CVE-2007-0478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0478
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200703-10.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-420-1 February 06, 2007 kdelibs vulnerability CVE-2007-0537 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: kdelibs4c2 4:3.4.3-0ubuntu2.2
Ubuntu 6.06 LTS: kdelibs4c2a 4:3.5.2-0ubuntu18.2
Ubuntu 6.10: kdelibs4c2a 4:3.5.5-0ubuntu3.1
After a standard system upgrade you need to restart your session to effect the necessary changes. By tricking a Konqueror user into visiting a malicious website, an attacker could bypass cross-site scripting protections.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.diff.gz
Size/MD5: 330443 7bf67340aef75bbafe1bf0f517ad0677
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.dsc
Size/MD5: 1523 9a013d5dc8f7953036af99dd264f9811
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3.orig.tar.gz
Size/MD5: 19981388 36e7a8320bd95760b41c4849da170100
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.4.3-0ubuntu2.2_all.deb
Size/MD5: 6970448 a0a541bd78cb848da8aa97ac4b29d0fe
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.4.3-0ubuntu2.2_all.deb
Size/MD5: 29298458 f04629ca27bafeaa897a86839fc6e645
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2_all.deb
Size/MD5: 30714 8ec392ba5ba0f78e9b12dd9d025019d6
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_amd64.deb
Size/MD5: 926668 3e7c767a9eeb80d0a85640d7dbfb53d7
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_amd64.deb
Size/MD5: 1309046 e73c5de672193ac0385a28dd3accf646
http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_amd64.deb
Size/MD5: 22552842 287114119aee64a256f8fce295e9d034
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_amd64.deb
Size/MD5: 9109026 aa34fe2f02d9772ad8e25bb36e573505
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_i386.deb
Size/MD5: 814498 1eace86f58caf3f936c77e749a45ffc6
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_i386.deb
Size/MD5: 1305652 0ce209d9c2c5ed846dbb1edc16fe5606
http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_i386.deb
Size/MD5: 19410566 85751508b7f13b790cbda8d795930a72
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_i386.deb
Size/MD5: 8072650 9caf6a826bb790e309036555f40b9b8d
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_powerpc.deb
Size/MD5: 909782 0a1cbec28532ca006c7ddcb6990a6e65
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_powerpc.deb
Size/MD5: 1310430 f31f57e3c37f8c12e586cfa0084dc203
http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_powerpc.deb
Size/MD5: 22763768 b1aba1f6b9ef2c454f2172d442302b49
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_powerpc.deb
Size/MD5: 8433768 18b2c898ed6d40844c19635d8b85e8a2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_sparc.deb
Size/MD5: 831058 158b90fe780e29e6618cf4b7f9f96bc8
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_sparc.deb
Size/MD5: 1307028 b1c14bf29a7622ac3844c68a652bf21c
http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_sparc.deb
Size/MD5: 20031538 f2778deea8ef14eb9b3e90f5ed97ab50
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_sparc.deb
Size/MD5: 8241130 26c0145f1abb71b0a3ea5a89214df223
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.diff.gz
Size/MD5: 477706 5d236a3b69a4bae7b81d337e58a2c3fe
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.dsc
Size/MD5: 1609 0a27d1f21c1374d8abf8ea0dba0abf79
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2.orig.tar.gz
Size/MD5: 18775353 00c878d449522fb8aa2769a4c5ae1fde
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.2-0ubuntu18.2_all.deb
Size/MD5: 7083858 f74b97726f683b5eca3798bd8f7ae2a1
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.2-0ubuntu18.2_all.deb
Size/MD5: 41496444 87e2fc31c4dd95cd7d87aeee51dec330
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2_all.deb
Size/MD5: 35748 636e14773798c30ddf4c0a87b3d5cd39
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_amd64.deb
Size/MD5: 925624 1ba9b88fc6456c6dac97693532412fde
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_amd64.deb
Size/MD5: 26451886 2eaed22c02f68909ebe219629a774dc6
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_amd64.deb
Size/MD5: 1355626 1458250a60303a07ad551ce343ae23ec
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_amd64.deb
Size/MD5: 9406898 7f952f591c7345216bfc0bb42277875d
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_i386.deb
Size/MD5: 814970 cc6ae65176411013a8dea78a77151e25
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_i386.deb
Size/MD5: 22925204 60d4c71b837e82da16d2b1ad75cbf628
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_i386.deb
Size/MD5: 1352256 1ceee31122ff0fe680fbdbebbd6c8ced
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_i386.deb
Size/MD5: 8334452 427cd25652287fc52ba2bdbd028c2f33
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_powerpc.deb
Size/MD5: 905950 4b29acb4cc1a8fb52ff9bb7b3715b0d3
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_powerpc.deb
Size/MD5: 26718664 f92f6f62ab9b9bbd0da8cb649dbeb132
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_powerpc.deb
Size/MD5: 1356968 a6e62679f09dbafa54137204af905494
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_powerpc.deb
Size/MD5: 8689506 0b3b6f533712eb6a8143827d2b01b015
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_sparc.deb
Size/MD5: 827096 17f46503797d14c6be17c7fd890ac843
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_sparc.deb
Size/MD5: 23623320 36aefb75ec36a60d3308392842556130
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_sparc.deb
Size/MD5: 1353298 9627c92acea5abc671668d0b5ecfd744
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_sparc.deb
Size/MD5: 8491558 dd2fe11d276e78bb16bd42bc34452c20
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.diff.gz
Size/MD5: 734200 8d5db0d6c6070468a32841b75a9e0d83
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.dsc
Size/MD5: 1691 7a23f4f003e66e4a4fb90f620a0de347
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5.orig.tar.gz
Size/MD5: 18926397 65e455d5814142ee992097230ffe7e80
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.5-0ubuntu3.1_all.deb
Size/MD5: 7210528 1e62a8249a44e98da5ba24c1eaa1d4f0
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.5-0ubuntu3.1_all.deb
Size/MD5: 39981890 5469fd4b98d68f0e01ddb4bd5ba7d904
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1_all.deb
Size/MD5: 37742 2b1ebdb5648cbd390ecd1fa8d6b2d7e4
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_amd64.deb
Size/MD5: 27050664 b7884e4a85307416811f755e2ed967aa
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_amd64.deb
Size/MD5: 1345432 c2cd5e2b9433e629ae366965b47c30c6
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_amd64.deb
Size/MD5: 10401586 f02e2f09dfd27d09f2a00daaaa6a7969
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_i386.deb
Size/MD5: 26229446 ae021c2a0a95f237a934962a39e13821
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_i386.deb
Size/MD5: 1343076 5e46eaa9d38a6876671efd18ac052ef5
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_i386.deb
Size/MD5: 9555316 4573d9f461ff2a441a13ac744e8f27e5
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_powerpc.deb
Size/MD5: 28018226 74bc9b1b1e11817b33e3027213462fa0
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_powerpc.deb
Size/MD5: 1347170 df48d8bc10826c2805d607f4d52eb738
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_powerpc.deb
Size/MD5: 9782346 4d5986ecf7ace1bd5bf275d101f98e03
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_sparc.deb
Size/MD5: 25362410 e80c7336df062cac6690d745d91730fc
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_sparc.deb
Size/MD5: 1343134 cc62c0d393cacc36a552c304cee9b2a1
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_sparc.deb
Size/MD5: 9473018 dfff27cb2bcb323d51d4b16e11453d49
. Also affects kdelibs 3.5.6, as per KDE official advisory.
Updated packages have been patched to prevent this.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537
Updated Packages:
Mandriva Linux 2007.1: 290249d063eb99aa0267060e28bd3d63 2007.1/i586/kdelibs-common-3.5.6-11.1mdv2007.1.i586.rpm 0392bf166e2b95b8274f67e24066dc8a 2007.1/i586/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.i586.rpm 06107eb81ff8b184812f7a8ae31b52b9 2007.1/i586/libkdecore4-3.5.6-11.1mdv2007.1.i586.rpm ffb71260989867bcec7d7fae45b86b5a 2007.1/i586/libkdecore4-devel-3.5.6-11.1mdv2007.1.i586.rpm 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 258cf38cce814a12a44c79c283de7c3d 2007.1/x86_64/kdelibs-common-3.5.6-11.1mdv2007.1.x86_64.rpm 70b9d63ac375ba65fb6c6b526dfe80f0 2007.1/x86_64/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.x86_64.rpm ee0681c70efd4cebb72a23b773d56f09 2007.1/x86_64/lib64kdecore4-3.5.6-11.1mdv2007.1.x86_64.rpm 664da181e64ab3f343b265cac6de0e87 2007.1/x86_64/lib64kdecore4-devel-3.5.6-11.1mdv2007.1.x86_64.rpm 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGvN99mqjQ0CJFipgRAkoiAJ9cYCEKSJXMFS0+C1kOsR82hamhUQCdHdlA 0d14cDmgZcJ1DxJi7dCNr3E= =ix0J -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "konqueror",
"scope": "eq",
"trust": 2.4,
"vendor": "kde",
"version": "3.5.5"
},
{
"model": "kde",
"scope": "lte",
"trust": 0.8,
"vendor": "kde",
"version": "3.5.6"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux enterprise server sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "suse linux open-xchange",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.1"
},
{
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux enterprise server for s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux enterprise server for s/390",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10"
},
{
"model": "linux database server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "libkhtml",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "4.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.2-6"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.4"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1"
},
{
"model": "konqueror b",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.3"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.1"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.2"
},
{
"model": "konqueror",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.4"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4.3"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.5"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.4"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.3"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.2"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.0.1"
},
{
"model": "kdelibs",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.0"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.6"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.5"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.4"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.5"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.4"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.5"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.4"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.2"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.1"
},
{
"model": "b",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.5"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.4"
},
{
"model": "a",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.3"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "3.0"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.0.1"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.0"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "2.0"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "1.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "1.1.2"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "1.1.1"
},
{
"model": "kde",
"scope": "eq",
"trust": 0.3,
"vendor": "kde",
"version": "1.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "safari rss pre-release",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2"
},
{
"model": "mobile safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "4.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "4.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "3.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "4.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "22428"
},
{
"db": "BID",
"id": "23020"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:kde:konqueror:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0537",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-0537",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0537",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2007-0537",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-477",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. As a result, authentication information may be leaked. Konquerer is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied data. \nExploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. \nAll versions of KDE up to and including KDE 3.5.6 are vulnerable to this issue. Apple Safari web browser is also vulnerable to this issue. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200703-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: KHTML: Cross-site scripting (XSS) vulnerability\n Date: March 10, 2007\n Bugs: #165606\n ID: 200703-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nThe KHTML component shipped with the KDE libraries is prone to a\ncross-site scripting (XSS) vulnerability. \n\nBackground\n==========\n\nKDE is a feature-rich graphical desktop environment for Linux and\nUnix-like Operating Systems. KHTML is the HTML interpreter used in\nKonqueror and other parts of KDE. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 kde-base/kdelibs \u003c 3.5.5-r8 \u003e= 3.5.5-r8\n\nDescription\n===========\n\nThe KHTML code allows for the execution of JavaScript code located\ninside the \"Title\" HTML element, a related issue to the Safari error\nfound by Jose Avila. \n\nImpact\n======\n\nWhen viewing a HTML page that renders unsanitized attacker-supplied\ninput in the page title, Konqueror and other parts of KDE will execute\narbitrary JavaScript code contained in the page title, allowing for the\ntheft of browser session data or cookies. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll KDElibs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=kde-base/kdelibs-3.5.5-r8\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-0537\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537\n [ 2 ] CVE-2007-0478\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0478\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200703-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. =========================================================== \nUbuntu Security Notice USN-420-1 February 06, 2007\nkdelibs vulnerability\nCVE-2007-0537\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.06 LTS\nUbuntu 6.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n kdelibs4c2 4:3.4.3-0ubuntu2.2\n\nUbuntu 6.06 LTS:\n kdelibs4c2a 4:3.5.2-0ubuntu18.2\n\nUbuntu 6.10:\n kdelibs4c2a 4:3.5.5-0ubuntu3.1\n\nAfter a standard system upgrade you need to restart your session to\neffect the necessary changes. By \ntricking a Konqueror user into visiting a malicious website, an attacker \ncould bypass cross-site scripting protections. \n\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.diff.gz\n Size/MD5: 330443 7bf67340aef75bbafe1bf0f517ad0677\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.dsc\n Size/MD5: 1523 9a013d5dc8f7953036af99dd264f9811\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3.orig.tar.gz\n Size/MD5: 19981388 36e7a8320bd95760b41c4849da170100\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.4.3-0ubuntu2.2_all.deb\n Size/MD5: 6970448 a0a541bd78cb848da8aa97ac4b29d0fe\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.4.3-0ubuntu2.2_all.deb\n Size/MD5: 29298458 f04629ca27bafeaa897a86839fc6e645\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2_all.deb\n Size/MD5: 30714 8ec392ba5ba0f78e9b12dd9d025019d6\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_amd64.deb\n Size/MD5: 926668 3e7c767a9eeb80d0a85640d7dbfb53d7\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_amd64.deb\n Size/MD5: 1309046 e73c5de672193ac0385a28dd3accf646\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_amd64.deb\n Size/MD5: 22552842 287114119aee64a256f8fce295e9d034\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_amd64.deb\n Size/MD5: 9109026 aa34fe2f02d9772ad8e25bb36e573505\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_i386.deb\n Size/MD5: 814498 1eace86f58caf3f936c77e749a45ffc6\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_i386.deb\n Size/MD5: 1305652 0ce209d9c2c5ed846dbb1edc16fe5606\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_i386.deb\n Size/MD5: 19410566 85751508b7f13b790cbda8d795930a72\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_i386.deb\n Size/MD5: 8072650 9caf6a826bb790e309036555f40b9b8d\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_powerpc.deb\n Size/MD5: 909782 0a1cbec28532ca006c7ddcb6990a6e65\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_powerpc.deb\n Size/MD5: 1310430 f31f57e3c37f8c12e586cfa0084dc203\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_powerpc.deb\n Size/MD5: 22763768 b1aba1f6b9ef2c454f2172d442302b49\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_powerpc.deb\n Size/MD5: 8433768 18b2c898ed6d40844c19635d8b85e8a2\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_sparc.deb\n Size/MD5: 831058 158b90fe780e29e6618cf4b7f9f96bc8\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_sparc.deb\n Size/MD5: 1307028 b1c14bf29a7622ac3844c68a652bf21c\n http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_sparc.deb\n Size/MD5: 20031538 f2778deea8ef14eb9b3e90f5ed97ab50\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_sparc.deb\n Size/MD5: 8241130 26c0145f1abb71b0a3ea5a89214df223\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.diff.gz\n Size/MD5: 477706 5d236a3b69a4bae7b81d337e58a2c3fe\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.dsc\n Size/MD5: 1609 0a27d1f21c1374d8abf8ea0dba0abf79\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2.orig.tar.gz\n Size/MD5: 18775353 00c878d449522fb8aa2769a4c5ae1fde\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.2-0ubuntu18.2_all.deb\n Size/MD5: 7083858 f74b97726f683b5eca3798bd8f7ae2a1\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.2-0ubuntu18.2_all.deb\n Size/MD5: 41496444 87e2fc31c4dd95cd7d87aeee51dec330\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2_all.deb\n Size/MD5: 35748 636e14773798c30ddf4c0a87b3d5cd39\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_amd64.deb\n Size/MD5: 925624 1ba9b88fc6456c6dac97693532412fde\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_amd64.deb\n Size/MD5: 26451886 2eaed22c02f68909ebe219629a774dc6\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_amd64.deb\n Size/MD5: 1355626 1458250a60303a07ad551ce343ae23ec\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_amd64.deb\n Size/MD5: 9406898 7f952f591c7345216bfc0bb42277875d\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_i386.deb\n Size/MD5: 814970 cc6ae65176411013a8dea78a77151e25\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_i386.deb\n Size/MD5: 22925204 60d4c71b837e82da16d2b1ad75cbf628\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_i386.deb\n Size/MD5: 1352256 1ceee31122ff0fe680fbdbebbd6c8ced\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_i386.deb\n Size/MD5: 8334452 427cd25652287fc52ba2bdbd028c2f33\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_powerpc.deb\n Size/MD5: 905950 4b29acb4cc1a8fb52ff9bb7b3715b0d3\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_powerpc.deb\n Size/MD5: 26718664 f92f6f62ab9b9bbd0da8cb649dbeb132\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_powerpc.deb\n Size/MD5: 1356968 a6e62679f09dbafa54137204af905494\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_powerpc.deb\n Size/MD5: 8689506 0b3b6f533712eb6a8143827d2b01b015\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_sparc.deb\n Size/MD5: 827096 17f46503797d14c6be17c7fd890ac843\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_sparc.deb\n Size/MD5: 23623320 36aefb75ec36a60d3308392842556130\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_sparc.deb\n Size/MD5: 1353298 9627c92acea5abc671668d0b5ecfd744\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_sparc.deb\n Size/MD5: 8491558 dd2fe11d276e78bb16bd42bc34452c20\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.diff.gz\n Size/MD5: 734200 8d5db0d6c6070468a32841b75a9e0d83\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.dsc\n Size/MD5: 1691 7a23f4f003e66e4a4fb90f620a0de347\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5.orig.tar.gz\n Size/MD5: 18926397 65e455d5814142ee992097230ffe7e80\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.5-0ubuntu3.1_all.deb\n Size/MD5: 7210528 1e62a8249a44e98da5ba24c1eaa1d4f0\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.5-0ubuntu3.1_all.deb\n Size/MD5: 39981890 5469fd4b98d68f0e01ddb4bd5ba7d904\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1_all.deb\n Size/MD5: 37742 2b1ebdb5648cbd390ecd1fa8d6b2d7e4\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_amd64.deb\n Size/MD5: 27050664 b7884e4a85307416811f755e2ed967aa\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_amd64.deb\n Size/MD5: 1345432 c2cd5e2b9433e629ae366965b47c30c6\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_amd64.deb\n Size/MD5: 10401586 f02e2f09dfd27d09f2a00daaaa6a7969\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_i386.deb\n Size/MD5: 26229446 ae021c2a0a95f237a934962a39e13821\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_i386.deb\n Size/MD5: 1343076 5e46eaa9d38a6876671efd18ac052ef5\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_i386.deb\n Size/MD5: 9555316 4573d9f461ff2a441a13ac744e8f27e5\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_powerpc.deb\n Size/MD5: 28018226 74bc9b1b1e11817b33e3027213462fa0\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_powerpc.deb\n Size/MD5: 1347170 df48d8bc10826c2805d607f4d52eb738\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_powerpc.deb\n Size/MD5: 9782346 4d5986ecf7ace1bd5bf275d101f98e03\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_sparc.deb\n Size/MD5: 25362410 e80c7336df062cac6690d745d91730fc\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_sparc.deb\n Size/MD5: 1343134 cc62c0d393cacc36a552c304cee9b2a1\n http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_sparc.deb\n Size/MD5: 9473018 dfff27cb2bcb323d51d4b16e11453d49\n\n. Also affects kdelibs 3.5.6,\n as per KDE official advisory. \n \n Updated packages have been patched to prevent this. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 290249d063eb99aa0267060e28bd3d63 2007.1/i586/kdelibs-common-3.5.6-11.1mdv2007.1.i586.rpm\n 0392bf166e2b95b8274f67e24066dc8a 2007.1/i586/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.i586.rpm\n 06107eb81ff8b184812f7a8ae31b52b9 2007.1/i586/libkdecore4-3.5.6-11.1mdv2007.1.i586.rpm\n ffb71260989867bcec7d7fae45b86b5a 2007.1/i586/libkdecore4-devel-3.5.6-11.1mdv2007.1.i586.rpm \n 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 258cf38cce814a12a44c79c283de7c3d 2007.1/x86_64/kdelibs-common-3.5.6-11.1mdv2007.1.x86_64.rpm\n 70b9d63ac375ba65fb6c6b526dfe80f0 2007.1/x86_64/kdelibs-devel-doc-3.5.6-11.1mdv2007.1.x86_64.rpm\n ee0681c70efd4cebb72a23b773d56f09 2007.1/x86_64/lib64kdecore4-3.5.6-11.1mdv2007.1.x86_64.rpm\n 664da181e64ab3f343b265cac6de0e87 2007.1/x86_64/lib64kdecore4-devel-3.5.6-11.1mdv2007.1.x86_64.rpm \n 2f2938b43f88a2a197e6cc90b35c63b8 2007.1/SRPMS/kdelibs-3.5.6-11.1mdv2007.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGvN99mqjQ0CJFipgRAkoiAJ9cYCEKSJXMFS0+C1kOsR82hamhUQCdHdlA\n0d14cDmgZcJ1DxJi7dCNr3E=\n=ix0J\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0537"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "BID",
"id": "22428"
},
{
"db": "BID",
"id": "23020"
},
{
"db": "PACKETSTORM",
"id": "55049"
},
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "54252"
},
{
"db": "PACKETSTORM",
"id": "58491"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0537",
"trust": 3.4
},
{
"db": "BID",
"id": "22428",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "23932",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1017591",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "24442",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "24013",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "24889",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "24463",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "27108",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "24065",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "32975",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-0505",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221",
"trust": 0.8
},
{
"db": "SUSE",
"id": "SUSE-SR:2007:006",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2007:0909",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2007:031",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2007:157",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070124 RE: SAFARI IMPROPERLY PARSES HTML DOCUMENTS \u0026 BLOGSPOT XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-420-1",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200703-10",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477",
"trust": 0.6
},
{
"db": "BID",
"id": "23020",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "55049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "54252",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58491",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "22428"
},
{
"db": "BID",
"id": "23020"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "PACKETSTORM",
"id": "55049"
},
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "54252"
},
{
"db": "PACKETSTORM",
"id": "58491"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"id": "VAR-200701-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:24:06.215000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "kdelibs-3.5.5-11.15AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=48"
},
{
"title": "khtml/konqueror title XSS vulnerability",
"trust": 0.8,
"url": "http://www.kde.org/info/security/advisory-20070206-1.txt"
},
{
"title": "kdelibs (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1153"
},
{
"title": "RHSA-2007:0909",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0909.html"
},
{
"title": "TLSA-2007-19",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/tlsa-2007-19.txt"
},
{
"title": "RHSA-2007:0909",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0909j.html"
},
{
"title": "TLSA-2007-19",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/tlsa-2007-19j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23932"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22428"
},
{
"trust": 2.4,
"url": "http://securitytracker.com/id?1017591"
},
{
"trust": 1.9,
"url": "http://www.kde.org/info/security/advisory-20070206-1.txt"
},
{
"trust": 1.6,
"url": "https://issues.rpath.com/browse/rpl-1117"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-420-1"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0909.html"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:157"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:031"
},
{
"trust": 1.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/27108"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24889"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24463"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24442"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24065"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/24013"
},
{
"trust": 1.6,
"url": "http://osvdb.org/32975"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2007/0505"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0537"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/457924/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0505"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10244"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/457924/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-0537"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2007:031"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0537"
},
{
"trust": 0.3,
"url": "http://www.kde.org/"
},
{
"trust": 0.3,
"url": "http://www.konqueror.org/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200701e.html"
},
{
"trust": 0.3,
"url": "http://jvn.jp/jp/jvn%2383832818/index.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0478"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200703-10.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0478"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.4.3-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3-0ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.2-0ubuntu18.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.5.2-0ubuntu18.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2_3.4.3-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.4.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.2-0ubuntu18.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.5-0ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.2-0ubuntu18.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.4.3-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/k/kdelibs/kdelibs4c2-dbg_3.4.3-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.2-0ubuntu18.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.4.3-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.5-0ubuntu3.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.5-0ubuntu3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.2-0ubuntu18.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.5-0ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.5-0ubuntu3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.2-0ubuntu18.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.5-0ubuntu3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-bin_3.4.3-0ubuntu2.2_amd64.deb"
}
],
"sources": [
{
"db": "BID",
"id": "22428"
},
{
"db": "BID",
"id": "23020"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "PACKETSTORM",
"id": "55049"
},
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "54252"
},
{
"db": "PACKETSTORM",
"id": "58491"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "22428"
},
{
"db": "BID",
"id": "23020"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"db": "PACKETSTORM",
"id": "55049"
},
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "54252"
},
{
"db": "PACKETSTORM",
"id": "58491"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-06T00:00:00",
"db": "BID",
"id": "22428"
},
{
"date": "2007-03-19T00:00:00",
"db": "BID",
"id": "23020"
},
{
"date": "2007-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"date": "2007-03-14T00:54:51",
"db": "PACKETSTORM",
"id": "55049"
},
{
"date": "2007-02-06T04:21:11",
"db": "PACKETSTORM",
"id": "54183"
},
{
"date": "2007-02-08T04:48:24",
"db": "PACKETSTORM",
"id": "54252"
},
{
"date": "2007-08-14T00:24:12",
"db": "PACKETSTORM",
"id": "58491"
},
{
"date": "2006-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"date": "2007-01-29T16:28:00",
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T09:23:00",
"db": "BID",
"id": "22428"
},
{
"date": "2007-03-19T20:14:00",
"db": "BID",
"id": "23020"
},
{
"date": "2007-12-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000221"
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-477"
},
{
"date": "2018-10-16T16:33:11.247000",
"db": "NVD",
"id": "CVE-2007-0537"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "58491"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KDE kdelibs Cross-site scripting vulnerability due to title tag",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000221"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "54183"
},
{
"db": "PACKETSTORM",
"id": "54252"
},
{
"db": "PACKETSTORM",
"id": "58491"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-477"
}
],
"trust": 0.9
}
}
VAR-200801-0561
Vulnerability from variot - Updated: 2024-07-23 21:23Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks. The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. A remote attacker could send Apache crafted date headers and cause a denial of service via application crash. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. A remote attacker could send a crafted request and cause a denial of service via application crash. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE----- . The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.
Apache has been the most popular web server on the Internet since April 1996. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state."
- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---
During the fact that Apache mod_status do not filter char ";" we can inject new URL. This fact give attacker open redirector and can lead to phishing attack. Also attacker can create more advanced method to trigger XSS on victim's browser. Exploit ---
SecurityReason is not going to release a exploit to the general public. Exploit was provided and tested for Apache Team . References ---
A Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein
- --- 5. Greets ---
For: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp
- --- 6. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200801-0561",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux as (v.4)"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux es (v.4)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.60"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "networks self-service wvads",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "networks self-service web centric ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks self service voicexml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.61:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:1.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:2.0.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sp3x is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "27237"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6388",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-6388",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6388",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200801-095",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users\u0027 browsers to arbitrary locations, which may aid in phishing attacks. \nThe issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. A remote\nattacker could send Apache crafted date headers and cause a denial of\nservice via application crash. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. A remote attacker could send a crafted\nrequest and cause a denial of service via application crash. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n. The goal of this project is to\nprovide a secure, efficient and extensible server that provides\nHTTP services in sync with the current HTTP standards. \n\nApache has been the most popular web server on the Internet since\nApril 1996. The November 2005 Netcraft Web Server Survey found\nthat more than 70% of the web sites on the Internet are using\nApache, thus making it more widely used than all other web\nservers combined. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.\"\n\n- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---\n\nDuring the fact that Apache mod_status do not filter char \";\" we can inject new URL. \nThis fact give attacker open redirector and can lead to phishing attack. \nAlso attacker can create more advanced method to trigger XSS on victim\u0027s browser. Exploit ---\n\nSecurityReason is not going to release a exploit to the general public. \nExploit was provided and tested for Apache Team . References ---\n\nA Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein\n\n- --- 5. Greets ---\n\nFor: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp\n\n- --- 6. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6388",
"trust": 3.6
},
{
"db": "BID",
"id": "27237",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1019154",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29504",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33200",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28965",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3541",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0047",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0554",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0447",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0986",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA08-079A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA08-079A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62634",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"id": "VAR-200801-0561",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:23:07.143000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 1.3.41",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41"
},
{
"title": "Fixed in Apache httpd 2.0.63",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63"
},
{
"title": "Fixed in Apache httpd 2.2.8",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht1897"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht1897?viewlocale=ja_jp"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-ja"
},
{
"title": "httpd-2.2.3-11.3.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94"
},
{
"title": "HS08-016",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs08-016/index.html"
},
{
"title": "HPSBUX02313",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01364714"
},
{
"title": "HPSBUX02313",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02313.html"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk65782"
},
{
"title": "PK63273",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=sseqtj\u0026uid=swg1pk63273\u0026loc=en_us\u0026cs=utf-8\u0026cc=us\u0026lang=all"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227"
},
{
"title": "httpd (V3.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1224"
},
{
"title": "httpd (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1221"
},
{
"title": "apache (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1205"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"title": "RHSA-2008:0007",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "233623",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"title": "TLSA-2008-5",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2008/tlsa-2008-5.txt"
},
{
"title": "interstage_as_200808",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200808.html"
},
{
"title": "HS08-016",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs08-016/index.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0005j.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0006j.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0008j.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0004j.html"
},
{
"title": "TLSA-2008-5",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/tlsa-2008-5j.txt"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-575-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/27237"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1019154"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 2.0,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=689039"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk62966"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://www116.nortel.com/pub/repository/clarify/document/2008/05/023342-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28965"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk59667\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29504"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3541"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33200"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0554"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0986/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0047"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0447/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10272"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/0047"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-6388"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/28471/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.4,
"url": "http://securityreason.com/achievement_securityalert/50"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01364714"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/docs/2.0/mod/mod_status.html"
},
{
"trust": 0.1,
"url": "http://securityreason.com/key/sp3x.gpg"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/archive/1/450418"
},
{
"trust": 0.1,
"url": "http://securityreason.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-01-08T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"date": "2008-01-10T00:00:00",
"db": "BID",
"id": "27237"
},
{
"date": "2008-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262"
},
{
"date": "2008-01-17T05:57:19",
"db": "PACKETSTORM",
"id": "62720"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2008-01-17T05:56:17",
"db": "PACKETSTORM",
"id": "62719"
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721"
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120"
},
{
"date": "2008-01-15T20:26:59",
"db": "PACKETSTORM",
"id": "62634"
},
{
"date": "2008-02-13T22:27:37",
"db": "PACKETSTORM",
"id": "63601"
},
{
"date": "2008-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"date": "2008-01-08T18:46:00",
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-06T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"date": "2015-04-13T21:21:00",
"db": "BID",
"id": "27237"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"date": "2024-02-02T16:16:50.433000",
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_status Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 1.2
}
}
VAR-201710-0974
Vulnerability from variot - Updated: 2024-07-23 21:12Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant).
An attacker exploiting the vulnerabilities could force the vulnerable system to reuse cryptographic session keys, enabling a range of cryptographic attacks against the ciphers used in WPA1 and WPA2.
For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u1.
For the testing distribution (buster), these problems have been fixed in version 2:2.4-1.1.
For the unstable distribution (sid), these problems have been fixed in version 2:2.4-1.1.
We recommend that you upgrade your wpa packages. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. 6) - i386, x86_64
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0974",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "11"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "6"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13087",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13087",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30398",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13087",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13087",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30398",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-388",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13087",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). A group key reload vulnerability exists in WPA2 wireless network sleep mode. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. Those vulnerabilities applies to both the access point\n(implemented in hostapd) and the station (implemented in wpa_supplicant). \n\nAn attacker exploiting the vulnerabilities could force the vulnerable system to\nreuse cryptographic session keys, enabling a range of cryptographic attacks\nagainst the ciphers used in WPA1 and WPA2. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2:2.4-1+deb9u1. \n\nFor the testing distribution (buster), these problems have been fixed\nin version 2:2.4-1.1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2:2.4-1.1. \n\nWe recommend that you upgrade your wpa packages. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 6) - i386, x86_64\n\n3. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13087"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13087",
"trust": 4.2
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30398",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "AA0BE958-12F8-4C92-BA4F-8046A72E7FE0",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13087",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"id": "VAR-201710-0974",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
}
]
},
"last_update_date": "2024-07-23T21:12:37.370000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066 ",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b ",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network Sleep Mode Group Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103826"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75502"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13087",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13087"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13087"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.7,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "144630"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "aa0be958-12f8-4c92-ba4f-8046a72e7fe0"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-10-16T13:49:34",
"db": "PACKETSTORM",
"id": "144630"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-10-18T20:20:00",
"db": "PACKETSTORM",
"id": "144659"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"date": "2017-10-17T13:29:00.600000",
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30398"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13087"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009178"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-388"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13087"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-388"
}
],
"trust": 0.6
}
}
VAR-201406-0137
Vulnerability from variot - Updated: 2024-07-23 21:11The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. The following are vulnerable: OpenSSL 0.9.8 prior to 0.9.8za OpenSSL 1.0.0 prior to 1.0.0m OpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications.
We apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.21
After a standard system update you need to reboot your computer to make all the necessary changes.
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224).
The updated packages have been upgraded to the 1.0.0m version where these security flaws has been fixed.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 http://www.openssl.org/news/secadv_20140605.txt
Updated Packages:
Mandriva Business Server 1/X86_64: 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTlcuxmqjQ0CJFipgRAtEQAJsEeYwuETVPTeadp+pdK9wJfQqgOgCfXDif 30xyBHFmHJa6MS/00iqN2aY= =9sdw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04355095
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04355095 Version: 1
HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-08-08 Last Updated: 2014-08-08
Potential Security Impact: Remote denial of service (DoS), code execution, unauthorized access, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH), HP Smart Update Manager (SUM), and HP Version Control Agent (VCA) running on Linux and Windows. These components of HP Insight Control server deployment could be exploited remotely resulting in denial of service (DoS), code execution, unauthorized access, or disclosure of information.
HP Insight Control server deployment packages HP System Management Homepage (SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM) and deploys them through the following components. This bulletin provides the information needed to update the HP Insight Control server deployment solution.
Install HP Management Agents for Windows x86/x64 Install HP Management Agents for RHEL 5 x64 Install HP Management Agents for RHEL 6 x64 Install HP Management Agents for SLES 10 x64 Install HP Management Agents for SLES 11 x64 Upgrade Proliant Firmware
References:
CVE-2010-5298 Remote Denial of Service CVE-2014-0076 Unauthorized Disclosure of Information CVE-2014-0195 Remote Unauthorized Access CVE-2014-0198 Remote Denial of Service CVE-2014-0221 Remote Denial of Service (DoS) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information CVE-2014-3470 Remote Code Execution or Unauthorized Access SSRT101628
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following updates to v7.3.1 of HP Insight Control server deployment to resolve this vulnerability. HP has provided manual update steps if a version upgrade is not possible; if users wish to remain at v7.1.2, v7.2.0, or v7.2.1.
Note: It is important to check your current running version of HP Insight Control server deployment and to follow the correct steps listed below. For HP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and follow the steps below to remove the vulnerability. The vulnerability known as Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server deployment v7.3.1. That Security Bulletin with instructions on how to upgrade to v7.3.1 can be found here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n a-c04267749
HP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should take the following steps to remove this vulnerability.
Delete the files smhamd64-.exe/smhx86-.exe" from Component Copy Location listed in the following table, rows 1 and 2. Delete the files "vcax86-.exe/vcaamd64-.exe from Component Copy Location listed in the following table, rows 3 and 4. Delete the files hpsmh-7.*.rpm" from Component Copy Location listed in row 5. In sequence, perform the steps from left to right in the following table. First, download components from Download Link; Second, rename the component as suggested in Rename to. Third, copy the component to the location specified in Component Copy Location. Table Row Number Download Link Rename to Component Copy Location
1 http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba smhamd64-ccp023716.exe \express\hpfeatures\hpagents-ws\components\Win2008
2 http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05 smhx86-cp023715.exe \express\hpfeatures\hpagents-ws\components\Win2008
3 http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13 vcax86-cp023742.exe \express\hpfeatures\hpagents-ws\components\Win2008
4 http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2 vcaamd64-cp023743.exe \express\hpfeatures\hpagents-ws\components\Win2008
5 http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93 Do not rename the downloaded component for this step. \express\hpfeatures\hpagents-sles11-x64\components \express\hpfeatures\hpagents-sles10-x64\components \express\hpfeatures\hpagents-rhel5-x64\components \express\hpfeatures\hpagents-rhel6-x64\components
Download and extract the HPSUM 5.3.6 component from ftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793
Copy all content from extracted ZIP folder and paste into \eXpress\hpfeatures\fw-proLiant\components Initiate Install HP Management Agents for SLES 11 x64 on targets running SLES11 x64. Initiate Install HP Management Agents for SLES 10 x64 on targets running SLES10 x64. Initiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL 6 x64. Initiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL 5 x64. Initiate Install HP Management Agents for Windows x86/x64 on targets running Windows.
HP Insight Control server deployment users with v7.2.2:
Please upgrade to Insight Control server deployment v7.3.1 and follow the steps below for v7.3.1.
HP Insight Control server deployment users with v7.3.1:
Perform steps 1 - 4 as outlined above for users with HP Insight Control server deployment v7.1.2, v7.2.0, and v7.2.1. Download the HP SUM ZIP file from http://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f
Extract the contents from the HP SUM ZIP file to \eXpress\hpfeatures\fw-proLiant\components location on the Insight Control server deployment server
Related security bulletins:
For System Management Homepage please see Security bulletin HPSBMU03051 https ://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04 345210
For HP Version Control Agent please see Security bulletin HPSBMU03057 https:/ /h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434 9897
HISTORY Version:1 (rev.1) - 8 August 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5 MoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go =r0qe -----END PGP SIGNATURE----- .
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1h-r1"
References
[ 1 ] CVE-2010-5298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298 [ 2 ] CVE-2014-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195 [ 3 ] CVE-2014-0198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198 [ 4 ] CVE-2014-0221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221 [ 5 ] CVE-2014-0224 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224 [ 6 ] CVE-2014-3470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470 [ 7 ] OpenSSL Security Advisory [05 Jun 2014] http://www.openssl.org/news/secadv_20140605.txt
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201407-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Summary
VMware product updates address OpenSSL security vulnerabilities.
- Problem Description
a.
OpenSSL libraries have been updated in multiple products to
versions 0.9.8za and 1.0.1h in order to resolve multiple security
issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-0224, CVE-2014-0198,
CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to
these issues. The most important of these issues is
CVE-2014-0224.
CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to
be of moderate severity. Exploitation is highly unlikely or is
mitigated due to the application configuration.
CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL
Security Advisory (see Reference section below), do not affect
any VMware products. For readability
the affected products have been split into 3 tables below,
based on the different client-server configurations and
deployment scenarios. Applying these patches to
affected servers will mitigate the affected clients (See Table 1
below).
Clients that communicate over untrusted networks such as public
Wi-Fi and communicate to a server running a vulnerable version of
OpenSSL 1.0.1. can be mitigated by using a secure network such as
VPN (see Table 2 below).
Clients and servers that are deployed on an isolated network are
less exposed to CVE-2014-0224 (see Table 3 below). The affected
products are typically deployed to communicate over the
management network.
RECOMMENDATIONS
VMware recommends customers evaluate and deploy patches for
affected Servers in Table 1 below as these patches become
available. Patching these servers will remove the ability to
exploit the vulnerability described in CVE-2014-0224 on both
clients and servers. VMware recommends customers consider
applying patches to products listed in Table 2 & 3 as required.
Column 4 of the following tables lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
ESXi 5.5 ESXi ESXi550-
201406401-SG
Big Data Extensions 1.1 patch pending
Charge Back Manager 2.6 patch pending
Horizon Workspace Server
GATEWAY 1.8.1 patch pending
Horizon Workspace Server
GATEWAY 1.5 patch pending
Horizon Workspace Server
DATA 1.8.1 patch pending
Horizon Mirage Edge Gateway 4.4.2 patch pending
Horizon View 5.3.1 patch pending
Horizon View Feature Pack 5.3 SP2 patch pending
NSX for Multi-Hypervisor 4.1.2 patch pending
NSX for Multi-Hypervisor 4.0.3 patch pending
NSX for vSphere 6.0.4 patch pending
NVP 3.2.2 patch pending
vCAC 6.0.1 patch pending
vCloud Networking and Security 5.5.2 patch pending
vCloud Networking and Security 5.1.2 patch pending
vFabric Web Server 5.3.4 patch pending
vCHS - DPS-Data Protection 2.0 patch pending
Service
Table 2
========
Affected clients running a vulnerable version of OpenSSL 0.9.8
or 1.0.1 and communicating over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCSA 5.5 patch pending
vCSA 5.1 patch pending
vCSA 5.0 patch pending
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending
Workstation 10.0.2 any patch pending
Workstation 9.0.3 any patch pending
Fusion 6.x OSX patch pending
Fusion 5.x OSX patch pending
Player 10.0.2 any patch pending
Player 9.0.3 any patch pending
Chargeback Manager 2.5.x patch pending
Horizon Workspace Client for 1.8.1 OSX patch pending
Mac
Horizon Workspace Client for 1.5 OSX patch pending
Mac
Horizon Workspace Client for 1.8.1 Windows patch pending
Windows
Horizon Workspace Client for 1.5 Windows patch pending
OVF Tool 3.5.1 patch pending
OVF Tool 3.0.1 patch pending
vCenter Operations Manager 5.8.1 patch pending
vCenter Support Assistant 5.5.0 patch pending
vCenter Support Assistant 5.5.1 patch pending
vCD 5.1.2 patch pending
vCD 5.1.3 patch pending
vCD 5.5.1.1 patch pending
vCenter Site Recovery Manager 5.0.3.1 patch pending
Table 3
=======
The following table lists all affected clients running a
vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating
over an untrusted network.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======= ======= =============
vCenter Server 5.5 any patch pending
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending
Update Manager 5.5 Windows patch pending
Update Manager 5.1 Windows patch pending
Update Manager 5.0 Windows patch pending
Config Manager (VCM) 5.6 patch pending
Horizon View Client 5.3.1 patch pending
Horizon View Client 4.x patch pending
Horizon Workspace 1.8.1 patch pending
Horizon Workspace 1.5 patch pending
ITBM Standard 1.0.1 patch pending
ITBM Standard 1.0 patch pending
Studio 2.6.0.0 patch pending
Usage Meter 3.3 patch pending
vCenter Chargeback Manager 2.6 patch pending
vCenter Converter Standalone 5.5 patch pending
vCenter Converter Standalone 5.1 patch pending
vCD (VCHS) 5.6.2 patch pending
vCenter Site Recovery Manager 5.5.1 patch pending
vCenter Site Recovery Manager 5.1.1 patch pending
vFabric Application Director 5.2.0 patch pending
vFabric Application Director 5.0.0 patch pending
View Client 5.3.1 patch pending
View Client 4.x patch pending
VIX API 5.5 patch pending
VIX API 1.12 patch pending
vMA (Management Assistant) 5.1.0.1 patch pending
VMware Data Recovery 2.0.3 patch pending
VMware vSphere CLI 5.5 patch pending
vSphere Replication 5.5.1 patch pending
vSphere Replication 5.6 patch pending
vSphere SDK for Perl 5.5 patch pending
vSphere Storage Appliance 5.5.1 patch pending
vSphere Storage Appliance 5.1.3 patch pending
vSphere Support Assistant 5.5.1 patch pending
vSphere Support Assistant 5.5.0 patch pending
vSphere Virtual Disk 5.5 patch pending
Development Kit
vSphere Virtual Disk 5.1 patch pending
Development Kit
vSphere Virtual Disk 5.0 patch pending
Development Kit
- Solution
ESXi 5.5
Download: https://www.vmware.com/patchmgr/download.portal
Release Notes and Remediation Instructions: http://kb.vmware.com/kb/2077359
- References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
https://www.openssl.org/news/secadv_20140605.txt
- Change Log
2014-06-10 VMSA-2014-0006 Initial security advisory in conjunction with the release of ESXi 5.5 updates on 2014-06-10
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved. The updates are available from the following location using ftp:
ftp://srt03046:Secure12@ftp.usa.hp.com
User name: srt03046 Password: Secure12 ( NOTE: Case sensitive)
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) A.00.09.08za.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2) A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08za or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant. OpenSSL Security Advisory [05 Jun 2014]
SSL/TLS MITM vulnerability (CVE-2014-0224)
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The attack can only be performed between a vulnerable client and server. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and researching this issue. This issue was reported to OpenSSL on 1st May 2014 via JPCERT/CC.
The fix was developed by Stephen Henson of the OpenSSL core team partly based on an original patch from KIKUCHI Masashi.
DTLS recursion flaw (CVE-2014-0221)
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.
Only applications using OpenSSL as a DTLS client are affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This issue was reported to OpenSSL on 9th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
DTLS invalid fragment vulnerability (CVE-2014-0195)
A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server.
Only applications using OpenSSL as a DTLS client or server affected.
OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
Thanks to Jüri Aedla for reporting this issue. This issue was reported to OpenSSL on 23rd April 2014 via HP ZDI.
The fix was developed by Stephen Henson of the OpenSSL core team.
SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)
A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public. The fix was developed by Matt Caswell of the OpenSSL development team.
SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
This issue was reported in public.
Anonymous ECDH denial of service (CVE-2014-3470)
OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack.
OpenSSL 0.9.8 users should upgrade to 0.9.8za OpenSSL 1.0.0 users should upgrade to 1.0.0m. OpenSSL 1.0.1 users should upgrade to 1.0.1h.
Thanks to Felix Gröbert and Ivan Fratrić at Google for discovering this issue. This issue was reported to OpenSSL on 28th May 2014.
The fix was developed by Stephen Henson of the OpenSSL core team.
Other issues
OpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for CVE-2014-0076: Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" Reported by Yuval Yarom and Naomi Benger. This issue was previously fixed in OpenSSL 1.0.1g.
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20140605.txt
Note: the online version of the advisory may be updated with additional details over time.
The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Storage Server 2.1 - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. (CVE-2014-0195)
Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)
Red Hat would like to thank the OpenSSL project for reporting these issues. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of CVE-2014-0224, Jüri Aedla as the original reporter of CVE-2014-0195, Imre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix Gröbert and Ivan Fratrić of Google as the original reporters of CVE-2014-3470. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Package List:
Red Hat Storage Server 2.1:
Source: openssl-1.0.1e-16.el6_5.14.src.rpm
x86_64: openssl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm openssl-static-1.0.1e-16.el6_5.14.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (ibm pureapplication system and xen)"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "3.0 (vmware)"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 10.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "standard/advanced edition 11.3"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "patient hub 9.7"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "provider hub 9.7"
},
{
"model": "sdk,",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "for node.js 1.1.0.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "smartcloud orchestrator",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.1 for ibm provided software virtual appliance"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.3 fp1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.1.1 (linux-ix86 and linux-s390)"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.4.0 fp07"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.0 fp04"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.5.1 fp05"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 8.6.0 fp03"
},
{
"model": "tivoli workload scheduler",
"scope": "lte",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.1.0 fp01"
},
{
"model": "tivoli workload scheduler",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "distributed 9.2.0 ga level"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.2"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.3"
},
{
"model": "tivoli composite application manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "for transactions 7.4"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8 thats all 0.9.8za"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0 thats all 1.0.0m"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.1 thats all 1.0.1h"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.9 to 10.9.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.7.5"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.63"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 4.71"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.0"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "of oracle secure global desktop 5.1"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "3.2.24"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.0.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.1.34"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.2.26"
},
{
"model": "vm virtualbox",
"scope": "lt",
"trust": 0.8,
"vendor": "oracle",
"version": "4.3.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "storage",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "l20/300",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lto6 drive",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "lx/30a",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "integrated system ha database ready",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "analytics server"
},
{
"model": "symfoware",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "server"
},
{
"model": "openssl",
"scope": null,
"trust": 0.7,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.20.5.0"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "9.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "9.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "release-p4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "9.1-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "virtual connect 8gb 24-port fc module",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.1-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.9"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "9.1-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "9.1-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip ltm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "big-ip psm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.8"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.7"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "big-ip afm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip asm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "big-ip link controller",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "hardware management console release",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v77.6"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip pem",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip analytics",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip apm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "9.1-release-p14",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.1-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "10.0-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "9.1-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "big-ip gtm",
"scope": "ne",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "9.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "8.4-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.1"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.0m",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1h",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.9.8za",
"versionStartIncluding": "0.9.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.13",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "J\u00fcri Aedla",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0195",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-0195",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0195",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0195",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2014-0195",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DTLS packets. The issue lies in the assumption that all fragments specify the same message size. An attacker could leverage this vulnerability to execute code in the context of the process using OpenSSL. \nThe following are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8za\nOpenSSL 1.0.0 prior to 1.0.0m\nOpenSSL 1.0.1 prior to 1.0.1h. One of the patch backports for\nUbuntu 10.04 LTS caused a regression for certain applications. \n\nWe apologize for the inconvenience. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.21\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n \n OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before\n 1.0.1h does not properly restrict processing of ChangeCipherSpec\n messages, which allows man-in-the-middle attackers to trigger use of a\n zero-length master key in certain OpenSSL-to-OpenSSL communications,\n and consequently hijack sessions or obtain sensitive information,\n via a crafted TLS handshake, aka the CCS Injection vulnerability\n (CVE-2014-0224). \n \n The updated packages have been upgraded to the 1.0.0m version where\n these security flaws has been fixed. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n http://www.openssl.org/news/secadv_20140605.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n 857d06ddc6423ad124b23eb760459033 mbs1/x86_64/lib64openssl1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n d7436f2f95df5c1d64d44a745f125bd8 mbs1/x86_64/lib64openssl-devel-1.0.0m-1.mbs1.x86_64.rpm\n 67f6cd6da42f01fb2f6054a2f96872af mbs1/x86_64/lib64openssl-engines1.0.0-1.0.0m-1.mbs1.x86_64.rpm\n 5d7c5712c1ce70a2dd2596e803bc7004 mbs1/x86_64/lib64openssl-static-devel-1.0.0m-1.mbs1.x86_64.rpm\n 9866e03e1c112b0c4cb5587b142cfa63 mbs1/x86_64/openssl-1.0.0m-1.mbs1.x86_64.rpm \n 9ac714afa9a9b30419f2f1f5c9ec4e48 mbs1/SRPMS/openssl-1.0.0m-1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFTlcuxmqjQ0CJFipgRAtEQAJsEeYwuETVPTeadp+pdK9wJfQqgOgCfXDif\n30xyBHFmHJa6MS/00iqN2aY=\n=9sdw\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04355095\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04355095\nVersion: 1\n\nHPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows\nrunning OpenSSL, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-08-08\nLast Updated: 2014-08-08\n\nPotential Security Impact: Remote denial of service (DoS), code execution,\nunauthorized access, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System\nManagement Homepage (SMH), HP Smart Update Manager (SUM), and HP Version\nControl Agent (VCA) running on Linux and Windows. These components of HP\nInsight Control server deployment could be exploited remotely resulting in\ndenial of service (DoS), code execution, unauthorized access, or disclosure\nof information. \n\nHP Insight Control server deployment packages HP System Management Homepage\n(SMH) and HP Version Control Agent (VCA), and HP Smart Update Manager (SUM)\nand deploys them through the following components. This bulletin provides the\ninformation needed to update the HP Insight Control server deployment\nsolution. \n\nInstall HP Management Agents for Windows x86/x64\nInstall HP Management Agents for RHEL 5 x64\nInstall HP Management Agents for RHEL 6 x64\nInstall HP Management Agents for SLES 10 x64\nInstall HP Management Agents for SLES 11 x64\nUpgrade Proliant Firmware\n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service\nCVE-2014-0076 Unauthorized Disclosure of Information\nCVE-2014-0195 Remote Unauthorized Access\nCVE-2014-0198 Remote Denial of Service\nCVE-2014-0221 Remote Denial of Service (DoS)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nCVE-2014-3470 Remote Code Execution or Unauthorized Access\nSSRT101628\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Insight Control server deployment v7.1.2, v7.2.0, v7.2.1, v7.2.2, v7.3.1\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0076 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2014-0195 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0221 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2014-3470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following updates to v7.3.1 of HP Insight Control server\ndeployment to resolve this vulnerability. HP has provided manual update steps\nif a version upgrade is not possible; if users wish to remain at v7.1.2,\nv7.2.0, or v7.2.1. \n\nNote: It is important to check your current running version of HP Insight\nControl server deployment and to follow the correct steps listed below. For\nHP Insight Control server deployment v7.2.2, users must upgrade to v7.3.1 and\nfollow the steps below to remove the vulnerability. The vulnerability known\nas Heartbleed (CVE-2014-0160) was fixed in HP Insight Control server\ndeployment v7.3.1. That Security Bulletin with instructions on how to upgrade\nto v7.3.1 can be found here:\n\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_n\na-c04267749\n\nHP Insight Control server deployment users of v7.1.2, v7.2.0, v7.2.1 should\ntake the following steps to remove this vulnerability. \n\nDelete the files smhamd64-*.exe/smhx86-*.exe\" from Component Copy Location\nlisted in the following table, rows 1 and 2. \nDelete the files \"vcax86-*.exe/vcaamd64-*.exe from Component Copy Location\nlisted in the following table, rows 3 and 4. \nDelete the files hpsmh-7.*.rpm\" from Component Copy Location listed in row 5. \nIn sequence, perform the steps from left to right in the following table. \nFirst, download components from Download Link; Second, rename the component\nas suggested in Rename to. Third, copy the component to the location\nspecified in Component Copy Location. \nTable Row Number\n Download Link\n Rename to\n Component Copy Location\n\n1\n http://www.hp.com/swpublishing/MTX-e8076c2a35804685ad65b2b1ba\n smhamd64-ccp023716.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n2\n http://www.hp.com/swpublishing/MTX-3395d737d98f42149125b9bb05\n smhx86-cp023715.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n3\n http://www.hp.com/swpublishing/MTX-8aefeaf490284a7691eca97d13\n vcax86-cp023742.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n4\n http://www.hp.com/swpublishing/MTX-c0d32bac154a4d93839d8cd1f2\n vcaamd64-cp023743.exe\n \\\\express\\hpfeatures\\hpagents-ws\\components\\Win2008\n\n5\n http://www.hp.com/swpublishing/MTX-bd9a1cf60e344c549c4888db93\n Do not rename the downloaded component for this step. \n \\\\express\\hpfeatures\\hpagents-sles11-x64\\components\n\\\\express\\hpfeatures\\hpagents-sles10-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel5-x64\\components\n\\\\express\\hpfeatures\\hpagents-rhel6-x64\\components\n\nDownload and extract the HPSUM 5.3.6 component from\nftp://ftp.hp.com/pub/softlib2/software1/pubsw-windows/p750586112/v99793\n\nCopy all content from extracted ZIP folder and paste into\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components\nInitiate Install HP Management Agents for SLES 11 x64 on targets running\nSLES11 x64. \nInitiate Install HP Management Agents for SLES 10 x64 on targets running\nSLES10 x64. \nInitiate Install HP Management Agents for RHEL 6 x64 on targets running RHEL\n6 x64. \nInitiate Install HP Management Agents for RHEL 5 x64 on targets running RHEL\n5 x64. \nInitiate Install HP Management Agents for Windows x86/x64 on targets running\nWindows. \n\nHP Insight Control server deployment users with v7.2.2:\n\nPlease upgrade to Insight Control server deployment v7.3.1 and follow the\nsteps below for v7.3.1. \n\nHP Insight Control server deployment users with v7.3.1:\n\nPerform steps 1 - 4 as outlined above for users with HP Insight Control\nserver deployment v7.1.2, v7.2.0, and v7.2.1. \nDownload the HP SUM ZIP file from\nhttp://www.hp.com/swpublishing/MTX-f6c141a7feeb4a358bbb28300f\n\nExtract the contents from the HP SUM ZIP file to\n\\\\eXpress\\hpfeatures\\fw-proLiant\\components location on the Insight Control\nserver deployment server\n\nRelated security bulletins:\n\nFor System Management Homepage please see Security bulletin HPSBMU03051 https\n://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04\n345210\n\nFor HP Version Control Agent please see Security bulletin HPSBMU03057 https:/\n/h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c0434\n9897\n\nHISTORY\nVersion:1 (rev.1) - 8 August 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlPk9ewACgkQ4B86/C0qfVn1/gCfR2U/mZZXYwPms9ptZcBTua/5\nMoQAn1qlQ3kmLRs7YFN5GzwBTRfSK5Go\n=r0qe\n-----END PGP SIGNATURE-----\n. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.1h-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-5298\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5298\n[ 2 ] CVE-2014-0195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0195\n[ 3 ] CVE-2014-0198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0198\n[ 4 ] CVE-2014-0221\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0221\n[ 5 ] CVE-2014-0224\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0224\n[ 6 ] CVE-2014-3470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3470\n[ 7 ] OpenSSL Security Advisory [05 Jun 2014]\n http://www.openssl.org/news/secadv_20140605.txt\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201407-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Summary\n\n VMware product updates address OpenSSL security vulnerabilities. \n\n2. Problem Description\n\n a. \n\n OpenSSL libraries have been updated in multiple products to\n versions 0.9.8za and 1.0.1h in order to resolve multiple security\n issues. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n\n has assigned the names CVE-2014-0224, CVE-2014-0198, \n CVE-2010-5298, CVE-2014-3470, CVE-2014-0221 and CVE-2014-0195 to\n these issues. The most important of these issues is \n CVE-2014-0224. \n\n CVE-2014-0198, CVE-2010-5298 and CVE-2014-3470 are considered to\n be of moderate severity. Exploitation is highly unlikely or is\n mitigated due to the application configuration. \n\n CVE-2014-0221 and CVE-2014-0195, which are listed in the OpenSSL \n Security Advisory (see Reference section below), do not affect\n any VMware products. For readability\n the affected products have been split into 3 tables below, \n based on the different client-server configurations and\n deployment scenarios. Applying these patches to \n affected servers will mitigate the affected clients (See Table 1\n below). \n\n Clients that communicate over untrusted networks such as public\n Wi-Fi and communicate to a server running a vulnerable version of \n OpenSSL 1.0.1. can be mitigated by using a secure network such as \n VPN (see Table 2 below). \n \n Clients and servers that are deployed on an isolated network are\n less exposed to CVE-2014-0224 (see Table 3 below). The affected\n products are typically deployed to communicate over the\n management network. \n\n RECOMMENDATIONS\n\n VMware recommends customers evaluate and deploy patches for\n affected Servers in Table 1 below as these patches become\n available. Patching these servers will remove the ability to\n exploit the vulnerability described in CVE-2014-0224 on both\n clients and servers. VMware recommends customers consider \n applying patches to products listed in Table 2 \u0026 3 as required. \n\n Column 4 of the following tables lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n ESXi 5.5 ESXi ESXi550-\n 201406401-SG \n\n Big Data Extensions 1.1 patch pending \n Charge Back Manager 2.6 patch pending \n\n Horizon Workspace Server \n GATEWAY 1.8.1 patch pending \n Horizon Workspace Server \n GATEWAY 1.5 patch pending \n\n Horizon Workspace Server \n DATA 1.8.1 patch pending \n\n Horizon Mirage Edge Gateway 4.4.2 patch pending \n Horizon View 5.3.1 patch pending \n\n Horizon View Feature Pack 5.3 SP2 patch pending \n\n NSX for Multi-Hypervisor 4.1.2 patch pending \n NSX for Multi-Hypervisor 4.0.3 patch pending \n NSX for vSphere 6.0.4 patch pending \n NVP 3.2.2 patch pending \n vCAC 6.0.1 patch pending \n\n vCloud Networking and Security 5.5.2 \t\t patch pending \n vCloud Networking and Security 5.1.2 \t\t patch pending \n\n vFabric Web Server 5.3.4 patch pending \n\n vCHS - DPS-Data Protection 2.0 patch pending \n Service\n\n Table 2\n ========\n Affected clients running a vulnerable version of OpenSSL 0.9.8 \n or 1.0.1 and communicating over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCSA 5.5 patch pending \n vCSA 5.1 patch pending \n vCSA 5.0 patch pending \n\n\n ESXi 5.1 ESXi patch pending \n ESXi 5.0 ESXi patch pending \n\n Workstation 10.0.2 any patch pending \n Workstation 9.0.3 any patch pending \n Fusion 6.x OSX patch pending \n Fusion 5.x OSX patch pending \n Player 10.0.2 any patch pending \n Player 9.0.3 any patch pending \n\n Chargeback Manager 2.5.x patch pending \n\n Horizon Workspace Client for 1.8.1 OSX patch pending \n Mac\n Horizon Workspace Client for 1.5 OSX patch pending \n Mac\n Horizon Workspace Client for 1.8.1 Windows patch pending \n Windows \n Horizon Workspace Client for 1.5 Windows patch pending \n\n OVF Tool 3.5.1 patch pending \n OVF Tool 3.0.1 patch pending \n\n vCenter Operations Manager 5.8.1 patch pending \n\n vCenter Support Assistant 5.5.0 patch pending \n vCenter Support Assistant 5.5.1 patch pending \n \n vCD 5.1.2 patch pending \n vCD 5.1.3 patch pending \n vCD 5.5.1.1 patch pending \n vCenter Site Recovery Manager 5.0.3.1 patch pending \n\n Table 3\n =======\n The following table lists all affected clients running a\n vulnerable version of OpenSSL 0.9.8 or 1.0.1 and communicating\n over an untrusted network. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch \n ============== ======= ======= =============\n vCenter Server 5.5 any patch pending\n vCenter Server 5.1 any patch pending\n vCenter Server 5.0 any patch pending\n\n Update Manager 5.5 Windows patch pending\n Update Manager 5.1 Windows patch pending\n Update Manager 5.0 Windows patch pending \n\n Config Manager (VCM) 5.6 patch pending \n\n Horizon View Client 5.3.1 patch pending \n Horizon View Client 4.x patch pending\n Horizon Workspace 1.8.1 patch pending \n Horizon Workspace 1.5 patch pending \n \n \n ITBM Standard 1.0.1 patch pending \n ITBM Standard 1.0 patch pending \n \n Studio 2.6.0.0 patch pending \n \n Usage Meter 3.3 patch pending \n vCenter Chargeback Manager 2.6 patch pending \n vCenter Converter Standalone 5.5 patch pending \n vCenter Converter Standalone 5.1 patch pending \n vCD (VCHS) 5.6.2 patch pending \n \n vCenter Site Recovery Manager 5.5.1 patch pending \n vCenter Site Recovery Manager 5.1.1 patch pending\n\n vFabric Application Director 5.2.0 patch pending \n vFabric Application Director 5.0.0 patch pending \n View Client 5.3.1 patch pending \n View Client 4.x patch pending\n VIX API 5.5 patch pending \n VIX API 1.12 patch pending \n \n vMA (Management Assistant) 5.1.0.1 patch pending \n \n\n VMware Data Recovery 2.0.3 patch pending \n \n VMware vSphere CLI 5.5 patch pending \n \n vSphere Replication 5.5.1 patch pending \n vSphere Replication 5.6 patch pending \n vSphere SDK for Perl 5.5 patch pending \n vSphere Storage Appliance 5.5.1 patch pending \n vSphere Storage Appliance 5.1.3 patch pending \n vSphere Support Assistant 5.5.1 patch pending \n vSphere Support Assistant 5.5.0 patch pending\n vSphere Virtual Disk 5.5 patch pending \n Development Kit \n vSphere Virtual Disk 5.1 patch pending \n Development Kit\n vSphere Virtual Disk 5.0 patch pending \n Development Kit\n \n 4. Solution\n\n ESXi 5.5\n ----------------------------\n\n Download:\n https://www.vmware.com/patchmgr/download.portal\n\n Release Notes and Remediation Instructions:\n http://kb.vmware.com/kb/2077359\n\n 5. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470\n \n https://www.openssl.org/news/secadv_20140605.txt\n\n- -----------------------------------------------------------------------\n\n6. Change Log\n\n 2014-06-10 VMSA-2014-0006\n Initial security advisory in conjunction with the release of\n ESXi 5.5 updates on 2014-06-10\n\n- -----------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n security-announce at lists.vmware.com\n bugtraq at securityfocus.com\n fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. The\nupdates are available from the following location using ftp:\n\nftp://srt03046:Secure12@ftp.usa.hp.com\n\nUser name: srt03046\nPassword: Secure12 ( NOTE: Case sensitive)\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08za.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08za or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. OpenSSL Security Advisory [05 Jun 2014]\n========================================\n\nSSL/TLS MITM vulnerability (CVE-2014-0224)\n===========================================\n\nAn attacker using a carefully crafted handshake can force the use of weak\nkeying material in OpenSSL SSL/TLS clients and servers. This can be exploited\nby a Man-in-the-middle (MITM) attack where the attacker can decrypt and \nmodify traffic from the attacked client and server. \n\nThe attack can only be performed between a vulnerable client *and*\nserver. Users\nof OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. \n\nOpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za. \nOpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m. \nOpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h. \n\nThanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and\nresearching this issue. This issue was reported to OpenSSL on 1st May\n2014 via JPCERT/CC. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team partly based\non an original patch from KIKUCHI Masashi. \n\nDTLS recursion flaw (CVE-2014-0221)\n====================================\n\nBy sending an invalid DTLS handshake to an OpenSSL DTLS client the code\ncan be made to recurse eventually crashing in a DoS attack. \n\nOnly applications using OpenSSL as a DTLS client are affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. This\nissue was reported to OpenSSL on 9th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nDTLS invalid fragment vulnerability (CVE-2014-0195)\n====================================================\n\nA buffer overrun attack can be triggered by sending invalid DTLS fragments\nto an OpenSSL DTLS client or server. \n\nOnly applications using OpenSSL as a DTLS client or server affected. \n\nOpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za\nOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h. \n\nThanks to J\u00fcri Aedla for reporting this issue. This issue was\nreported to OpenSSL on 23rd April 2014 via HP ZDI. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nSSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198)\n=================================================================\n\nA flaw in the do_ssl3_write function can allow remote attackers to\ncause a denial of service via a NULL pointer dereference. This flaw\nonly affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is\nenabled, which is not the default and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. The fix was developed by\nMatt Caswell of the OpenSSL development team. \n\nSSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)\n===============================================================================\n \nA race condition in the ssl3_read_bytes function can allow remote\nattackers to inject data across sessions or cause a denial of service. \nThis flaw only affects multithreaded applications using OpenSSL 1.0.0\nand 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the\ndefault and not common. \n\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThis issue was reported in public. \n\nAnonymous ECDH denial of service (CVE-2014-3470)\n================================================\n\nOpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a\ndenial of service attack. \n\nOpenSSL 0.9.8 users should upgrade to 0.9.8za\nOpenSSL 1.0.0 users should upgrade to 1.0.0m. \nOpenSSL 1.0.1 users should upgrade to 1.0.1h. \n\nThanks to Felix Gr\u00f6bert and Ivan Fratri\u0107 at Google for discovering this\nissue. This issue was reported to OpenSSL on 28th May 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\nOther issues\n============\n\nOpenSSL 1.0.0m and OpenSSL 0.9.8za also contain a fix for\nCVE-2014-0076: Fix for the attack described in the paper \"Recovering\nOpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack\"\nReported by Yuval Yarom and Naomi Benger. This issue was previously\nfixed in OpenSSL 1.0.1g. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20140605.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Storage Server 2.1 - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library. (CVE-2014-0195)\n\nMultiple flaws were found in the way OpenSSL handled read and write buffers\nwhen the SSL_MODE_RELEASE_BUFFERS mode was enabled. A specially crafted DTLS handshake packet could cause\na DTLS client using OpenSSL to crash. A specially\ncrafted handshake packet could cause a TLS/SSL client that has the\nanonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)\n\nRed Hat would like to thank the OpenSSL project for reporting these issues. \nUpstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter\nof CVE-2014-0224, J\u00fcri Aedla as the original reporter of CVE-2014-0195,\nImre Rad of Search-Lab as the original reporter of CVE-2014-0221, and Felix\nGr\u00f6bert and Ivan Fratri\u0107 of Google as the original reporters of\nCVE-2014-3470. For the update to take\neffect, all services linked to the OpenSSL library (such as httpd and other\nSSL-enabled services) must be restarted or the system rebooted. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Package List:\n\nRed Hat Storage Server 2.1:\n\nSource:\nopenssl-1.0.1e-16.el6_5.14.src.rpm\n\nx86_64:\nopenssl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-debuginfo-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-devel-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-perl-1.0.1e-16.el6_5.14.x86_64.rpm\nopenssl-static-1.0.1e-16.el6_5.14.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0195",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-14-173",
"trust": 2.1
},
{
"db": "BID",
"id": "67900",
"trust": 1.4
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59587",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58883",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59895",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030337",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU93868849",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2304",
"trust": 0.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0195",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127018",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127630",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127045",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127086",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126961",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126930",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"id": "VAR-201406-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.40652013894736844
},
"last_update_date": "2024-07-23T21:11:52.075000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DTLS invalid fragment vulnerability (CVE-2014-0195)",
"trust": 1.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443"
},
{
"title": "HT6443",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht6443?viewlocale=ja_jp"
},
{
"title": "KB36051",
"trust": 0.8,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://fedoraproject.org/ja/"
},
{
"title": "Multiple Vulnerabilities in OpenSSL",
"trust": 0.8,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"title": "HIRT-PUB14010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/hirt/publications/hirt-pub14010/index.html"
},
{
"title": "HPSBHF03293 SSRT101846",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04595951"
},
{
"title": "Once Bled, Twice Shy (OpenSSL: CVE-2014-0195)",
"trust": 0.8,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/once-bled-twice-shy-openssl-cve-2014-0195/ba-p/6501048#.u5ulr1scgdu"
},
{
"title": "ZDI-14-173/CVE-2014-0195 - OpenSSL DTLS Fragment Out-of-Bounds Write: Breaking up is hard to do",
"trust": 0.8,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/zdi-14-173-cve-2014-0195-openssl-dtls-fragment-out-of-bounds/ba-p/6501002#.u5ulsvscgdu"
},
{
"title": "1673137",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"title": "1676035",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"title": "1676062",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"title": "1676419",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"title": "1677695",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"title": "1677828",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"title": "1676128",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"title": "1678167",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"title": "00001841",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"title": "1678289",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"title": "00001843",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"title": "2079783",
"trust": 0.8,
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_us\u0026cmd=displaykc\u0026externalid=2079783"
},
{
"title": "SB10075",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"title": "Fix for CVE-2014-0195",
"trust": 0.8,
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2015 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2014",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2014 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html"
},
{
"title": "Bug 1103598",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103598"
},
{
"title": "SA80",
"trust": 0.8,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"title": "Huawei-SA-20140613-OpenSSL",
"trust": 0.8,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"title": "SOL15356: OpenSSL vulnerability CVE-2014-0195",
"trust": 0.8,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html"
},
{
"title": "January 2015 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2015_critical_patch_update"
},
{
"title": "CVE-2014-0195 Buffer Errors vulnerability in OpenSSL",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0195_buffer_errors"
},
{
"title": "VMSA-2014-0012",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"title": "OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224\u4ed6)\u306b\u3088\u308b\u30c6\u30fc\u30d7\u30e9\u30a4\u30d6\u30e9\u30ea\u88c5\u7f6e\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/openssl_cve20140224_tape_library.html"
},
{
"title": "cisco-sa-20140605-openssl",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1122/1122700_cisco-sa-20140605-openssl-j.html"
},
{
"title": "Symfoware Server: OpenSSL\u306e\u8106\u5f31\u6027(CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470)(2014\u5e747\u670815\u65e5)",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/symfoware_201404.html"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/07/25/how_long_is_too_long_to_wait_for_a_security_update/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/06/thanks_for_nothing_openssl_cries_stonewalled_de_raadt/"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2014/06/05/openssl_bug_batch/"
},
{
"title": "Red Hat: CVE-2014-0195",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2014-0195"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-3"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2014-349"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4a692d6d60aa31507cb101702b494c51"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "CVE-2014-0195",
"trust": 0.1,
"url": "https://github.com/ricedu/cve-2014-0195 "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/securityrouter/changelog "
},
{
"title": "changelog",
"trust": 0.1,
"url": "https://github.com/halon/changelog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/potterxma/linux-deployment-standard "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/sf4bin/seeker_dataset "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 1.4,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.4,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15356.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.4,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.4,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.4,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 1.4,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.4,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.4,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.1,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/once-bled-twice-shy-openssl-cve-2014-0195/ba-p/6501048"
},
{
"trust": 1.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103598"
},
{
"trust": 1.1,
"url": "http://h30499.www3.hp.com/t5/hp-security-research-blog/zdi-14-173-cve-2014-0195-openssl-dtls-fragment-out-of-bounds/ba-p/6501002"
},
{
"trust": 1.1,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59587"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58883"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59895"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140499827729550\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.1,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030337"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/67900"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=1632ef744872edc2aa2a53d487d3e79c965a4ad3"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0195"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93868849/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0195"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www.cerberusftp.com/products/releasenotes.html"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0195_buffer_errors"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/84"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368523"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-173/"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0224"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3470"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/ricedu/cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0195"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34546"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2232-3/"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1356843"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.21"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-4"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0221"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-f6c141a7feeb4a358bbb28300f"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-bd9a1cf60e344c549c4888db93"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-3395d737d98f42149125b9bb05"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-c0d32bac154a4d93839d8cd1f2"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-8aefeaf490284a7691eca97d13"
},
{
"trust": 0.1,
"url": "http://www.hp.com/swpublishing/mtx-e8076c2a35804685ad65b2b1ba"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3470"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0221"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0224"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0195"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5298"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2077359"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0198"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/patchmgr/download.portal"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0224.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0198.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/solutions/906703"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2010-5298.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0628.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-3470.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0221.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0195.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"db": "BID",
"id": "67900"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"db": "PACKETSTORM",
"id": "127917"
},
{
"db": "PACKETSTORM",
"id": "127018"
},
{
"db": "PACKETSTORM",
"id": "127807"
},
{
"db": "PACKETSTORM",
"id": "127630"
},
{
"db": "PACKETSTORM",
"id": "127045"
},
{
"db": "PACKETSTORM",
"id": "127086"
},
{
"db": "PACKETSTORM",
"id": "126961"
},
{
"db": "PACKETSTORM",
"id": "126930"
},
{
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67900"
},
{
"date": "2014-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"date": "2014-08-18T23:09:13",
"db": "PACKETSTORM",
"id": "127917"
},
{
"date": "2014-06-10T17:34:04",
"db": "PACKETSTORM",
"id": "127018"
},
{
"date": "2014-08-08T21:53:16",
"db": "PACKETSTORM",
"id": "127807"
},
{
"date": "2014-07-28T20:36:25",
"db": "PACKETSTORM",
"id": "127630"
},
{
"date": "2014-06-11T23:18:46",
"db": "PACKETSTORM",
"id": "127045"
},
{
"date": "2014-06-13T13:31:32",
"db": "PACKETSTORM",
"id": "127086"
},
{
"date": "2014-06-05T21:13:52",
"db": "PACKETSTORM",
"id": "126961"
},
{
"date": "2014-06-05T15:19:35",
"db": "PACKETSTORM",
"id": "126930"
},
{
"date": "2014-06-05T21:55:06.147000",
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-14-173"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0195"
},
{
"date": "2017-05-23T16:25:00",
"db": "BID",
"id": "67900"
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002765"
},
{
"date": "2023-11-07T02:18:11.613000",
"db": "NVD",
"id": "CVE-2014-0195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "67900"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of d1_both.c of dtls1_reassemble_fragment Vulnerability in arbitrary code execution in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002765"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "67900"
}
],
"trust": 0.3
}
}
VAR-201710-0211
Vulnerability from variot - Updated: 2024-07-23 21:10Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. Exploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: wpa_supplicant security update Advisory ID: RHSA-2017:2907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2907 Issue date: 2017-10-17 CVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 =====================================================================
- Summary:
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Red Hat would like to thank CERT for reporting these issues. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter of these issues. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
aarch64: wpa_supplicant-2.6-5.el7_4.1.aarch64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm
ppc64: wpa_supplicant-2.6-5.el7_4.1.ppc64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm
ppc64le: wpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm
s390x: wpa_supplicant-2.6-5.el7_4.1.s390x.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: wpa_supplicant-2.6-5.el7_4.1.src.rpm
x86_64: wpa_supplicant-2.6-5.el7_4.1.x86_64.rpm wpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-13077 https://access.redhat.com/security/cve/CVE-2017-13078 https://access.redhat.com/security/cve/CVE-2017-13080 https://access.redhat.com/security/cve/CVE-2017-13082 https://access.redhat.com/security/cve/CVE-2017-13086 https://access.redhat.com/security/cve/CVE-2017-13087 https://access.redhat.com/security/cve/CVE-2017-13088 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kracks
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9
AirPort Base Station Firmware Update 7.7.9 is now available and addresses the following:
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Firmware version 7.7.9 is installed on AirPort Extreme or AirPort Time Capsule base stations with 802.11ac using AirPort Utility for Mac or iOS.
AirPort Utility for Mac is a free download from https://support.apple.com/downloads/ and AirPort Utility for iOS is a free download from the App Store. CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Installation note:
Wi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software Update for Windows. ========================================================================== Ubuntu Security Notice USN-3455-1 October 16, 2017
wpa vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant.
Software Description: - wpa: client support for WPA and WPA2
Details:
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476)
Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: hostapd 2.4-0ubuntu9.1 wpasupplicant 2.4-0ubuntu9.1
Ubuntu 16.04 LTS: hostapd 2.4-0ubuntu6.2 wpasupplicant 2.4-0ubuntu6.2
Ubuntu 14.04 LTS: hostapd 2.1-0ubuntu1.5 wpasupplicant 2.1-0ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201711-03
https://security.gentoo.org/
Severity: Normal Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks Date: November 10, 2017 Bugs: #634436, #634438 ID: 201711-03
Synopsis
A flaw was discovered in the 4-way handshake in hostapd and wpa_supplicant that allows attackers to conduct a Man in the Middle attack.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-wireless/hostapd < 2.6-r1 >= 2.6-r1 2 net-wireless/wpa_supplicant < 2.6-r3 >= 2.6-r3 ------------------------------------------------------------------- 2 affected packages
Description
WiFi Protected Access (WPA and WPA2) and it's associated technologies are all vulnerable to the KRACK attacks. Please review the referenced CVE identifiers for details.
Impact
An attacker can carry out the KRACK attacks on a wireless network in order to gain access to network clients. Once achieved, the attacker can potentially harvest confidential information (e.g. HTTP/HTTPS), inject malware, or perform a myriad of other attacks.
Workaround
There is no known workaround at this time.
Resolution
All hostapd users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/hostapd-2.6-r1"
All wpa_supplicant users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=net-wireless/wpa_supplicant-2.6-r3"
References
[ 1 ] CVE-2017-13077 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077 [ 2 ] CVE-2017-13078 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078 [ 3 ] CVE-2017-13079 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079 [ 4 ] CVE-2017-13080 . 6) - i386, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
============================================================================= FreeBSD-SA-17:07.wpa Security Advisory The FreeBSD Project
Topic: WPA2 protocol vulnerability
Category: contrib Module: wpa Announced: 2017-10-16 Credits: Mathy Vanhoef Affects: All supported versions of FreeBSD. Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE) 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2) 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13) 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE) 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1) 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22) CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
- Revision history
v1.0 2017-10-17 Initial release. v1.1 2017-10-19 Add patches for 10.x releases.
I.
hostapd and wpa_supplicant are implementations of user space daemon for access points and wireless client that implements the WPA2 protocol.
II. Problem Description
A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.
III. Impact
Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.
IV. Workaround
An updated version of wpa_supplicant is available in the FreeBSD Ports Collection. Install version 2.6_2 or later of the security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf to use the new binary:
wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"
and restart networking.
An updated version of hostapd is available in the FreeBSD Ports Collection. Install version 2.6_1 or later of the net/hostapd port/pkg. Once installed, update /etc/rc.conf to use the new binary:
hostapd_program="/usr/local/sbin/hostapd"
and restart hostapd.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
Restart the Wi-Fi network interfaces/hostapd or reboot the system.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
gpg --verify wpa-11.patch.asc
[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
gpg --verify wpa-10.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as described in .
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/11/ r324697 releng/11.0/ r324698 releng/11.1/ r324699 stable/10/ r324739 releng/10.3/ r324740 releng/10.4/ r324741
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/ F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM 4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0 VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE= =h/5q -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. This update includes patches to mitigate the WPA2 protocol issues known as "KRACK" (Key Reinstallation AttaCK), which may be used to decrypt data, hijack TCP connections, and to forge and inject packets. CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it. For more information, see: https://www.krackattacks.com/ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: f25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz
Slackware 14.1 package: 15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz
Slackware 14.2 package: c5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz
Slackware -current package: 28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz
Slackware x86_64 -current package: 464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-0211",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.6,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "*"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.8"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.11"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.7"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.5"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "openstack cloud",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.0"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.11"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.2"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.3"
},
{
"model": "linux enterprise point of sale",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "1.1"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.7.3"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.5.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.8"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "17.04"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.2.6"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.4.10"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.6.10"
},
{
"model": "hostapd",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.4"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "0.3.9"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 1.0,
"vendor": "w1 fi",
"version": "2.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "9front",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adtran",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "actiontec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aerohive",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "arch linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aruba",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "barracuda",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "broadcom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "centos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cradlepoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cypress semiconductor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "d link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "draytek",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "edimax computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engenius",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "endian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "espressif",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "extreme",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hostap",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ipfire",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lancom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lede",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lifx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mojo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nest",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netgear",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opnsense",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omnirom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "open mesh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "peplink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverbed",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rockwell automation",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruckus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sierra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sophos",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "technicolor",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "texas instruments",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba commerce",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba electronic devices storage",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "toshiba memory",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turris omnia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubiquiti",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "volumio",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "watchguard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xiaomi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xirrus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zebra",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "zyxel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dd wrt",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "eero",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pfsense",
"version": null
},
{
"model": "ubuntu",
"scope": null,
"trust": 0.8,
"vendor": "canonical",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "leap",
"scope": null,
"trust": 0.8,
"vendor": "opensuse",
"version": null
},
{
"model": "linux enterprise desktop",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise point of sale",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise server",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "openstack cloud",
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": "hostapd",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "wpa supplicant",
"scope": null,
"trust": 0.8,
"vendor": "w1 fi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "edge gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "sr-m20ac1",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "sr-m20ac2",
"scope": "lte",
"trust": 0.8,
"vendor": "fujitsu",
"version": "v02.10"
},
{
"model": "alliance wi-fi protected access 2",
"scope": null,
"trust": 0.6,
"vendor": "wi fi",
"version": null
},
{
"model": "scalance w-700",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux desktop",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "linux server",
"version": "11"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.1"
},
{
"model": "pyxis supplystation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "sinamics smart access module",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "v200"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.27.3264"
},
{
"model": "meraki mr34",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ck71a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2.0"
},
{
"model": "macbook air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18500"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.0"
},
{
"model": "meraki mr26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28000"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr84",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "510x0"
},
{
"model": "windows server r2 for itanium-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "contact itc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "81130"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.0.0"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr18",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.3"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "secure ii med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "210x0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "aironet access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "wap371 wireless-ac n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "contact rad-80211-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "contact fl wlan dap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.25"
},
{
"model": "pyxis medstation es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88210"
},
{
"model": "pyxis stockstation system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "macbook",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10.9.2"
},
{
"model": "scalance wlc712",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "contact fl wlan spa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "meraki mr62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic et200 pro im154-6 pn iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "tropos broadband mesh routers and bridges",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.2"
},
{
"model": "meraki mr33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "micros handheld terminal",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.2"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "atom processor c3200 series for yocto project bsp mr4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.0"
},
{
"model": "contact fl wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "110x0"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3002"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.4"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": "contact fl comserver wlan",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "232/422/4850"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.8"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7."
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1.91.3272"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.9"
},
{
"model": "contact fl wlan ap",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "230802-110"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.1"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "meraki mr14",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18150"
},
{
"model": "wireless client bridge 2.0.0.1-aruba501-b00",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.2"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr16",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clarity engine",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0"
},
{
"model": "meraki mr30h",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "windows server r2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20120"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0"
},
{
"model": "contact bl2 bpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "enterprise linux for ibm z systems",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "ruggedcom rx1400",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "cn70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1015110"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "pyxis parx handheld",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.10"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.40.100"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3"
},
{
"model": "windows rt",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.1"
},
{
"model": "meraki mr42",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.6"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.3"
},
{
"model": "wap561 wireless-n dual radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.26.3000"
},
{
"model": "instantos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "11.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2016"
},
{
"model": "contact rad-whg/wlan-xd",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726018.33.9.3"
},
{
"model": "wi-fi update for boot camp",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.4.0"
},
{
"model": "suremark printer 2nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.1"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.2"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "enterprise linux for power little endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.0.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "windows server for x64-based systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "pyxis supply roller",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
},
{
"model": "telepresence collaboration endpoint",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2.61.3535"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "70xx0"
},
{
"model": "imac",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "meraki mr72",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "enterprise linux for power little endian extended update supp",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.25.3001"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "8.1.0.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.2"
},
{
"model": "meraki mr53",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "wap551 wireless-n single radio selectable band access point",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.2"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.0.0"
},
{
"model": "wap121 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.5"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.6.0.1000"
},
{
"model": "wireless client bridge 1.0.1.3-hp501-b0012",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "501"
},
{
"model": "i.roc ci70-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.0.0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.1"
},
{
"model": "cn70e-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726018.0.0.0"
},
{
"model": "meraki mr24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "suremark printer 1nr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "50xx0"
},
{
"model": "meraki mr74",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ex-handy",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "090"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.15"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.20"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "726519.51.7.1"
},
{
"model": "systems esp32",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "enterprise linux server extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "micros handheld terminal 2.03.0.0.021r",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "38000"
},
{
"model": "pyxis parx",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "dx70",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1.9"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2141"
},
{
"model": "pyxis anesthesia es",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "aironet series officeextend access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18100"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10.9.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.55.3000"
},
{
"model": "windows for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "8.10"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "meraki mr66",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6"
},
{
"model": "intouch critical care bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "2131"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.1.2"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "18300"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.6"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10.0.0.50.1004"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "wap321 wireless-n access point with single point setup",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "simatic iwlan-pb/link",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "aironet 1810w series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "meraki mr52",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.5"
},
{
"model": "meraki mr12",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "airmesh msr",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.7.20"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "contact fl wlan ec",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "24802-110"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.2.4.8"
},
{
"model": "systems esp8266",
"scope": "eq",
"trust": 0.3,
"vendor": "espressif",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "pad-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.0.0.1205"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88610"
},
{
"model": "clarity engine",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "1.0.0.1"
},
{
"model": "aironet series access points",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15600"
},
{
"model": "windows for 32-bit systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3.1.5"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.8"
},
{
"model": "windows for x64-based systems sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "7"
},
{
"model": "enterprise linux for ibm z systems extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "meraki mr58",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for 32-bit systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316519.10.9.2"
},
{
"model": "pyxis parassist system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "0"
},
{
"model": "windows server for 32-bit systems sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2008"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "4.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7.0"
},
{
"model": "simatic mobile panel 277 iwlan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "pyxis medstation t2",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "826020.0.2.3"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316519.51.0.0"
},
{
"model": "wi-fi update for boot camp",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "enterprise linux server update services for sap solutions",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "contact vmt",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "30xx0"
},
{
"model": "enterprise linux for power big endian",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "wpa supplicant",
"scope": "eq",
"trust": 0.3,
"vendor": "w1 f1",
"version": "2.6"
},
{
"model": "wireless client bridge",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "5010"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "11.5"
},
{
"model": "meraki mr11",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "40000"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "pyxis anesthesia system",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "35000"
},
{
"model": "automation stratix 15.3 jc1",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "5100"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "pyxis ciisafe workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "??0"
},
{
"model": "enterprise linux for power big endian extended update support",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "-7.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.7"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.0.0"
},
{
"model": "ipad air",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "7.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux for scientific computing",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8.1.71.3608"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.1.41.3024"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.2.1"
},
{
"model": "enterprise linux eus compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "dx80",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.0"
},
{
"model": "contact bl2 ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "contact tpc",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "60130"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.1"
},
{
"model": "ck70a-atex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316819.51.7.20"
},
{
"model": "macbook pro",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316819.10"
},
{
"model": "windows for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "100"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.8"
},
{
"model": "active management technology",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.4"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "826520.0.2.2"
},
{
"model": "dual band wireless-ac",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "316018.33.9.3"
},
{
"model": "tab-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "010"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.3.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macmini",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.4.16"
},
{
"model": "contact fl wlan epa",
"scope": "eq",
"trust": 0.3,
"vendor": "phoenix",
"version": "0"
},
{
"model": "airport time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "alliance wpa2 (wi-fi protected access",
"scope": "eq",
"trust": 0.3,
"vendor": "wi fi",
"version": "2)0"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.9"
},
{
"model": "scalance wlc711",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "ruggedcom rs9xxw",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.15"
},
{
"model": "networks unifi access point",
"scope": "eq",
"trust": 0.3,
"vendor": "ubiquiti",
"version": "0"
},
{
"model": "suremark printer 2cr",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "4610"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88650"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "airport base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.7.7"
},
{
"model": "instantos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.5.4"
},
{
"model": "asa 5506w-x w/ firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1016070"
},
{
"model": "airport base station",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.6.9"
},
{
"model": "s3 med-surg bed",
"scope": "eq",
"trust": 0.3,
"vendor": "stryker",
"version": "3005"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "316018.0.0.0"
},
{
"model": "smart-ex",
"scope": "eq",
"trust": 0.3,
"vendor": "pepperl fuchs",
"version": "2010"
},
{
"model": "windows version for x64-based systems",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1017030"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "14.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "16.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ubuntu linux",
"version": "17.04"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "debian linux",
"version": "9.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "10.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "freebsd",
"version": "11.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "leap",
"version": "42.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux desktop",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hostapd",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.2.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.3.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.4.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.5.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.6.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "0.7.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wpa supplicant",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux point of sale",
"version": "11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "linux server",
"version": "12"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openstack cloud",
"version": "6"
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathy Vanhoef from imec-DistriNet and KU Leuven.",
"sources": [
{
"db": "BID",
"id": "101274"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.9
},
"cve": "CVE-2017-13078",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13078",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "CNVD-2017-30405",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 5.5,
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-13078",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13078",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-30405",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201710-381",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13078",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or \"KRACK\" attacks. WPA (Wi-Fi Protected Access) is a system that protects wireless computer networks (Wi-Fi). The WPA2 wireless network has a GTK group key reload vulnerability in the fourth handshake. WPA2 is prone to multiple security weaknesses. \nExploiting these issues may allow an unauthorized user to intercept and manipulate data or disclose sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: wpa_supplicant security update\nAdvisory ID: RHSA-2017:2907-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2907\nIssue date: 2017-10-17\nCVE Names: CVE-2017-13077 CVE-2017-13078 CVE-2017-13080 \n CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 \n CVE-2017-13088 \n=====================================================================\n\n1. Summary:\n\nAn update for wpa_supplicant is now available for Red Hat Enterprise Linux\n7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe wpa_supplicant packages contain an 802.1X Supplicant with support for\nWEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication\nmethods. They implement key negotiation with a WPA Authenticator for client\nstations and controls the roaming and IEEE 802.11 authentication and\nassociation of the WLAN driver. A remote attacker within Wi-Fi range\ncould exploit these attacks to decrypt Wi-Fi traffic or possibly inject\nforged Wi-Fi packets by manipulating cryptographic handshakes used by the\nWPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nRed Hat would like to thank CERT for reporting these issues. Upstream\nacknowledges Mathy Vanhoef (University of Leuven) as the original reporter\nof these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\naarch64:\nwpa_supplicant-2.6-5.el7_4.1.aarch64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.aarch64.rpm\n\nppc64:\nwpa_supplicant-2.6-5.el7_4.1.ppc64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64.rpm\n\nppc64le:\nwpa_supplicant-2.6-5.el7_4.1.ppc64le.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.ppc64le.rpm\n\ns390x:\nwpa_supplicant-2.6-5.el7_4.1.s390x.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.s390x.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nwpa_supplicant-2.6-5.el7_4.1.src.rpm\n\nx86_64:\nwpa_supplicant-2.6-5.el7_4.1.x86_64.rpm\nwpa_supplicant-debuginfo-2.6-5.el7_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-13077\nhttps://access.redhat.com/security/cve/CVE-2017-13078\nhttps://access.redhat.com/security/cve/CVE-2017-13080\nhttps://access.redhat.com/security/cve/CVE-2017-13082\nhttps://access.redhat.com/security/cve/CVE-2017-13086\nhttps://access.redhat.com/security/cve/CVE-2017-13087\nhttps://access.redhat.com/security/cve/CVE-2017-13088\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kracks\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-12-12-2 AirPort Base Station Firmware Update 7.7.9\n\nAirPort Base Station Firmware Update 7.7.9 is now available and\naddresses the following:\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker within range may be able to execute arbitrary\ncode on the Wi-Fi chip\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2017-9417: Nitay Artenstein of Exodus Intelligence\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nunicast/PTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\nCVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nAirPort Base Station Firmware\nAvailable for: AirPort Extreme and AirPort Time Capsule base stations\nwith 802.11ac\nImpact: An attacker in Wi-Fi range may force nonce reuse in WPA\nmulticast/GTK clients (Key Reinstallation Attacks - KRACK)\nDescription: A logic issue existed in the handling of state\ntransitions. This was addressed with improved state management. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU\nLeuven\n\nInstallation note:\n\nFirmware version 7.7.9 is installed on AirPort Extreme or\nAirPort Time Capsule base stations with 802.11ac using\nAirPort Utility for Mac or iOS. \n\nAirPort Utility for Mac is a free download from\nhttps://support.apple.com/downloads/ and AirPort Utility for iOS\nis a free download from the App Store. \nCVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at\nKU Leuven\n\nInstallation note:\n\nWi-Fi Update for Boot Camp 6.4.0 may be obtained from Apple Software\nUpdate for Windows. ==========================================================================\nUbuntu Security Notice USN-3455-1\nOctober 16, 2017\n\nwpa vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in wpa_supplicant. \n\nSoftware Description:\n- wpa: client support for WPA and WPA2\n\nDetails:\n\nMathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A remote attacker could use\nthis issue to cause a denial of service. (CVE-2016-4476)\n\nImre Rad discovered that wpa_supplicant and hostapd incorrectly handled\ninvalid characters in passphrase parameters. A local attacker could use\nthis issue to cause a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-4477)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n hostapd 2.4-0ubuntu9.1\n wpasupplicant 2.4-0ubuntu9.1\n\nUbuntu 16.04 LTS:\n hostapd 2.4-0ubuntu6.2\n wpasupplicant 2.4-0ubuntu6.2\n\nUbuntu 14.04 LTS:\n hostapd 2.1-0ubuntu1.5\n wpasupplicant 2.1-0ubuntu1.5\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201711-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: hostapd and wpa_supplicant: Key Reinstallation (KRACK)\n attacks\n Date: November 10, 2017\n Bugs: #634436, #634438\n ID: 201711-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nA flaw was discovered in the 4-way handshake in hostapd and\nwpa_supplicant that allows attackers to conduct a Man in the Middle\nattack. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-wireless/hostapd \u003c 2.6-r1 \u003e= 2.6-r1 \n 2 net-wireless/wpa_supplicant\n \u003c 2.6-r3 \u003e= 2.6-r3 \n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nWiFi Protected Access (WPA and WPA2) and it\u0027s associated technologies\nare all vulnerable to the KRACK attacks. Please review the referenced\nCVE identifiers for details. \n\nImpact\n======\n\nAn attacker can carry out the KRACK attacks on a wireless network in\norder to gain access to network clients. Once achieved, the attacker\ncan potentially harvest confidential information (e.g. HTTP/HTTPS),\ninject malware, or perform a myriad of other attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll hostapd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-wireless/hostapd-2.6-r1\"\n\nAll wpa_supplicant users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=net-wireless/wpa_supplicant-2.6-r3\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-13077\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13077\n[ 2 ] CVE-2017-13078\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13078\n[ 3 ] CVE-2017-13079\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13079\n[ 4 ] CVE-2017-13080\n. 6) - i386, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-17:07.wpa Security Advisory\n The FreeBSD Project\n\nTopic: WPA2 protocol vulnerability\n\nCategory: contrib\nModule: wpa\nAnnounced: 2017-10-16\nCredits: Mathy Vanhoef\nAffects: All supported versions of FreeBSD. \nCorrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)\n 2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)\n 2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)\n 2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)\n 2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)\n 2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)\nCVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,\n CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,\n CVE-2017-13086, CVE-2017-13087, CVE-2017-13088\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\n0. Revision history\n\nv1.0 2017-10-17 Initial release. \nv1.1 2017-10-19 Add patches for 10.x releases. \n\nI. \n\nhostapd and wpa_supplicant are implementations of user space daemon for\naccess points and wireless client that implements the WPA2 protocol. \n\nII. Problem Description\n\nA vulnerability was found in how a number of implementations can be\ntriggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by\nreplaying a specific frame that is used to manage the keys. \n\nIII. Impact\n\nSuch reinstallation of the encryption key can result in two different\ntypes of vulnerabilities: disabling replay protection and significantly\nreducing the security of encryption to the point of allowing frames to\nbe decrypted or some parts of the keys to be determined by an attacker\ndepending on which cipher is used. \n\nIV. Workaround\n\nAn updated version of wpa_supplicant is available in the FreeBSD Ports\nCollection. Install version 2.6_2 or later of the\nsecurity/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf\nto use the new binary:\n\nwpa_supplicant_program=\"/usr/local/sbin/wpa_supplicant\"\n\nand restart networking. \n\nAn updated version of hostapd is available in the FreeBSD Ports\nCollection. Install version 2.6_1 or later of the net/hostapd port/pkg. \nOnce installed, update /etc/rc.conf to use the new binary:\n\nhostapd_program=\"/usr/local/sbin/hostapd\"\n\nand restart hostapd. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nRestart the Wi-Fi network interfaces/hostapd or reboot the system. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc\n# gpg --verify wpa-11.patch.asc\n\n[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch\n# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc\n# gpg --verify wpa-10.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in \u003cURL:https://www.FreeBSD.org/handbook/makeworld.html\u003e. \n\nRestart the applicable daemons, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/11/ r324697\nreleng/11.0/ r324698\nreleng/11.1/ r324699\nstable/10/ r324739\nreleng/10.3/ r324740\nreleng/10.4/ r324741\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. References\n\n\u003cURL:https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e\n\u003cURL:https://www.krackattacks.com/\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD\nRjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P\nauc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf\nuJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/\nF/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp\ngN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM\n4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0\nVpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd\nOAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O\ny7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K\nxfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr\nSdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K\nETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=\n=h/5q\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz: Upgraded. \n This update includes patches to mitigate the WPA2 protocol issues known\n as \"KRACK\" (Key Reinstallation AttaCK), which may be used to decrypt data,\n hijack TCP connections, and to forge and inject packets. \n CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT)\n Reassociation Request and reinstalling the pairwise encryption key (PTK-TK)\n while processing it. \n For more information, see:\n https://www.krackattacks.com/\n https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13078\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13079\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13080\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13081\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13082\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13084\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13087\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/wpa_supplicant-2.6-i586-2.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd8ecfaadb50b3547967ab53733ffc019 wpa_supplicant-2.6-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nf25216d28800504ce498705da7c9a825 wpa_supplicant-2.6-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n15c61050e4bab2581757befd86be74c0 wpa_supplicant-2.6-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n49fd537a520338744f7757615556d352 wpa_supplicant-2.6-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc5539f40c8510af89be92945f0f80185 wpa_supplicant-2.6-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n4c527ff84fcdfd7839f217bbce2e4ae4 wpa_supplicant-2.6-x86_64-1_slack14.2.txz\n\nSlackware -current package:\n28bd88a54e96368f7a7020c1f5fb67fe n/wpa_supplicant-2.6-i586-2.txz\n\nSlackware x86_64 -current package:\n464fc6b48d1ac077f47e9a3a8534c160 n/wpa_supplicant-2.6-x86_64-2.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg wpa_supplicant-2.6-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13078"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13078",
"trust": 4.5
},
{
"db": "CERT/CC",
"id": "VU#228519",
"trust": 4.2
},
{
"db": "BID",
"id": "101274",
"trust": 2.6
},
{
"db": "LENOVO",
"id": "LEN-17420",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1039577",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039576",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039581",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039578",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039585",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1039573",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-003",
"trust": 1.7
},
{
"db": "CERT@VDE",
"id": "VDE-2017-005",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-901333",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSMA-18-114-01",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSMA-19-029-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-353-02",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-01",
"trust": 1.1
},
{
"db": "ICS CERT",
"id": "ICSA-17-325-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-30405",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381",
"trust": 0.8
},
{
"db": "JUNIPER",
"id": "JSA10827",
"trust": 0.8
},
{
"db": "DLINK",
"id": "SAP10075",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94846424",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90609033",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.4125",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-299-02",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-318-02",
"trust": 0.3
},
{
"db": "IVD",
"id": "D6BBEDBA-FFB0-46FC-8B8D-FC2A4FCE19B2",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-13078",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144652",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145394",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145395",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148445",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144632",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144944",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144669",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144663",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"id": "VAR-201710-0211",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
}
],
"trust": 1.3965711281818183
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
}
]
},
"last_update_date": "2024-07-23T21:10:29.332000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ARUBA-PSA-2017-007",
"trust": 0.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"title": "DSA-3999",
"trust": 0.8,
"url": "https://www.debian.org/security/2017/dsa-3999"
},
{
"title": "FreeBSD-SA-17:07.wpa",
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"title": "LEN-17420",
"trust": 0.8,
"url": "https://support.lenovo.com/jp/en/product_security/len-17420"
},
{
"title": "NV17-024",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-024.html"
},
{
"title": "openSUSE-SU-2017:2755",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"title": "SUSE-SU-2017:2745",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"title": "SUSE-SU-2017:2752",
"trust": 0.8,
"url": "https://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"title": "KRACKs - wpa_supplicant Multiple Vulnerabilities",
"trust": 0.8,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"title": "RHSA-2017:2907",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"title": "RHSA-2017:2911",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"title": "USN-3455-1",
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"title": "WPA packet number reuse with replayed messages and key reinstallation",
"trust": 0.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"title": "Wi-Fi\u306e\u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.fujitsu.com/jp/products/network/support/2017/srm-01/index.html"
},
{
"title": "WPA2\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u5f0a\u793e\u8abf\u67fb\u30fb\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.iodata.jp/support/information/2017/wpa2/"
},
{
"title": "\u7121\u7ddaLAN \u8a8d\u8a3c\uff0f\u6697\u53f7\u5316\u6280\u8853WPA2\u304a\u3088\u3073WPA\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/info/20171110/"
},
{
"title": "Patch for WPA2 Wireless Network GTK Group Key Reload Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/103819"
},
{
"title": "Multiple WiFi product WPA2 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75495"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172911 - security advisory"
},
{
"title": "Red Hat: Important: wpa_supplicant security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20172907 - security advisory"
},
{
"title": "Red Hat: CVE-2017-13078",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-13078"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-13078"
},
{
"title": "Apple: Wi-Fi Update for Boot Camp 6.4.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=4dc3bb86865485e4364fd6b2dc2fc379"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.7.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7ca8130f8030911575aa17c0e84114dd"
},
{
"title": "Apple: watchOS 4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=345c3fa8a313cd9a1ced5ef372c465c4"
},
{
"title": "Apple: AirPort Base Station Firmware Update 7.6.9",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=43d8dcf7961e20b6ec02761d12969c19"
},
{
"title": "Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2e0affd9108e95fa2aa2c706c74cd8a9"
},
{
"title": "Ubuntu Security Notice: wpa vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3455-1"
},
{
"title": "Debian Security Advisories: DSA-3999-1 wpa -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=08990d9925276738bd732fa4d58f9ef0"
},
{
"title": "Apple: tvOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7a8e908aff7c02a31b2d335766e6d5c2"
},
{
"title": "Apple: iOS 11.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=7814c280e80969d4c4d88f74b13290f2"
},
{
"title": "Arch Linux Advisories: [ASA-201710-23] hostapd: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-23"
},
{
"title": "Arch Linux Advisories: [ASA-201710-22] wpa_supplicant: man-in-the-middle",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201710-22"
},
{
"title": "HP: HPSBPI03574 rev. 1 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbpi03574"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6df91267eee9400a24a98876f50ffe84"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014November 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=8c29eb008bb212762e5cfb25c7c5c0d5"
},
{
"title": "Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20171016-wpa"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014July 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=25584b3d319ca9e7cb2fae9ec5dbf5e0"
},
{
"title": "HP: HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=hpsbhf03571"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
},
{
"title": "Apple: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=870f3f04ef17f7b183f74ae687a1561d"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
},
{
"title": "vanhoefm-krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/84kaliplexon3/vanhoefm-krackattacks-scripts "
},
{
"title": "krankattack",
"trust": 0.1,
"url": "https://github.com/devkosov/krankattack "
},
{
"title": "krackattacks-scripts",
"trust": 0.1,
"url": "https://github.com/vanhoefm/krackattacks-scripts "
},
{
"title": "KRACK",
"trust": 0.1,
"url": "https://github.com/chinatso/krack "
},
{
"title": "krackinfo",
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo "
},
{
"title": "nixos-issue-db-example",
"trust": 0.1,
"url": "https://github.com/andir/nixos-issue-db-example "
},
{
"title": "SamsungReleaseNotes",
"trust": 0.1,
"url": "https://github.com/samreleasenotes/samsungreleasenotes "
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2019/10/17/alexa-how-amazon-echo-kindle-got-kracked/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/millions-of-amazon-echo-and-kindle-devices-affected-by-wifi-bug/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/11/07/android_november_security_update/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.krackattacks.com/"
},
{
"trust": 3.3,
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/101274"
},
{
"trust": 2.8,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2017-007.txt"
},
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171016-wpa"
},
{
"trust": 2.7,
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"trust": 2.5,
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"trust": 2.2,
"url": "https://access.redhat.com/errata/rhsa-2017:2911"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"trust": 2.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2907"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"trust": 1.8,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-3455-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039585"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039581"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039578"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039577"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039576"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039573"
},
{
"trust": 1.7,
"url": "https://support.lenovo.com/us/en/product_security/len-17420"
},
{
"trust": 1.7,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208222"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208220"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht208219"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03792en_us"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"trust": 1.7,
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13078"
},
{
"trust": 1.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-114-01"
},
{
"trust": 1.1,
"url": "https://papers.mathyvanhoef.com/ccs2017.pdf"
},
{
"trust": 1.1,
"url": "https://w1.fi/security/2017-1/"
},
{
"trust": 1.1,
"url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00101\u0026languageid=en-fr"
},
{
"trust": 1.1,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-13080"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-353-02"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-325-01"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-029-01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13078"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13077"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/323.html"
},
{
"trust": 0.8,
"url": "https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-krack-vulnerability"
},
{
"trust": 0.8,
"url": "https://www3.aerohive.com/support/security-bulletins/product-security-announcement-aerohives-response-to-krack-10162017.html"
},
{
"trust": 0.8,
"url": "https://www.al-enterprise.com/en/support/security-alert-krack"
},
{
"trust": 0.8,
"url": "https://support.apple.com/en-gb/ht208222"
},
{
"trust": 0.8,
"url": "https://security.archlinux.org/avg-447"
},
{
"trust": 0.8,
"url": "https://www.asus.com/static_webpage/asus-product-security-advisory/"
},
{
"trust": 0.8,
"url": "https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2"
},
{
"trust": 0.8,
"url": "https://lists.centos.org/pipermail/centos-announce/2017-october/022569.html"
},
{
"trust": 0.8,
"url": "https://community.cypress.com/docs/doc-13871"
},
{
"trust": 0.8,
"url": "http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=sap10075"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/article/sln307822"
},
{
"trust": 0.8,
"url": "https://github.com/espressif/esp8266_nonos_sdk"
},
{
"trust": 0.8,
"url": "https://extremeportal.force.com/extrarticledetail?n=000018005"
},
{
"trust": 0.8,
"url": "https://bodhi.fedoraproject.org/updates/fedora-2017-60bfb576b7"
},
{
"trust": 0.8,
"url": "http://www.fortiguard.com/psirt/fg-ir-17-196"
},
{
"trust": 0.8,
"url": "https://www.freebsd.org/security/advisories/freebsd-sa-17:07.wpa.asc"
},
{
"trust": 0.8,
"url": "https://bugs.gentoo.org/634440"
},
{
"trust": 0.8,
"url": "https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null\u0026doclocale=en_us\u0026docid=emr_na-a00029151en_us"
},
{
"trust": 0.8,
"url": "https://kb.juniper.net/jsa10827"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/ca/en/product_security/len-17420"
},
{
"trust": 0.8,
"url": "http://www.microchip.com/wwwproducts/en/atwinc1500"
},
{
"trust": 0.8,
"url": "http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html"
},
{
"trust": 0.8,
"url": "https://kb.netgear.com/000049498/security-advisory-for-wpa-2-vulnerabilities-psv-2017-2826-psv-2017-2836-psv-2017-2837"
},
{
"trust": 0.8,
"url": "https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715"
},
{
"trust": 0.8,
"url": "https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf"
},
{
"trust": 0.8,
"url": "https://www.suse.com/de-de/support/kb/doc/?id=7022107"
},
{
"trust": 0.8,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/"
},
{
"trust": 0.8,
"url": "http://www.slackware.com/changelog/stable.php?cpu=x86_64"
},
{
"trust": 0.8,
"url": "https://community.sophos.com/kb/en-us/127658"
},
{
"trust": 0.8,
"url": "https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rzrnc8igeiz_sw8egqhjcdmmwr8abw2dqcnfoyqotidrrk399uxrrwotuzgws7a87y6z88iuzmcq2u4uwcnlzypjnjj5-exr_wnhya-laxtrid-j3uchdtb8gylmuw6qzgktovtowsrrqlrs6-8dbeqhwc1mykqnlabgdjlf1yjvn7i5af4qtdwsn2tri7j"
},
{
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm"
},
{
"trust": 0.8,
"url": "http://support.toshiba.com/support/staticcontentdetail?contentid=4015875\u0026isfromtoclink=false"
},
{
"trust": 0.8,
"url": "https://community.ubnt.com/t5/unifi-updates-blog/firmware-3-9-3-7537-for-uap-usw-has-been-released/ba-p/2099365"
},
{
"trust": 0.8,
"url": "https://usn.ubuntu.com/usn/usn-3455-1/"
},
{
"trust": 0.8,
"url": "http://en.miui.com/thread-954223-1-1.html"
},
{
"trust": 0.8,
"url": "https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf"
},
{
"trust": 0.8,
"url": "http://www.zyxel.com/support/announcement_wpa2_key_management.shtml"
},
{
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk120938"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-84103"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k23642330"
},
{
"trust": 0.8,
"url": "https://forum.mikrotik.com/viewtopic.php?f=21\u0026t=126695"
},
{
"trust": 0.8,
"url": "https://community.linksys.com/t5/wireless-routers/krack-vulnerability/td-p/1218573"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02a"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20171017_wpa2.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94846424/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90609033/index.html"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/cheu-aqnmyp"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13080"
},
{
"trust": 0.6,
"url": "https://www.kb.cert.org/vuls/id/228519/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4125/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13077"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13078"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13080"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-13087"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13087"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13082"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13086"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13088"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://github.com/stevenhoneyman/wpa_gui/tree/master/wpa_supplicant-2.4"
},
{
"trust": 0.3,
"url": "http://www.wi-fi.org/index.php"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-ie/ht208847"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208334"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208327"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-in/ht208325"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00009.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2017/dec/msg00008.html"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jul/msg00000.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13079"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13081"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-13084"
},
{
"trust": 0.3,
"url": "http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-299-02"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-318-02"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13081"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/330.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/kristate/krackinfo"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht208038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4477"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu9.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-17:07.wpa.asc\u003e"
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
},
{
"trust": 0.1,
"url": "https://www.krackattacks.com/\u003e"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-11.patch"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-17:07/wpa-10.patch"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html\u003e."
},
{
"trust": 0.1,
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\u003e"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13080"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13082"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13077"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13087"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13081"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13086"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13088"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13084"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"db": "CERT/CC",
"id": "VU#228519"
},
{
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"db": "BID",
"id": "101274"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"db": "PACKETSTORM",
"id": "144652"
},
{
"db": "PACKETSTORM",
"id": "145394"
},
{
"db": "PACKETSTORM",
"id": "145395"
},
{
"db": "PACKETSTORM",
"id": "148445"
},
{
"db": "PACKETSTORM",
"id": "144632"
},
{
"db": "PACKETSTORM",
"id": "144944"
},
{
"db": "PACKETSTORM",
"id": "144659"
},
{
"db": "PACKETSTORM",
"id": "144669"
},
{
"db": "PACKETSTORM",
"id": "144663"
},
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "IVD",
"id": "d6bbedba-ffb0-46fc-8b8d-fc2a4fce19b2"
},
{
"date": "2017-10-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"date": "2017-10-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"date": "2017-10-16T00:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2017-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"date": "2017-10-17T16:52:00",
"db": "PACKETSTORM",
"id": "144652"
},
{
"date": "2017-12-13T03:33:33",
"db": "PACKETSTORM",
"id": "145394"
},
{
"date": "2017-12-13T04:44:44",
"db": "PACKETSTORM",
"id": "145395"
},
{
"date": "2018-07-05T23:02:22",
"db": "PACKETSTORM",
"id": "148445"
},
{
"date": "2017-10-16T23:23:00",
"db": "PACKETSTORM",
"id": "144632"
},
{
"date": "2017-11-10T19:19:00",
"db": "PACKETSTORM",
"id": "144944"
},
{
"date": "2017-10-18T20:20:00",
"db": "PACKETSTORM",
"id": "144659"
},
{
"date": "2017-10-19T14:28:55",
"db": "PACKETSTORM",
"id": "144669"
},
{
"date": "2017-10-18T20:44:00",
"db": "PACKETSTORM",
"id": "144663"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"date": "2017-10-17T13:29:00.193000",
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-16T00:00:00",
"db": "CERT/CC",
"id": "VU#228519"
},
{
"date": "2017-10-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30405"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13078"
},
{
"date": "2019-02-21T09:00:00",
"db": "BID",
"id": "101274"
},
{
"date": "2019-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-009171"
},
{
"date": "2020-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201710-381"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-13078"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse",
"sources": [
{
"db": "CERT/CC",
"id": "VU#228519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201710-381"
}
],
"trust": 0.6
}
}
VAR-200703-0007
Vulnerability from variot - Updated: 2024-07-23 21:07Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could help the attacker launch further attacks. Versions in the 5.0 series prior to 5.5.22 and in the 6.0 series prior to 6.0.10 are vulnerable. Note that this vulnerability can only be exploited when using apache proxy modules like mod_proxy, mod_rewrite or mod_jk.
Workaround
There is no known workaround at this time.
Resolution
All Tomcat users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/tomcat-5.5.22"
References
[ 1 ] CVE-2007-0450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200705-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
CA Advisory Reference: CA20090123-01
CA Advisory Date: 2009-01-23
Reported By: n/a
Impact: Refer to the CVE identifiers for details.
Summary: Multiple security risks exist in Apache Tomcat as included with CA Cohesion Application Configuration Manager. CA has issued an update to address the vulnerabilities. Refer to the References section for the full list of resolved issues by CVE identifier.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating.
Affected Products: CA Cohesion Application Configuration Manager 4.5
Non-Affected Products CA Cohesion Application Configuration Manager 4.5 SP1
Affected Platforms: Windows
Status and Recommendation: CA has issued the following update to address the vulnerabilities.
CA Cohesion Application Configuration Manager 4.5:
RO04648 https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search &searchID=RO04648
How to determine if you are affected:
- Using Windows Explorer, locate the file "RELEASE-NOTES".
- By default, the file is located in the "C:\Program Files\CA\Cohesion\Server\server\" directory.
- Open the file with a text editor.
- If the version is less than 5.5.25, the installation is vulnerable.
Workaround: None
References (URLs may wrap): CA Support: http://support.ca.com/ CA20090123-01: Security Notice for Cohesion Tomcat https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1975 40 Solution Document Reference APARs: RO04648 CA Security Response Blog posting: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx Reported By: n/a CVE References: CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 CVE-2005-3510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 CVE-2006-3835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835 CVE-2006-7195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 CVE-2006-7196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196 CVE-2007-0450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 CVE-2007-1355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 CVE-2007-1358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 CVE-2007-1858 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858 CVE-2007-2449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 CVE-2007-2450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 CVE-2007-3382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382 CVE-2007-3385 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385 CVE-2007-3386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 CVE-2008-0128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128 *Note: the issue was not completely fixed by Tomcat maintainers. OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release v1.1 - Updated Impact, Summary, Affected Products
Customers who require additional information should contact CA Technical Support at http://support.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777 82
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability
SECUNIA ADVISORY ID: SA15895
VERIFY ADVISORY: http://secunia.com/advisories/15895/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/
DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA15852
SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479
OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. The update is available on https://www.hp.com/go/softwaredepot/ Note: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- .
Multiple cross-site scripting vulnerabilities in the Manager and Host Manager web applications allow remote authenticated users to inject arbitrary web script or HTML (CVE-2007-2450).
Tomcat treated single quotes as delimiters in cookies, which could cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks (CVE-2007-3382).
Tomcat did not properly handle the " character sequence in a cookie value, which could cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks (CVE-2007-3385).
A cross-site scripting vulnerability in the Host Manager servlet allowed remote attackers to inject arbitrary HTML and web script via crafted attacks (CVE-2007-3386).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
Updated Packages:
Mandriva Linux 2007.1: 2eaba952d2699868ef76ca11dc7743e2 2007.1/i586/tomcat5-5.5.17-6.2.4.1mdv2007.1.i586.rpm 037b18dda99d06be0b77f35964257902 2007.1/i586/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm d9e6c355370c0e3f9aebc7ba0edd99d5 2007.1/i586/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm fcb4fa36ea0926a0fbd92d1f9c9d9671 2007.1/i586/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.i586.rpm fedd1a27a4f46d0d793c3ceb21a57246 2007.1/i586/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm ab5985c840c14c812b3e72dae54407f0 2007.1/i586/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm 6266395d78af5f64ce7a150b9175fab7 2007.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm 08335caaa65e97003aa67d465ce60ae1 2007.1/i586/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm 3a4f5995900419c7354804ae0dc548b6 2007.1/i586/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm 0c27ba521cee0d06627f121df3a138c9 2007.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm 07537a59d8549f412dc4c9a783f41177 2007.1/i586/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm b55342a597ab506be934b6a73ed24005 2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: aea539336fa58a995ae1411fe61934c2 2007.1/x86_64/tomcat5-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 0225750a0d4ef032915783d0b29c1504 2007.1/x86_64/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 8223d038509a71f537f537909e9ef863 2007.1/x86_64/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm dedd59d873c5bb4e608b1328595f2d98 2007.1/x86_64/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm c0ef0eda05488b8b571e6700a9365ea3 2007.1/x86_64/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 95dae961b82630d633fc3419383dbe4b 2007.1/x86_64/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 41378a0106da001d545681c185b2f5c3 2007.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 5448b57b7667414c12aabb1da5e528fa 2007.1/x86_64/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 9a277ae64587b81f61e8c118ba4d4571 2007.1/x86_64/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm 1be4b0eea59741ef7efb0f51f97e19c7 2007.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm d3965a643dbdc8e685ff4b5861877254 2007.1/x86_64/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm b55342a597ab506be934b6a73ed24005 2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm
Mandriva Linux 2008.0: 828e35db12f9dab3a5e63c475c289f88 2008.0/i586/tomcat5-5.5.23-9.2.10.1mdv2008.0.i586.rpm 5e98b01f16f8213db5e842dcb47e4e8b 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm fd483503d3f313775be4c098858a4e0d 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm 23dffdf05e1c50d5cfea045552c8f3bb 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.i586.rpm 3da9fcc0e4c0c8366b676e0770b8fe7c 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm 03222fbcf7fad63aa6920d5d4ee55ee2 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm 566362e78e6dd5f853b616204453aa0d 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm fd00fd2a4faa567523ba9ce959ad1efa 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm 8a8c1b69636876ac31b0968edce82d3f 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm 85d0641840725e728f18cc86925d1923 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm 3e62b31a3fce47b8d7e2de2ecc7eb29d 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm 9522ebba28176adf03d9a7b33fb526f8 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: a44ed55a6a2943e5ba39ea6473a2af27 2008.0/x86_64/tomcat5-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 292e2c0a822a736fe85c498c17bb09c6 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm c8ee3862233f323278d0b97a3f07a74d 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 0c944fe5d8725da8fd4e57e89539fa21 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm bcbb50b5978295bd40ec24212ca77a8a 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 472c0a30c7ad74c0cb63da51142de438 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 10c6da9615553dc07e2f59d226f30a1d 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 53eba8a64c428e6e2a14e59095f958b4 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 8c6849bcca11457dffd03aa9c9e9a35f 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm b5b42989963c31f79a997c9c18ed4cb4 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 667a7b6fe2d3bc22ef64d87c2a6b9fe7 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm 9522ebba28176adf03d9a7b33fb526f8 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHXZ68mqjQ0CJFipgRAhO2AKC+AwaCU8LmMtlbmj5Q9HgrOr3PTwCeMZo1 QKCxPSeNSXZPdPEE6c2TDyk= =z6UT -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary:
Updated Tomcat and Java JRE packages for VirtualCenter 2.0.2, ESX Server 3.0.2, and ESX 3.0.1. Relevant releases:
VirtualCenter Management Server 2 ESX Server 3.0.2 without patch ESX-1002434 ESX Server 3.0.1 without patch ESX-1003176
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2090, CVE-2006-7195, and CVE-2007-0450 to these issues.
JRE Security Update This release of VirtualCenter Server updates the JRE package from 1.5.0_7 to 1.5.0_12, which addresses a security issue that existed in the earlier release of JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-3004 to this issue.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices. Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
VMware VirtualCenter 2.0.2 Update 2 Release Notes http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html
VirtualCenter CD image md5sum d7d98a5d7f8afff32cee848f860d3ba7
VirtualCenter as Zip md5sum 3b42ec350121659e10352ca2d76e212b
ESX Server 3.0.2 http://kb.vmware.com/kb/1002434 md5sum: 2f52251f6ace3d50934344ef313539d5
ESX Server 3.0.1 http://kb.vmware.com/kb/1003176 md5sum: 5674ca0dcfac90726014cc316444996e
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce@lists.vmware.com
- bugtraq@securityfocus.com
- full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200703-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tomcat",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.10"
},
{
"model": "tomcat",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.22"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": null
},
{
"model": "tomcat",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.0"
},
{
"model": "tomcat",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "5.0.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "drupal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pear xml rpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpxmlrpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postnuke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "serendipity",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wordpress",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xoops",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpmyfaq",
"version": null
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "4.0.6"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "4.1.34"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "5.0.30"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "5.5.21"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "6.0.9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "interscan messaging security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "- 7.x"
},
{
"model": "trendmicro interscan messaging security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "- 7.x"
},
{
"model": "trendmicro interscan web security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "- 3.x"
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "- 2.x"
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "- 3.x"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "enterprise edition v4.x/v5.x"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard edition v4.x/v5.x"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "standard-j edition v4.x/v5.x"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "uddi registry v1.1 ~ v2.1"
},
{
"model": "webotx application server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "web edition v4.x/v5.x"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "win32"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.4"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.0.28"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.0.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "5.5.0"
},
{
"model": "virtualcenter management server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux enterprise server sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "enterprise linux virtualization server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux hardware certification",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux clustering server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux cluster-storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.0"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "associates cohesion application configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.9"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.8"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.7"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.6"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.5"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.4"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.3"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.2"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.1"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.22"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.21"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.20"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.19"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.18"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.17"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.16"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.15"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.14"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.13"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.12"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.11"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.10"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.9"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.8"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.7"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.6"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.5"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.4"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.3"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.2"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.1"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.4"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.3"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.2"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.1"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.0"
},
{
"model": "associates cohesion application configuration manager sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "4.5"
},
{
"model": "software foundation tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.10"
},
{
"model": "software foundation tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.23"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "22960"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.5.22",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.0.10",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Matscheko",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0450",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-0450",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0450",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#442845",
"trust": 0.8,
"value": "20.75"
},
{
"author": "CNNVD",
"id": "CNNVD-200703-400",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-0450",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) \"/\" (slash), (2) \"\\\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apache HTTP servers running with the Tomcat servlet container are prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. \nExploiting this issue allows attackers to access arbitrary files in the Tomcat webroot. This can expose sensitive information that could help the attacker launch further attacks. \nVersions in the 5.0 series prior to 5.5.22 and in the 6.0 series prior to 6.0.10 are vulnerable. Note that this vulnerability can only be exploited when using\napache proxy modules like mod_proxy, mod_rewrite or mod_jk. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Tomcat users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/tomcat-5.5.22\"\n\nReferences\n==========\n\n [ 1 ] CVE-2007-0450\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200705-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities\n\n\nCA Advisory Reference: CA20090123-01\n\n\nCA Advisory Date: 2009-01-23\n\n\nReported By: n/a\n\n\nImpact: Refer to the CVE identifiers for details. \n\n\nSummary: Multiple security risks exist in Apache Tomcat as \nincluded with CA Cohesion Application Configuration Manager. CA \nhas issued an update to address the vulnerabilities. Refer to the \nReferences section for the full list of resolved issues by CVE \nidentifier. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. \n\n\nAffected Products:\nCA Cohesion Application Configuration Manager 4.5\n\n\nNon-Affected Products\nCA Cohesion Application Configuration Manager 4.5 SP1\n\n\nAffected Platforms:\nWindows\n\n\nStatus and Recommendation:\nCA has issued the following update to address the vulnerabilities. \n\nCA Cohesion Application Configuration Manager 4.5:\n\nRO04648\nhttps://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search\n\u0026searchID=RO04648\n\n\nHow to determine if you are affected:\n\n1. Using Windows Explorer, locate the file \"RELEASE-NOTES\". \n2. By default, the file is located in the \n \"C:\\Program Files\\CA\\Cohesion\\Server\\server\\\" directory. \n3. Open the file with a text editor. \n4. If the version is less than 5.5.25, the installation is \n vulnerable. \n\n\nWorkaround: None\n\n\nReferences (URLs may wrap):\nCA Support:\nhttp://support.ca.com/\nCA20090123-01: Security Notice for Cohesion Tomcat\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1975\n40\nSolution Document Reference APARs:\nRO04648\nCA Security Response Blog posting:\nCA20090123-01: Cohesion Tomcat Multiple Vulnerabilities\ncommunity.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx\nReported By: \nn/a\nCVE References:\nCVE-2005-2090\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090\nCVE-2005-3510\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510\nCVE-2006-3835\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835\nCVE-2006-7195\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195\nCVE-2006-7196\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196\nCVE-2007-0450\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450\nCVE-2007-1355\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355\nCVE-2007-1358\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358\nCVE-2007-1858\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858\nCVE-2007-2449\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449\nCVE-2007-2450\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450\nCVE-2007-3382\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382\nCVE-2007-3385 *\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385\nCVE-2007-3386\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386\nCVE-2008-0128\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128\n*Note: the issue was not completely fixed by Tomcat maintainers. \nOSVDB References: Pending\nhttp://osvdb.org/\n\n\nChangelog for this advisory:\nv1.0 - Initial Release\nv1.1 - Updated Impact, Summary, Affected Products\n\n\nCustomers who require additional information should contact CA\nTechnical Support at http://support.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777\n82\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 3.21. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \nThe update is available on https://www.hp.com/go/softwaredepot/ \nNote: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. \n \n Multiple cross-site scripting vulnerabilities in the Manager and Host\n Manager web applications allow remote authenticated users to inject\n arbitrary web script or HTML (CVE-2007-2450). \n \n Tomcat treated single quotes as delimiters in cookies, which could\n cause sensitive information such as session IDs to be leaked and allow\n remote attackers to conduct session hijacking attacks (CVE-2007-3382). \n \n Tomcat did not properly handle the \" character sequence in a cookie\n value, which could cause sensitive information such as session IDs\n to be leaked and allow remote attackers to conduct session hijacking\n attacks (CVE-2007-3385). \n \n A cross-site scripting vulnerability in the Host Manager servlet\n allowed remote attackers to inject arbitrary HTML and web script via\n crafted attacks (CVE-2007-3386). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 2eaba952d2699868ef76ca11dc7743e2 2007.1/i586/tomcat5-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 037b18dda99d06be0b77f35964257902 2007.1/i586/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n d9e6c355370c0e3f9aebc7ba0edd99d5 2007.1/i586/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n fcb4fa36ea0926a0fbd92d1f9c9d9671 2007.1/i586/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n fedd1a27a4f46d0d793c3ceb21a57246 2007.1/i586/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n ab5985c840c14c812b3e72dae54407f0 2007.1/i586/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 6266395d78af5f64ce7a150b9175fab7 2007.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 08335caaa65e97003aa67d465ce60ae1 2007.1/i586/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 3a4f5995900419c7354804ae0dc548b6 2007.1/i586/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 0c27ba521cee0d06627f121df3a138c9 2007.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.i586.rpm\n 07537a59d8549f412dc4c9a783f41177 2007.1/i586/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.i586.rpm \n b55342a597ab506be934b6a73ed24005 2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n aea539336fa58a995ae1411fe61934c2 2007.1/x86_64/tomcat5-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 0225750a0d4ef032915783d0b29c1504 2007.1/x86_64/tomcat5-admin-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 8223d038509a71f537f537909e9ef863 2007.1/x86_64/tomcat5-common-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n dedd59d873c5bb4e608b1328595f2d98 2007.1/x86_64/tomcat5-jasper-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n c0ef0eda05488b8b571e6700a9365ea3 2007.1/x86_64/tomcat5-jasper-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 95dae961b82630d633fc3419383dbe4b 2007.1/x86_64/tomcat5-jsp-2.0-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 41378a0106da001d545681c185b2f5c3 2007.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 5448b57b7667414c12aabb1da5e528fa 2007.1/x86_64/tomcat5-server-lib-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 9a277ae64587b81f61e8c118ba4d4571 2007.1/x86_64/tomcat5-servlet-2.4-api-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n 1be4b0eea59741ef7efb0f51f97e19c7 2007.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm\n d3965a643dbdc8e685ff4b5861877254 2007.1/x86_64/tomcat5-webapps-5.5.17-6.2.4.1mdv2007.1.x86_64.rpm \n b55342a597ab506be934b6a73ed24005 2007.1/SRPMS/tomcat5-5.5.17-6.2.4.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 828e35db12f9dab3a5e63c475c289f88 2008.0/i586/tomcat5-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 5e98b01f16f8213db5e842dcb47e4e8b 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n fd483503d3f313775be4c098858a4e0d 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 23dffdf05e1c50d5cfea045552c8f3bb 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 3da9fcc0e4c0c8366b676e0770b8fe7c 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 03222fbcf7fad63aa6920d5d4ee55ee2 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 566362e78e6dd5f853b616204453aa0d 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n fd00fd2a4faa567523ba9ce959ad1efa 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 8a8c1b69636876ac31b0968edce82d3f 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 85d0641840725e728f18cc86925d1923 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.i586.rpm\n 3e62b31a3fce47b8d7e2de2ecc7eb29d 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.i586.rpm \n 9522ebba28176adf03d9a7b33fb526f8 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n a44ed55a6a2943e5ba39ea6473a2af27 2008.0/x86_64/tomcat5-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 292e2c0a822a736fe85c498c17bb09c6 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n c8ee3862233f323278d0b97a3f07a74d 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 0c944fe5d8725da8fd4e57e89539fa21 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n bcbb50b5978295bd40ec24212ca77a8a 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 472c0a30c7ad74c0cb63da51142de438 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 10c6da9615553dc07e2f59d226f30a1d 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 53eba8a64c428e6e2a14e59095f958b4 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 8c6849bcca11457dffd03aa9c9e9a35f 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n b5b42989963c31f79a997c9c18ed4cb4 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm\n 667a7b6fe2d3bc22ef64d87c2a6b9fe7 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.1mdv2008.0.x86_64.rpm \n 9522ebba28176adf03d9a7b33fb526f8 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHXZ68mqjQ0CJFipgRAhO2AKC+AwaCU8LmMtlbmj5Q9HgrOr3PTwCeMZo1\nQKCxPSeNSXZPdPEE6c2TDyk=\n=z6UT\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary:\n\n Updated Tomcat and Java JRE packages for VirtualCenter 2.0.2, ESX\n Server 3.0.2, and ESX 3.0.1. Relevant releases:\n\n VirtualCenter Management Server 2\n ESX Server 3.0.2 without patch ESX-1002434\n ESX Server 3.0.1 without patch ESX-1003176\n\n3. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2005-2090, CVE-2006-7195, and CVE-2007-0450 to\n these issues. \n\n JRE Security Update\n This release of VirtualCenter Server updates the JRE package from\n 1.5.0_7 to 1.5.0_12, which addresses a security issue that existed in\n the earlier release of JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-3004 to this issue. \n\n Security best practices provided by VMware recommend that the\n service console be isolated from the VM network. Please see\n http://www.vmware.com/resources/techresources/726 for more\n information on VMware security best practices. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n VMware VirtualCenter 2.0.2 Update 2 Release Notes\n http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html\n\n VirtualCenter CD image\n md5sum d7d98a5d7f8afff32cee848f860d3ba7\n\n VirtualCenter as Zip\n md5sum 3b42ec350121659e10352ca2d76e212b\n\n ESX Server 3.0.2\n http://kb.vmware.com/kb/1002434\n md5sum: 2f52251f6ace3d50934344ef313539d5\n\n ESX Server 3.0.1\n http://kb.vmware.com/kb/1003176\n md5sum: 5674ca0dcfac90726014cc316444996e\n\n5. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce@lists.vmware.com\n * bugtraq@securityfocus.com\n * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0450"
},
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "BID",
"id": "22960"
},
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "PACKETSTORM",
"id": "56411"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "61679"
},
{
"db": "PACKETSTORM",
"id": "62402"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=29739",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-0450"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0450",
"trust": 3.3
},
{
"db": "BID",
"id": "22960",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "24732",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "28365",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30899",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25106",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26235",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30908",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26660",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33668",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25280",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2446",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1979",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2732",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-0975",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3087",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0065",
"trust": 1.7
},
{
"db": "BID",
"id": "25159",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "15895",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15810",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15922",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15852",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15855",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15861",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15862",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15872",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15883",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15884",
"trust": 0.8
},
{
"db": "BID",
"id": "14088",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014327",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#442845",
"trust": 0.8
},
{
"db": "XF",
"id": "32988",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "29739",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2007-0450",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56411",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74289",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61679",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62402",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "BID",
"id": "22960"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "PACKETSTORM",
"id": "56411"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "61679"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"id": "VAR-200703-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:07:51.634000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache Tomcat 6.0.10",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"title": "Fixed in Apache Tomcat 4.1.36",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"title": "Fixed in Apache Tomcat 5.5.22, 5.0.SVN",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02262.html"
},
{
"title": "tomcat4 (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1168"
},
{
"title": "NV09-001",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv09-001.html"
},
{
"title": "RHSA-2007:0327",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0327.html"
},
{
"title": "239312",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239312-1"
},
{
"title": "imss_70_lx32_en_sp1_patch2_readme",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/documentation/readme/imss_70_lx32_en_sp1_patch2_readme.txt"
},
{
"title": "readme_imss70_lin_sp1_patch1_b3356",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/lin/70/readme_imss70_lin_sp1_patch1_b3356.txt"
},
{
"title": "imss_70_win32_en_sp1_patch2_readme",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/documentation/readme/imss_70_win32_en_sp1_patch2_readme.txt"
},
{
"title": "readme_imss70_sol_sp1_patch1_b81460",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/sol/70/readme_imss70_sol_sp1_patch1_b81460_r2.txt"
},
{
"title": "iwss_31_lx32_en_patch2_readme",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/documentation/readme/iwss_31_lx32_en_patch2_readme.txt"
},
{
"title": "interstage_as_200702",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200702.html"
},
{
"title": "2064149",
"trust": 0.8,
"url": "http://esupport.trendmicro.co.jp/supportjp/viewxml.do?contentid=jp-2064149"
},
{
"title": "2064436",
"trust": 0.8,
"url": "http://esupport.trendmicro.co.jp/supportjp/viewxml.do?contentid=jp-2064436"
},
{
"title": "RHSA-2007:0327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0327j.html"
},
{
"title": "VMware Security Advisories: Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=0fde1d7289a7f706413e4e8620446740"
},
{
"title": "Capstone-Red-vs-Blue-CySec-Report",
"trust": 0.1,
"url": "https://github.com/actualsalt/capstone-red-vs-blue-cysec-report "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.securityfocus.com/bid/22960"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/24732"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/25159"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200702e.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-206.htm"
},
{
"trust": 2.0,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197540"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200705-03.xml"
},
{
"trust": 1.7,
"url": "http://www.sec-consult.com/287.html"
},
{
"trust": 1.7,
"url": "http://www.sec-consult.com/fileadmin/advisories/20070314-0-apache_tomcat_directory_traversal.txt"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html"
},
{
"trust": 1.7,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"trust": 1.7,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"trust": 1.7,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25106"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0327.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25280"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce//2007/jul/msg00004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0360.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26235"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26660"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2446"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:241"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28365"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30908"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30899"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33668"
},
{
"trust": 1.7,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/0233"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/0975"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3087"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1979/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0065"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32988"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10643"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/462791/100/0/threaded"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0450"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15895/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15852/"
},
{
"trust": 0.8,
"url": "http://www.hardened-php.net/advisory-022005.php"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15861/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15862/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15884/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15883/"
},
{
"trust": 0.8,
"url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15855/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15810/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15872/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15922/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14088"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/0975"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/32988"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0450"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.3,
"url": "http://tomcat.apache.org/"
},
{
"trust": 0.3,
"url": "/archive/1/500412"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "msg://bugtraq/45f7f67f.8050403@sec-consult.com"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0327.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-1069.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239312-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2450"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2090"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7195"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3385"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3386"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3382"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-7195"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2449"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/actualsalt/capstone-red-vs-blue-cysec-report"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/29739/"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/security/advisories/vmsa-2008-0002.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0128"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3510"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1858"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3510"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0128"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3835"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1777"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3835"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1858"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-7196"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3699/"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5461"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5461"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3004"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1003176"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1002434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3004"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/resources/techresources/726"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "BID",
"id": "22960"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "PACKETSTORM",
"id": "56411"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "61679"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"db": "BID",
"id": "22960"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"db": "PACKETSTORM",
"id": "56411"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "61679"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2007-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"date": "2007-03-14T00:00:00",
"db": "BID",
"id": "22960"
},
{
"date": "2007-04-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"date": "2007-05-03T07:01:34",
"db": "PACKETSTORM",
"id": "56411"
},
{
"date": "2009-01-27T23:27:39",
"db": "PACKETSTORM",
"id": "74289"
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38388"
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939"
},
{
"date": "2007-12-11T01:29:29",
"db": "PACKETSTORM",
"id": "61679"
},
{
"date": "2008-01-08T16:58:51",
"db": "PACKETSTORM",
"id": "62402"
},
{
"date": "2006-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"date": "2007-03-16T22:19:00",
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-09T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2019-04-15T00:00:00",
"db": "VULMON",
"id": "CVE-2007-0450"
},
{
"date": "2010-08-05T20:45:00",
"db": "BID",
"id": "22960"
},
{
"date": "2010-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000217"
},
{
"date": "2023-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200703-400"
},
{
"date": "2023-02-13T02:17:16.053000",
"db": "NVD",
"id": "CVE-2007-0450"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200703-400"
}
],
"trust": 0.6
}
}
VAR-202012-1277
Vulnerability from variot - Updated: 2024-07-23 21:07A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. HAXX Haxx curl is a set of file transfer tools that use the URL syntax to work under the command line of the Swedish Haxx (HAXX) company. The tool supports file upload and download and includes a libcurl (client URL transfer library) for program development. There is a security vulnerability in Haxx curl FTP PASV Responses. Attackers can use this vulnerability to bypass data access restrictions and obtain sensitive information through curl's FTP PASV Responses. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux BaseOS (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Bugs fixed (https://bugzilla.redhat.com/):
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
- JIRA issues fixed (https://issues.jboss.org/):
LOG-1328 - Port fix to 5.0.z for BZ-1945168
- This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
-
curl: Use-after-free in TLS session handling when using OpenSSL TLS backend (CVE-2021-22901)
-
httpd: NULL pointer dereference on specially crafted HTTP/2 request (CVE-2021-31618)
-
libcurl: partial password leak over DNS on HTTP redirect (CVE-2020-8169)
-
curl: FTP PASV command response can cause curl to connect to arbitrary host (CVE-2020-8284)
-
curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285)
-
curl: Inferior OCSP verification (CVE-2020-8286)
-
curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876)
-
curl: TLS 1.3 session ticket mix-up with HTTPS proxy host (CVE-2021-22890)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update. Bugs fixed (https://bugzilla.redhat.com/):
1847916 - CVE-2020-8169 libcurl: partial password leak over DNS on HTTP redirect 1902667 - CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host 1902687 - CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 1906096 - CVE-2020-8286 curl: Inferior OCSP verification 1941964 - CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer 1941965 - CVE-2021-22890 curl: TLS 1.3 session ticket mix-up with HTTPS proxy host 1963146 - CVE-2021-22901 curl: Use-after-free in TLS session handling when using OpenSSL TLS backend 1968013 - CVE-2021-31618 httpd: NULL pointer dereference on specially crafted HTTP/2 request
- Description:
Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.2/html/release_notes/
Security fixes:
-
redisgraph-tls: redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309)
-
console-header-container: nodejs-netmask: improper input validation of octal input data (CVE-2021-28092)
-
console-container: nodejs-is-svg: ReDoS via malicious string (CVE-2021-28918)
Bug fixes:
-
RHACM 2.2.4 images (BZ# 1957254)
-
Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 (BZ#1950832)
-
ACM Operator should support using the default route TLS (BZ# 1955270)
-
The scrolling bar for search filter does not work properly (BZ# 1956852)
-
Limits on Length of MultiClusterObservability Resource Name (BZ# 1959426)
-
The proxy setup in install-config.yaml is not worked when IPI installing with RHACM (BZ# 1960181)
-
Unable to make SSH connection to a Bitbucket server (BZ# 1966513)
-
Observability Thanos store shard crashing - cannot unmarshall DNS message (BZ# 1967890)
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1950832 - Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7 1952150 - [DDF] It would be great to see all the options available for the bucket configuration and which attributes are mandatory 1954506 - [DDF] Table does not contain data about 20 clusters. Now it's difficult to estimate CPU usage with larger clusters 1954535 - Reinstall Submariner - No endpoints found on one cluster 1955270 - ACM Operator should support using the default route TLS 1956852 - The scrolling bar for search filter does not work properly 1957254 - RHACM 2.2.4 images 1959426 - Limits on Length of MultiClusterObservability Resource Name 1960181 - The proxy setup in install-config.yaml is not worked when IPI installing with RHACM. 1963128 - [DDF] Please rename this to "Amazon Elastic Kubernetes Service" 1966513 - Unable to make SSH connection to a Bitbucket server 1967357 - [DDF] When I clicked on this yaml, I get a HTTP 404 error. 1967890 - Observability Thanos store shard crashing - cannot unmarshal DNS message
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: OpenShift Container Platform 4.7.13 bug fix and security update Advisory ID: RHSA-2021:2121-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:2121 Issue date: 2021-06-01 CVE Names: CVE-2016-10228 CVE-2019-2708 CVE-2019-3842 CVE-2019-9169 CVE-2019-13012 CVE-2019-14866 CVE-2019-18811 CVE-2019-19523 CVE-2019-19528 CVE-2019-25013 CVE-2019-25032 CVE-2019-25034 CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 CVE-2019-25041 CVE-2019-25042 CVE-2020-0431 CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2020-8927 CVE-2020-9948 CVE-2020-9951 CVE-2020-9983 CVE-2020-10543 CVE-2020-10878 CVE-2020-11608 CVE-2020-12114 CVE-2020-12362 CVE-2020-12464 CVE-2020-13434 CVE-2020-13543 CVE-2020-13584 CVE-2020-13776 CVE-2020-14314 CVE-2020-14344 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14356 CVE-2020-14360 CVE-2020-14361 CVE-2020-14362 CVE-2020-14363 CVE-2020-15358 CVE-2020-15437 CVE-2020-15586 CVE-2020-16845 CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 CVE-2020-24394 CVE-2020-24977 CVE-2020-25212 CVE-2020-25284 CVE-2020-25285 CVE-2020-25643 CVE-2020-25659 CVE-2020-25704 CVE-2020-25712 CVE-2020-26116 CVE-2020-26137 CVE-2020-27618 CVE-2020-27619 CVE-2020-27783 CVE-2020-27786 CVE-2020-27835 CVE-2020-28196 CVE-2020-28935 CVE-2020-28974 CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 CVE-2020-35508 CVE-2020-36242 CVE-2020-36322 CVE-2021-0342 CVE-2021-3121 CVE-2021-3177 CVE-2021-3326 CVE-2021-21642 CVE-2021-21643 CVE-2021-21644 CVE-2021-21645 CVE-2021-23336 CVE-2021-25215 CVE-2021-30465 =====================================================================
- Summary:
Red Hat OpenShift Container Platform release 4.7.13 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.13. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2021:2122
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
This update fixes the following bug among others:
- Previously, resources for the ClusterOperator were being created early in the update process, which led to update failures when the ClusterOperator had no status condition while Operators were updating. This bug fix changes the timing of when these resources are created. As a result, updates can take place without errors. (BZ#1959238)
Security Fix(es):
- gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-x86_64
The image digest is sha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-s390x
The image digest is sha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le
The image digest is sha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923268 - [Assisted-4.7] [Staging] Using two both spelling "canceled" "cancelled" 1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go 1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list 1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits 1959238 - CVO creating cloud-controller-manager too early causing upgrade failures 1960103 - SR-IOV obliviously reboot the node 1961941 - Local Storage Operator using LocalVolume CR fails to create PV's when backend storage failure is simulated 1962302 - packageserver clusteroperator does not set reason or message for Available condition 1962312 - Deployment considered unhealthy despite being available and at latest generation 1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone 1963115 - Test verify /run filesystem contents failing
- References:
https://access.redhat.com/security/cve/CVE-2016-10228 https://access.redhat.com/security/cve/CVE-2019-2708 https://access.redhat.com/security/cve/CVE-2019-3842 https://access.redhat.com/security/cve/CVE-2019-9169 https://access.redhat.com/security/cve/CVE-2019-13012 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-18811 https://access.redhat.com/security/cve/CVE-2019-19523 https://access.redhat.com/security/cve/CVE-2019-19528 https://access.redhat.com/security/cve/CVE-2019-25013 https://access.redhat.com/security/cve/CVE-2019-25032 https://access.redhat.com/security/cve/CVE-2019-25034 https://access.redhat.com/security/cve/CVE-2019-25035 https://access.redhat.com/security/cve/CVE-2019-25036 https://access.redhat.com/security/cve/CVE-2019-25037 https://access.redhat.com/security/cve/CVE-2019-25038 https://access.redhat.com/security/cve/CVE-2019-25039 https://access.redhat.com/security/cve/CVE-2019-25040 https://access.redhat.com/security/cve/CVE-2019-25041 https://access.redhat.com/security/cve/CVE-2019-25042 https://access.redhat.com/security/cve/CVE-2020-0431 https://access.redhat.com/security/cve/CVE-2020-8231 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2020-8927 https://access.redhat.com/security/cve/CVE-2020-9948 https://access.redhat.com/security/cve/CVE-2020-9951 https://access.redhat.com/security/cve/CVE-2020-9983 https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-11608 https://access.redhat.com/security/cve/CVE-2020-12114 https://access.redhat.com/security/cve/CVE-2020-12362 https://access.redhat.com/security/cve/CVE-2020-12464 https://access.redhat.com/security/cve/CVE-2020-13434 https://access.redhat.com/security/cve/CVE-2020-13543 https://access.redhat.com/security/cve/CVE-2020-13584 https://access.redhat.com/security/cve/CVE-2020-13776 https://access.redhat.com/security/cve/CVE-2020-14314 https://access.redhat.com/security/cve/CVE-2020-14344 https://access.redhat.com/security/cve/CVE-2020-14345 https://access.redhat.com/security/cve/CVE-2020-14346 https://access.redhat.com/security/cve/CVE-2020-14347 https://access.redhat.com/security/cve/CVE-2020-14356 https://access.redhat.com/security/cve/CVE-2020-14360 https://access.redhat.com/security/cve/CVE-2020-14361 https://access.redhat.com/security/cve/CVE-2020-14362 https://access.redhat.com/security/cve/CVE-2020-14363 https://access.redhat.com/security/cve/CVE-2020-15358 https://access.redhat.com/security/cve/CVE-2020-15437 https://access.redhat.com/security/cve/CVE-2020-15586 https://access.redhat.com/security/cve/CVE-2020-16845 https://access.redhat.com/security/cve/CVE-2020-24330 https://access.redhat.com/security/cve/CVE-2020-24331 https://access.redhat.com/security/cve/CVE-2020-24332 https://access.redhat.com/security/cve/CVE-2020-24394 https://access.redhat.com/security/cve/CVE-2020-24977 https://access.redhat.com/security/cve/CVE-2020-25212 https://access.redhat.com/security/cve/CVE-2020-25284 https://access.redhat.com/security/cve/CVE-2020-25285 https://access.redhat.com/security/cve/CVE-2020-25643 https://access.redhat.com/security/cve/CVE-2020-25659 https://access.redhat.com/security/cve/CVE-2020-25704 https://access.redhat.com/security/cve/CVE-2020-25712 https://access.redhat.com/security/cve/CVE-2020-26116 https://access.redhat.com/security/cve/CVE-2020-26137 https://access.redhat.com/security/cve/CVE-2020-27618 https://access.redhat.com/security/cve/CVE-2020-27619 https://access.redhat.com/security/cve/CVE-2020-27783 https://access.redhat.com/security/cve/CVE-2020-27786 https://access.redhat.com/security/cve/CVE-2020-27835 https://access.redhat.com/security/cve/CVE-2020-28196 https://access.redhat.com/security/cve/CVE-2020-28935 https://access.redhat.com/security/cve/CVE-2020-28974 https://access.redhat.com/security/cve/CVE-2020-29361 https://access.redhat.com/security/cve/CVE-2020-29362 https://access.redhat.com/security/cve/CVE-2020-29363 https://access.redhat.com/security/cve/CVE-2020-35508 https://access.redhat.com/security/cve/CVE-2020-36242 https://access.redhat.com/security/cve/CVE-2020-36322 https://access.redhat.com/security/cve/CVE-2021-0342 https://access.redhat.com/security/cve/CVE-2021-3121 https://access.redhat.com/security/cve/CVE-2021-3177 https://access.redhat.com/security/cve/CVE-2021-3326 https://access.redhat.com/security/cve/CVE-2021-21642 https://access.redhat.com/security/cve/CVE-2021-21643 https://access.redhat.com/security/cve/CVE-2021-21644 https://access.redhat.com/security/cve/CVE-2021-21645 https://access.redhat.com/security/cve/CVE-2021-23336 https://access.redhat.com/security/cve/CVE-2021-25215 https://access.redhat.com/security/cve/CVE-2021-30465 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYLXBgdzjgjWX9erEAQiYKw/+MeUvVzbi9kHuo6vE8J9xEQCvgpJtLfRM yj4VFCt8lkWmfGmuAMd5LkvD5suav1Gu9yA6E60VvKrorV6+PDOZ8jiUyzRR+di6 TZZ7Ji6taqaQUuf451KF39zuxYAh29pKT6mZMhmqK65jEg7uj66R8+P2p7tahaai Kkqe6LKxNCXyVzWmc5HHkc3AJJ6vSVIuMeA6KOHpXy0vy57jZKeyb3dau0BVl/ir ZbnbOHdTJ+7hEVV3yGwARcVgUhHDcHiSYAS+RUj7Hqx0RIFilb9RbOdoEdbauaWx CGIdSYmj1F4apCZuYWmhZxtQ5/Lsj7EPi+7UleyTzqgMQsqSr8kvxGe/yzfY+yAQ ++QCSnleeKu/+HjN72d73h8yWGGzMrc/rYwDJWcFwjIL6/pj4Tgm4OK30vJlQUz5 3gHuEDz+j42s270cv6dRDd9v5xpexxIOXyHzruFRLk4xVCnS17PGeJ4I9mJmkYxL 5GuCiMnixToobWtmrh9MX2Qjkhj81o4E+rLMvG/4yUk2kGejo/nLwgZNsSz8gN5Z gMZOYSDys2zJu6/jmxY/8MXzS3yNIJj3FxXe7w5XA0mHUuuZ/EaJsMLnlCCSRARV GpMwj1/Aj1ZSNeYplr2YwQz7lB7hp+J/vn567zBPeYQus5EAyzqzudTbSLdm8ZyL PEh85hYKLe4= =Xe05 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/):
1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8
- ========================================================================== Ubuntu Security Notice USN-4665-2 December 09, 2020
curl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. (CVE-2020-8284)
It was discovered that curl incorrectly handled FTP wildcard matchins. A remote attacker could possibly use this issue to cause curl to consume resources and crash, resulting in a denial of service. (CVE-2020-8285)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: curl 7.35.0-1ubuntu2.20+esm6 libcurl3 7.35.0-1ubuntu2.20+esm6 libcurl3-gnutls 7.35.0-1ubuntu2.20+esm6 libcurl3-nss 7.35.0-1ubuntu2.20+esm6
Ubuntu 12.04 ESM: curl 7.22.0-3ubuntu4.29 libcurl3 7.22.0-3ubuntu4.29 libcurl3-gnutls 7.22.0-3ubuntu4.29 libcurl3-nss 7.22.0-3ubuntu4.29
In general, a standard system update will make all the necessary changes.
CVE-2020-8177
sn reported that curl could be tricked by a malicious server into
overwriting a local file when using th -J (--remote-header-name) and
-i (--include) options in the same command line.
CVE-2020-8231
Marc Aldorasi reported that libcurl might use the wrong connection
when an application using libcurl's multi API sets the option
CURLOPT_CONNECT_ONLY, which could lead to information leaks.
CVE-2020-8285
xnynx reported that libcurl could run out of stack space when using
tha FTP wildcard matching functionality (CURLOPT_CHUNK_BGN_FUNCTION).
CVE-2020-8286
It was reported that libcurl didn't verify that an OCSP response
actually matches the certificate it is intended to.
CVE-2021-22876
Viktor Szakats reported that libcurl does not strip off user
credentials from the URL when automatically populating the Referer
HTTP request header field in outgoing HTTP requests.
CVE-2021-22890
Mingtao Yang reported that, when using an HTTPS proxy and TLS 1.3,
libcurl could confuse session tickets arriving from the HTTPS proxy
as if they arrived from the remote server instead. This could allow
an HTTPS proxy to trick libcurl into using the wrong session ticket
for the host and thereby circumvent the server TLS certificate check.
For the stable distribution (buster), these problems have been fixed in version 7.64.0-4+deb10u2.
We recommend that you upgrade your curl packages.
For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAmBkQCoACgkQbwzL4CFi Ryg6Gg/+LqhhJ8+D7skevVkYzxHzdH2yT/XMeoYp0D37yHmEfH9PyjXwfplG+XEw /xwFRBK8qxD1ja+rQddYyeTvi1OMnMgMS3UsRHlfeMnLxh2+oHnvHDYG848npUEZ Rq4YFoc/n9YTAJZP/G4oiuBeXqH2Sqa5hSNT6VrYfRciCxkYnzA78b85KpI8aYyR lhfiJMNpwrqDbt/QzblpELBkGMIV402VeiqDwHfcVzm2E810xXQNLvPMbWtvDYkA TSrNsdqfuFr1tuQSZY6CGSWEyXtB/tOo8+pvUixlJMBWJMl5TXEcJkD5ckehx0yb C3n9yapfklxHiG9lD4zwwIJDqd3Y4SxdDiSlUC4OhdvpwniMygX0S3ICaPA4iac/ cWanml0Fop3OmRy+vQURTd3sADoT5HoRSUXZVU+HdTrRaEt2xs5okZkWSd3yr4Ux i+HgjUAFkkk8DLRB68Bbpx1LGxFGQT7L8yd4wsWINXlzASIP1A5dnNfE5w0VWOHG 3KDq47wNfjuiZC8GXW+HQCxz5MijnS8Y/Egl0OozNFDwEitNBZEsIjpZaZBdZIwi UFfcK7+u/y/TRY54rA4erkdcHFwpYW5EZVGdb7Z+WPWVlzw0ImXrM68LSAhHQaqW 1Hx4VwwwTsMIPnrx2kriRiiDPOW1r5Kip3yHa+QZLedSRGibQWk= =001T -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-1277",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "curl",
"scope": "lte",
"trust": 1.0,
"vendor": "haxx",
"version": "7.73.0"
},
{
"model": "hci storage node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "universal forwarder",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "9.0.0"
},
{
"model": "m10-4s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "sinec infrastructure network services",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.6"
},
{
"model": "hci bootstrap os",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "communications billing and revenue management",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.0.0.3.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.58"
},
{
"model": "macos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "11.2"
},
{
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "communications cloud native core policy",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "1.14.0"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"model": "m12-2s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "m12-2s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "universal forwarder",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "9.0.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "m12-2",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
},
{
"model": "essbase",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "21.2"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.6"
},
{
"model": "m10-4",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
},
{
"model": "macos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "11.0.1"
},
{
"model": "m12-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
},
{
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "m12-2",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "universal forwarder",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "8.2.12"
},
{
"model": "m10-4",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "m12-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "m10-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.0"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "universal forwarder",
"scope": "eq",
"trust": 1.0,
"vendor": "splunk",
"version": "9.1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "universal forwarder",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "8.2.0"
},
{
"model": "m10-1",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp2410"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"model": "macos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "m10-4s",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp3110"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.73.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.7",
"versionStartIncluding": "10.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.14.6",
"versionStartIncluding": "10.14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:11.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.0.6",
"versionStartIncluding": "9.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.2.12",
"versionStartIncluding": "8.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "162629"
},
{
"db": "PACKETSTORM",
"id": "162837"
},
{
"db": "PACKETSTORM",
"id": "163193"
},
{
"db": "PACKETSTORM",
"id": "163188"
},
{
"db": "PACKETSTORM",
"id": "162877"
},
{
"db": "PACKETSTORM",
"id": "163789"
}
],
"trust": 0.6
},
"cve": "CVE-2020-8284",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-186409",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-8284",
"trust": 1.0,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-186409",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. HAXX Haxx curl is a set of file transfer tools that use the URL syntax to work under the command line of the Swedish Haxx (HAXX) company. The tool supports file upload and download and includes a libcurl (client URL transfer library) for program development. There is a security vulnerability in Haxx curl FTP PASV Responses. Attackers can use this vulnerability to bypass data access restrictions and obtain sensitive information through curl\u0027s FTP PASV Responses. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Bugs fixed (https://bugzilla.redhat.com/):\n\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1328 - Port fix to 5.0.z for BZ-1945168\n\n6. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages\nthat are part of the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.37 Service Pack 7 and includes bug fixes and\nenhancements. Refer to the Release Notes for information on the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity Fix(es):\n\n* curl: Use-after-free in TLS session handling when using OpenSSL TLS\nbackend (CVE-2021-22901)\n\n* httpd: NULL pointer dereference on specially crafted HTTP/2 request\n(CVE-2021-31618)\n\n* libcurl: partial password leak over DNS on HTTP redirect (CVE-2020-8169)\n\n* curl: FTP PASV command response can cause curl to connect to arbitrary\nhost (CVE-2020-8284)\n\n* curl: Malicious FTP server can trigger stack overflow when\nCURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285)\n\n* curl: Inferior OCSP verification (CVE-2020-8286)\n\n* curl: Leak of authentication credentials in URL via automatic Referer\n(CVE-2021-22876)\n\n* curl: TLS 1.3 session ticket mix-up with HTTPS proxy host\n(CVE-2021-22890)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. Bugs fixed (https://bugzilla.redhat.com/):\n\n1847916 - CVE-2020-8169 libcurl: partial password leak over DNS on HTTP redirect\n1902667 - CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host\n1902687 - CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used\n1906096 - CVE-2020-8286 curl: Inferior OCSP verification\n1941964 - CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer\n1941965 - CVE-2021-22890 curl: TLS 1.3 session ticket mix-up with HTTPS proxy host\n1963146 - CVE-2021-22901 curl: Use-after-free in TLS session handling when using OpenSSL TLS backend\n1968013 - CVE-2021-31618 httpd: NULL pointer dereference on specially crafted HTTP/2 request\n\n5. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.2.4 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability\nengineers face as they work across a range of public and private cloud\nenvironments. \nClusters and applications are all visible and managed from a single\nconsole\u2014with security policy built in. See\nthe following Release Notes documentation, which will be updated shortly\nfor\nthis release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana\ngement_for_kubernetes/2.2/html/release_notes/\n\nSecurity fixes:\n\n* redisgraph-tls: redis: integer overflow when configurable limit for\nmaximum supported bulk input size is too big on 32-bit platforms\n(CVE-2021-21309)\n\n* console-header-container: nodejs-netmask: improper input validation of\noctal input data (CVE-2021-28092)\n\n* console-container: nodejs-is-svg: ReDoS via malicious string\n(CVE-2021-28918)\n\nBug fixes: \n\n* RHACM 2.2.4 images (BZ# 1957254)\n\n* Enabling observability for OpenShift Container Storage with RHACM 2.2 on\nOCP 4.7 (BZ#1950832)\n\n* ACM Operator should support using the default route TLS (BZ# 1955270)\n\n* The scrolling bar for search filter does not work properly (BZ# 1956852)\n\n* Limits on Length of MultiClusterObservability Resource Name (BZ# 1959426)\n\n* The proxy setup in install-config.yaml is not worked when IPI installing\nwith RHACM (BZ# 1960181)\n\n* Unable to make SSH connection to a Bitbucket server (BZ# 1966513)\n\n* Observability Thanos store shard crashing - cannot unmarshall DNS message\n(BZ# 1967890)\n\n3. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms\n1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string\n1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data\n1950832 - Enabling observability for OpenShift Container Storage with RHACM 2.2 on OCP 4.7\n1952150 - [DDF] It would be great to see all the options available for the bucket configuration and which attributes are mandatory\n1954506 - [DDF] Table does not contain data about 20 clusters. Now it\u0027s difficult to estimate CPU usage with larger clusters\n1954535 - Reinstall Submariner - No endpoints found on one cluster\n1955270 - ACM Operator should support using the default route TLS\n1956852 - The scrolling bar for search filter does not work properly\n1957254 - RHACM 2.2.4 images\n1959426 - Limits on Length of MultiClusterObservability Resource Name\n1960181 - The proxy setup in install-config.yaml is not worked when IPI installing with RHACM. \n1963128 - [DDF] Please rename this to \"Amazon Elastic Kubernetes Service\"\n1966513 - Unable to make SSH connection to a Bitbucket server\n1967357 - [DDF] When I clicked on this yaml, I get a HTTP 404 error. \n1967890 - Observability Thanos store shard crashing - cannot unmarshal DNS message\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: OpenShift Container Platform 4.7.13 bug fix and security update\nAdvisory ID: RHSA-2021:2121-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2121\nIssue date: 2021-06-01\nCVE Names: CVE-2016-10228 CVE-2019-2708 CVE-2019-3842 \n CVE-2019-9169 CVE-2019-13012 CVE-2019-14866 \n CVE-2019-18811 CVE-2019-19523 CVE-2019-19528 \n CVE-2019-25013 CVE-2019-25032 CVE-2019-25034 \n CVE-2019-25035 CVE-2019-25036 CVE-2019-25037 \n CVE-2019-25038 CVE-2019-25039 CVE-2019-25040 \n CVE-2019-25041 CVE-2019-25042 CVE-2020-0431 \n CVE-2020-8231 CVE-2020-8284 CVE-2020-8285 \n CVE-2020-8286 CVE-2020-8927 CVE-2020-9948 \n CVE-2020-9951 CVE-2020-9983 CVE-2020-10543 \n CVE-2020-10878 CVE-2020-11608 CVE-2020-12114 \n CVE-2020-12362 CVE-2020-12464 CVE-2020-13434 \n CVE-2020-13543 CVE-2020-13584 CVE-2020-13776 \n CVE-2020-14314 CVE-2020-14344 CVE-2020-14345 \n CVE-2020-14346 CVE-2020-14347 CVE-2020-14356 \n CVE-2020-14360 CVE-2020-14361 CVE-2020-14362 \n CVE-2020-14363 CVE-2020-15358 CVE-2020-15437 \n CVE-2020-15586 CVE-2020-16845 CVE-2020-24330 \n CVE-2020-24331 CVE-2020-24332 CVE-2020-24394 \n CVE-2020-24977 CVE-2020-25212 CVE-2020-25284 \n CVE-2020-25285 CVE-2020-25643 CVE-2020-25659 \n CVE-2020-25704 CVE-2020-25712 CVE-2020-26116 \n CVE-2020-26137 CVE-2020-27618 CVE-2020-27619 \n CVE-2020-27783 CVE-2020-27786 CVE-2020-27835 \n CVE-2020-28196 CVE-2020-28935 CVE-2020-28974 \n CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 \n CVE-2020-35508 CVE-2020-36242 CVE-2020-36322 \n CVE-2021-0342 CVE-2021-3121 CVE-2021-3177 \n CVE-2021-3326 CVE-2021-21642 CVE-2021-21643 \n CVE-2021-21644 CVE-2021-21645 CVE-2021-23336 \n CVE-2021-25215 CVE-2021-30465 \n=====================================================================\n\n1. Summary:\n\nRed Hat OpenShift Container Platform release 4.7.13 is now available with\nupdates to packages and images that fix several bugs. \n\nThis release includes a security update for Red Hat OpenShift Container\nPlatform 4.7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.13. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2021:2122\n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nThis update fixes the following bug among others:\n\n* Previously, resources for the ClusterOperator were being created early in\nthe update process, which led to update failures when the ClusterOperator\nhad no status condition while Operators were updating. This bug fix changes\nthe timing of when these resources are created. As a result, updates can\ntake place without errors. (BZ#1959238)\n\nSecurity Fix(es):\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index\nvalidation (CVE-2021-3121)\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.13-x86_64\n\nThe image digest is\nsha256:783a2c963f35ccab38e82e6a8c7fa954c3a4551e07d2f43c06098828dd986ed4\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.13-s390x\n\nThe image digest is\nsha256:4cf44e68413acad063203e1ee8982fd01d8b9c1f8643a5b31cd7ff341b3199cd\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.13-ppc64le\n\nThe image digest is\nsha256:d47ce972f87f14f1f3c5d50428d2255d1256dae3f45c938ace88547478643e36\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n- -cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n1923268 - [Assisted-4.7] [Staging] Using two both spelling \"canceled\" \"cancelled\"\n1947216 - [AWS] Missing iam:ListAttachedRolePolicies permission in permissions.go\n1953963 - Enable/Disable host operations returns cluster resource with incomplete hosts list\n1957749 - ovn-kubernetes pod should have CPU and memory requests set but not limits\n1959238 - CVO creating cloud-controller-manager too early causing upgrade failures\n1960103 - SR-IOV obliviously reboot the node\n1961941 - Local Storage Operator using LocalVolume CR fails to create PV\u0027s when backend storage failure is simulated\n1962302 - packageserver clusteroperator does not set reason or message for Available condition\n1962312 - Deployment considered unhealthy despite being available and at latest generation\n1962435 - Public DNS records were not deleted when destroying a cluster which is using byo private hosted zone\n1963115 - Test verify /run filesystem contents failing\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-10228\nhttps://access.redhat.com/security/cve/CVE-2019-2708\nhttps://access.redhat.com/security/cve/CVE-2019-3842\nhttps://access.redhat.com/security/cve/CVE-2019-9169\nhttps://access.redhat.com/security/cve/CVE-2019-13012\nhttps://access.redhat.com/security/cve/CVE-2019-14866\nhttps://access.redhat.com/security/cve/CVE-2019-18811\nhttps://access.redhat.com/security/cve/CVE-2019-19523\nhttps://access.redhat.com/security/cve/CVE-2019-19528\nhttps://access.redhat.com/security/cve/CVE-2019-25013\nhttps://access.redhat.com/security/cve/CVE-2019-25032\nhttps://access.redhat.com/security/cve/CVE-2019-25034\nhttps://access.redhat.com/security/cve/CVE-2019-25035\nhttps://access.redhat.com/security/cve/CVE-2019-25036\nhttps://access.redhat.com/security/cve/CVE-2019-25037\nhttps://access.redhat.com/security/cve/CVE-2019-25038\nhttps://access.redhat.com/security/cve/CVE-2019-25039\nhttps://access.redhat.com/security/cve/CVE-2019-25040\nhttps://access.redhat.com/security/cve/CVE-2019-25041\nhttps://access.redhat.com/security/cve/CVE-2019-25042\nhttps://access.redhat.com/security/cve/CVE-2020-0431\nhttps://access.redhat.com/security/cve/CVE-2020-8231\nhttps://access.redhat.com/security/cve/CVE-2020-8284\nhttps://access.redhat.com/security/cve/CVE-2020-8285\nhttps://access.redhat.com/security/cve/CVE-2020-8286\nhttps://access.redhat.com/security/cve/CVE-2020-8927\nhttps://access.redhat.com/security/cve/CVE-2020-9948\nhttps://access.redhat.com/security/cve/CVE-2020-9951\nhttps://access.redhat.com/security/cve/CVE-2020-9983\nhttps://access.redhat.com/security/cve/CVE-2020-10543\nhttps://access.redhat.com/security/cve/CVE-2020-10878\nhttps://access.redhat.com/security/cve/CVE-2020-11608\nhttps://access.redhat.com/security/cve/CVE-2020-12114\nhttps://access.redhat.com/security/cve/CVE-2020-12362\nhttps://access.redhat.com/security/cve/CVE-2020-12464\nhttps://access.redhat.com/security/cve/CVE-2020-13434\nhttps://access.redhat.com/security/cve/CVE-2020-13543\nhttps://access.redhat.com/security/cve/CVE-2020-13584\nhttps://access.redhat.com/security/cve/CVE-2020-13776\nhttps://access.redhat.com/security/cve/CVE-2020-14314\nhttps://access.redhat.com/security/cve/CVE-2020-14344\nhttps://access.redhat.com/security/cve/CVE-2020-14345\nhttps://access.redhat.com/security/cve/CVE-2020-14346\nhttps://access.redhat.com/security/cve/CVE-2020-14347\nhttps://access.redhat.com/security/cve/CVE-2020-14356\nhttps://access.redhat.com/security/cve/CVE-2020-14360\nhttps://access.redhat.com/security/cve/CVE-2020-14361\nhttps://access.redhat.com/security/cve/CVE-2020-14362\nhttps://access.redhat.com/security/cve/CVE-2020-14363\nhttps://access.redhat.com/security/cve/CVE-2020-15358\nhttps://access.redhat.com/security/cve/CVE-2020-15437\nhttps://access.redhat.com/security/cve/CVE-2020-15586\nhttps://access.redhat.com/security/cve/CVE-2020-16845\nhttps://access.redhat.com/security/cve/CVE-2020-24330\nhttps://access.redhat.com/security/cve/CVE-2020-24331\nhttps://access.redhat.com/security/cve/CVE-2020-24332\nhttps://access.redhat.com/security/cve/CVE-2020-24394\nhttps://access.redhat.com/security/cve/CVE-2020-24977\nhttps://access.redhat.com/security/cve/CVE-2020-25212\nhttps://access.redhat.com/security/cve/CVE-2020-25284\nhttps://access.redhat.com/security/cve/CVE-2020-25285\nhttps://access.redhat.com/security/cve/CVE-2020-25643\nhttps://access.redhat.com/security/cve/CVE-2020-25659\nhttps://access.redhat.com/security/cve/CVE-2020-25704\nhttps://access.redhat.com/security/cve/CVE-2020-25712\nhttps://access.redhat.com/security/cve/CVE-2020-26116\nhttps://access.redhat.com/security/cve/CVE-2020-26137\nhttps://access.redhat.com/security/cve/CVE-2020-27618\nhttps://access.redhat.com/security/cve/CVE-2020-27619\nhttps://access.redhat.com/security/cve/CVE-2020-27783\nhttps://access.redhat.com/security/cve/CVE-2020-27786\nhttps://access.redhat.com/security/cve/CVE-2020-27835\nhttps://access.redhat.com/security/cve/CVE-2020-28196\nhttps://access.redhat.com/security/cve/CVE-2020-28935\nhttps://access.redhat.com/security/cve/CVE-2020-28974\nhttps://access.redhat.com/security/cve/CVE-2020-29361\nhttps://access.redhat.com/security/cve/CVE-2020-29362\nhttps://access.redhat.com/security/cve/CVE-2020-29363\nhttps://access.redhat.com/security/cve/CVE-2020-35508\nhttps://access.redhat.com/security/cve/CVE-2020-36242\nhttps://access.redhat.com/security/cve/CVE-2020-36322\nhttps://access.redhat.com/security/cve/CVE-2021-0342\nhttps://access.redhat.com/security/cve/CVE-2021-3121\nhttps://access.redhat.com/security/cve/CVE-2021-3177\nhttps://access.redhat.com/security/cve/CVE-2021-3326\nhttps://access.redhat.com/security/cve/CVE-2021-21642\nhttps://access.redhat.com/security/cve/CVE-2021-21643\nhttps://access.redhat.com/security/cve/CVE-2021-21644\nhttps://access.redhat.com/security/cve/CVE-2021-21645\nhttps://access.redhat.com/security/cve/CVE-2021-23336\nhttps://access.redhat.com/security/cve/CVE-2021-25215\nhttps://access.redhat.com/security/cve/CVE-2021-30465\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYLXBgdzjgjWX9erEAQiYKw/+MeUvVzbi9kHuo6vE8J9xEQCvgpJtLfRM\nyj4VFCt8lkWmfGmuAMd5LkvD5suav1Gu9yA6E60VvKrorV6+PDOZ8jiUyzRR+di6\nTZZ7Ji6taqaQUuf451KF39zuxYAh29pKT6mZMhmqK65jEg7uj66R8+P2p7tahaai\nKkqe6LKxNCXyVzWmc5HHkc3AJJ6vSVIuMeA6KOHpXy0vy57jZKeyb3dau0BVl/ir\nZbnbOHdTJ+7hEVV3yGwARcVgUhHDcHiSYAS+RUj7Hqx0RIFilb9RbOdoEdbauaWx\nCGIdSYmj1F4apCZuYWmhZxtQ5/Lsj7EPi+7UleyTzqgMQsqSr8kvxGe/yzfY+yAQ\n++QCSnleeKu/+HjN72d73h8yWGGzMrc/rYwDJWcFwjIL6/pj4Tgm4OK30vJlQUz5\n3gHuEDz+j42s270cv6dRDd9v5xpexxIOXyHzruFRLk4xVCnS17PGeJ4I9mJmkYxL\n5GuCiMnixToobWtmrh9MX2Qjkhj81o4E+rLMvG/4yUk2kGejo/nLwgZNsSz8gN5Z\ngMZOYSDys2zJu6/jmxY/8MXzS3yNIJj3FxXe7w5XA0mHUuuZ/EaJsMLnlCCSRARV\nGpMwj1/Aj1ZSNeYplr2YwQz7lB7hp+J/vn567zBPeYQus5EAyzqzudTbSLdm8ZyL\nPEh85hYKLe4=\n=Xe05\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Bugs fixed (https://bugzilla.redhat.com/):\n\n1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve\n1945703 - \"Guest OS Info\" availability in VMI describe is flaky\n1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster\n1963275 - migration controller null pointer dereference\n1965099 - Live Migration double handoff to virt-handler causes connection failures\n1965181 - CDI importer doesn\u0027t report AwaitingVDDK like it used to\n1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod\n1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs\n1969756 - Windows VMs fail to start on air-gapped environments\n1970372 - Virt-handler fails to verify container-disk\n1973227 - segfault in virt-controller during pdb deletion\n1974084 - 2.6.6 containers\n1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted]\n1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration\n1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner\n1982760 - [v2v] no kind VirtualMachine is registered for version \\\"kubevirt.io/v1\\\" i... \n1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with \u003c= 4.8\n\n5. ==========================================================================\nUbuntu Security Notice USN-4665-2\nDecember 09, 2020\n\ncurl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in curl. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV\n responses. (CVE-2020-8284)\n\n It was discovered that curl incorrectly handled FTP wildcard matchins. A\n remote attacker could possibly use this issue to cause curl to consume\n resources and crash, resulting in a denial of service. (CVE-2020-8285)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n curl 7.35.0-1ubuntu2.20+esm6\n libcurl3 7.35.0-1ubuntu2.20+esm6\n libcurl3-gnutls 7.35.0-1ubuntu2.20+esm6\n libcurl3-nss 7.35.0-1ubuntu2.20+esm6\n\nUbuntu 12.04 ESM:\n curl 7.22.0-3ubuntu4.29\n libcurl3 7.22.0-3ubuntu4.29\n libcurl3-gnutls 7.22.0-3ubuntu4.29\n libcurl3-nss 7.22.0-3ubuntu4.29\n\nIn general, a standard system update will make all the necessary changes. \n\nCVE-2020-8177\n\n sn reported that curl could be tricked by a malicious server into\n overwriting a local file when using th -J (--remote-header-name) and\n -i (--include) options in the same command line. \n\nCVE-2020-8231\n\n Marc Aldorasi reported that libcurl might use the wrong connection\n when an application using libcurl\u0027s multi API sets the option\n CURLOPT_CONNECT_ONLY, which could lead to information leaks. \n\nCVE-2020-8285\n\n xnynx reported that libcurl could run out of stack space when using\n tha FTP wildcard matching functionality (CURLOPT_CHUNK_BGN_FUNCTION). \n\nCVE-2020-8286\n\n It was reported that libcurl didn\u0027t verify that an OCSP response\n actually matches the certificate it is intended to. \n\nCVE-2021-22876\n\n Viktor Szakats reported that libcurl does not strip off user\n credentials from the URL when automatically populating the Referer\n HTTP request header field in outgoing HTTP requests. \n\nCVE-2021-22890\n\n Mingtao Yang reported that, when using an HTTPS proxy and TLS 1.3,\n libcurl could confuse session tickets arriving from the HTTPS proxy\n as if they arrived from the remote server instead. This could allow\n an HTTPS proxy to trick libcurl into using the wrong session ticket\n for the host and thereby circumvent the server TLS certificate check. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.64.0-4+deb10u2. \n\nWe recommend that you upgrade your curl packages. \n\nFor the detailed security status of curl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/curl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAmBkQCoACgkQbwzL4CFi\nRyg6Gg/+LqhhJ8+D7skevVkYzxHzdH2yT/XMeoYp0D37yHmEfH9PyjXwfplG+XEw\n/xwFRBK8qxD1ja+rQddYyeTvi1OMnMgMS3UsRHlfeMnLxh2+oHnvHDYG848npUEZ\nRq4YFoc/n9YTAJZP/G4oiuBeXqH2Sqa5hSNT6VrYfRciCxkYnzA78b85KpI8aYyR\nlhfiJMNpwrqDbt/QzblpELBkGMIV402VeiqDwHfcVzm2E810xXQNLvPMbWtvDYkA\nTSrNsdqfuFr1tuQSZY6CGSWEyXtB/tOo8+pvUixlJMBWJMl5TXEcJkD5ckehx0yb\nC3n9yapfklxHiG9lD4zwwIJDqd3Y4SxdDiSlUC4OhdvpwniMygX0S3ICaPA4iac/\ncWanml0Fop3OmRy+vQURTd3sADoT5HoRSUXZVU+HdTrRaEt2xs5okZkWSd3yr4Ux\ni+HgjUAFkkk8DLRB68Bbpx1LGxFGQT7L8yd4wsWINXlzASIP1A5dnNfE5w0VWOHG\n3KDq47wNfjuiZC8GXW+HQCxz5MijnS8Y/Egl0OozNFDwEitNBZEsIjpZaZBdZIwi\nUFfcK7+u/y/TRY54rA4erkdcHFwpYW5EZVGdb7Z+WPWVlzw0ImXrM68LSAhHQaqW\n1Hx4VwwwTsMIPnrx2kriRiiDPOW1r5Kip3yHa+QZLedSRGibQWk=\n=001T\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8284"
},
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "PACKETSTORM",
"id": "162629"
},
{
"db": "PACKETSTORM",
"id": "162837"
},
{
"db": "PACKETSTORM",
"id": "163193"
},
{
"db": "PACKETSTORM",
"id": "163188"
},
{
"db": "PACKETSTORM",
"id": "162877"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "160436"
},
{
"db": "PACKETSTORM",
"id": "169015"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8284",
"trust": 1.9
},
{
"db": "SIEMENS",
"id": "SSA-389290",
"trust": 1.1
},
{
"db": "HACKERONE",
"id": "1040166",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "160436",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162629",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "163193",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "160706",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163197",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163496",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "160423",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186409",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162837",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "163789",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169015",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "PACKETSTORM",
"id": "162629"
},
{
"db": "PACKETSTORM",
"id": "162837"
},
{
"db": "PACKETSTORM",
"id": "163193"
},
{
"db": "PACKETSTORM",
"id": "163188"
},
{
"db": "PACKETSTORM",
"id": "162877"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "160436"
},
{
"db": "PACKETSTORM",
"id": "169015"
},
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"id": "VAR-202012-1277",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186409"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:07:50.790000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20210122-0007/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht212325"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht212326"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht212327"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-4881"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202012-14"
},
{
"trust": 1.1,
"url": "https://curl.se/docs/cve-2020-8284.html"
},
{
"trust": 1.1,
"url": "https://hackerone.com/reports/1040166"
},
{
"trust": 1.1,
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2021.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/daehe2s2qlo4ao4meeyl75nb7sah5psl/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nzuvsqhn2eshmjxnq2z7t2eelbb5hjxg/"
},
{
"trust": 0.6,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-8284"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-8286"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2020-8285"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8231"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8284"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8285"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-28196"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-15358"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-13434"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-29362"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10228"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-9169"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-26116"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-26137"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25013"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-29361"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-12362"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-27619"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-3177"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9169"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-3326"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-25013"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-2708"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-23336"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-8927"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12362"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-29363"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2708"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-10228"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-27618"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8286"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14347"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-25712"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-9951"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-3842"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13776"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24977"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-10878"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-9948"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-13012"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13434"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14363"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-13584"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14360"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-9983"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14345"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14344"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14362"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14361"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10543"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-10543"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3842"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13012"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14346"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10878"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25039"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25037"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25037"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-28935"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25034"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25035"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-14866"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25038"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14866"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25040"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25042"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25042"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25038"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25032"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25041"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25036"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25032"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-25215"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25036"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25035"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25039"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-25040"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25041"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-25034"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8231"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14346"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12114"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12114"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27835"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25704"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13776"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3121"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19528"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0431"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14345"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-18811"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13543"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13584"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19528"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12464"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14314"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14356"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27786"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25643"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24394"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-0431"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-0342"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18811"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14344"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19523"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25285"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-35508"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25212"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19523"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-28974"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15437"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25284"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11608"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11608"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12464"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22890"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8169"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22876"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12364"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14502"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12363"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-27219"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-14502"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24330"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24331"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12363"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-24332"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3114"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-12364"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-36242"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-25659"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/daehe2s2qlo4ao4meeyl75nb7sah5psl/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nzuvsqhn2eshmjxnq2z7t2eelbb5hjxg/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1610"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14347"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14360"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2136"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14314"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14356"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=securitypatches\u0026version=2.4.37"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.openssl\u0026downloadtype=securitypatches\u0026version=1.1.1g"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22876"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22890"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-31618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31618"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2471"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15358"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28165"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28092"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24330"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28163"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21309"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28918"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3543"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3501"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8648"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27170"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25692"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-2433"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3347"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27783"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21643"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21644"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2121"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2122"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21642"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23240"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3520"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23239"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3537"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33909"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3517"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3560"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20201"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3119"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25217"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20271"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28211"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33910"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4665-1"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4665-2"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/curl"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8177"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "PACKETSTORM",
"id": "162629"
},
{
"db": "PACKETSTORM",
"id": "162837"
},
{
"db": "PACKETSTORM",
"id": "163193"
},
{
"db": "PACKETSTORM",
"id": "163188"
},
{
"db": "PACKETSTORM",
"id": "162877"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "160436"
},
{
"db": "PACKETSTORM",
"id": "169015"
},
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186409"
},
{
"db": "PACKETSTORM",
"id": "162629"
},
{
"db": "PACKETSTORM",
"id": "162837"
},
{
"db": "PACKETSTORM",
"id": "163193"
},
{
"db": "PACKETSTORM",
"id": "163188"
},
{
"db": "PACKETSTORM",
"id": "162877"
},
{
"db": "PACKETSTORM",
"id": "163789"
},
{
"db": "PACKETSTORM",
"id": "160436"
},
{
"db": "PACKETSTORM",
"id": "169015"
},
{
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-14T00:00:00",
"db": "VULHUB",
"id": "VHN-186409"
},
{
"date": "2021-05-19T13:56:56",
"db": "PACKETSTORM",
"id": "162629"
},
{
"date": "2021-05-27T13:28:54",
"db": "PACKETSTORM",
"id": "162837"
},
{
"date": "2021-06-17T18:01:23",
"db": "PACKETSTORM",
"id": "163193"
},
{
"date": "2021-06-17T17:53:22",
"db": "PACKETSTORM",
"id": "163188"
},
{
"date": "2021-06-01T14:45:29",
"db": "PACKETSTORM",
"id": "162877"
},
{
"date": "2021-08-11T16:15:17",
"db": "PACKETSTORM",
"id": "163789"
},
{
"date": "2020-12-10T16:02:10",
"db": "PACKETSTORM",
"id": "160436"
},
{
"date": "2021-03-28T19:12:00",
"db": "PACKETSTORM",
"id": "169015"
},
{
"date": "2020-12-14T20:15:13.903000",
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-13T00:00:00",
"db": "VULHUB",
"id": "VHN-186409"
},
{
"date": "2024-04-08T22:50:54.947000",
"db": "NVD",
"id": "CVE-2020-8284"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2021-1610-01",
"sources": [
{
"db": "PACKETSTORM",
"id": "162629"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "163188"
}
],
"trust": 0.1
}
}
VAR-200712-0594
Vulnerability from variot - Updated: 2024-07-23 21:01Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue affects the following: - The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0 - The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publically available (CVE-2007-6388).
A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled (CVE-2007-6421).
Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM (CVE-2007-6422).
A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled (CVE-2008-0005).
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0 O/KXRt/gdgAAug5/9/aFGGA= =YkQ1 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0594",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "personal",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "appliance server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "multimedia",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.3"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.2"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.31"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition version 4"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"model": "wanbooster",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux as (v.4)"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux es (v.4)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (hosting)"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (workgroup)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10 (x64)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "11 (x64)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "8"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.60"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.39",
"versionStartIncluding": "1.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.2.6",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.61",
"versionStartIncluding": "2.0.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Software Foundation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2007-000819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-5000",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-5000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2007-000819",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue affects the following:\n- The \u0027mod_imagemap\u0027 module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0\n- The \u0027mod_imap\u0027 module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n A flaw found in the mod_status module could lead to a cross-site\n scripting attack on sites where mod_status was enabled and the status\n pages were publically available (CVE-2007-6388). \n \n A flaw found in the mod_proxy_balancer module could lead to a\n cross-site scripting attack against an authorized user on sites where\n mod_proxy_balancer was enabled (CVE-2007-6421). \n \n Another flaw in the mod_proxy_balancer module was found where,\n on sites with the module enabled, an authorized user could send a\n carefully crafted request that would cause the apache child process\n handling the request to crash, which could lead to a denial of service\n if using a threaded MPM (CVE-2007-6422). \n \n A flaw found in the mod_proxy_ftp module could lead to a cross-site\n scripting attack against web browsers which do not correctly derive\n the response character set following the rules in RFC 2616, on sites\n where the mod_proxy_ftp module was enabled (CVE-2008-0005). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0\nO/KXRt/gdgAAug5/9/aFGGA=\n=YkQ1\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5000",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "28046",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "28073",
"trust": 2.5
},
{
"db": "BID",
"id": "26838",
"trust": 2.0
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4201",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0178",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4202",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1875",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0084",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4301",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0398",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28081",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28375",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28525",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28196",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019093",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39134",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN80057925",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"id": "VAR-200712-0594",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T21:01:17.067000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 1.3.41",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41"
},
{
"title": "Fixed in Apache httpd 2.0.63",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63"
},
{
"title": "Fixed in Apache httpd 2.2.8",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8"
},
{
"title": "Revision 603282",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=603282"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht1897"
},
{
"title": "httpd-2.2.3-11.3.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94"
},
{
"title": "interstage_as_200801",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200801.html"
},
{
"title": "JVN#80057925",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-80057925.html"
},
{
"title": "HS07-042",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-042_e/index-e.html"
},
{
"title": "HPSBUX02308",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01345501"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "PK58024",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024"
},
{
"title": "PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk65782"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61015"
},
{
"title": "PK63273",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=sseqtj\u0026uid=swg1pk63273\u0026loc=en_us\u0026cs=utf-8\u0026cc=us\u0026lang=all"
},
{
"title": "7005198",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27005198#60"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227"
},
{
"title": "1205",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1205"
},
{
"title": "1224",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1224"
},
{
"title": "1221",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1221"
},
{
"title": "NV07-013",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv07-013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"title": "RHSA-2008:0007",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "233623",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"title": "TLSA-2007-56",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/tlsa-2007-56.txt"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-575-1"
},
{
"title": "Debian CVElist Bug Report Logs: apache2: CVE-2007-4465",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8a7503dd359ab44b424a9918eb8a6f66"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28046"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28073"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58074"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/26838"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019093"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28081"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28375"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28750"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/39134"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0178"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4202"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4301"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4201"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0084"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0398"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1875/references"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01345501"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39002"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39001"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9539"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4201"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4202"
},
{
"trust": 0.8,
"url": "http://jvn.jp/en/jp/jvn80057925/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5000"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.by3b3q..t.dhzu.1jro.hzoeej00"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/support.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4887"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"date": "2007-12-12T00:00:00",
"db": "BID",
"id": "26838"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"date": "2010-05-27T05:11:37",
"db": "PACKETSTORM",
"id": "89987"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2008-01-17T05:56:17",
"db": "PACKETSTORM",
"id": "62719"
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2008-02-04T18:22:06",
"db": "PACKETSTORM",
"id": "63217"
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120"
},
{
"date": "2007-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"date": "2007-12-13T18:46:00",
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-07T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"date": "2015-04-13T21:15:00",
"db": "BID",
"id": "26838"
},
{
"date": "2013-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"date": "2023-11-07T02:01:09.193000",
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\"",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.9
}
}
VAR-201504-0247
Vulnerability from variot - Updated: 2024-07-23 20:58The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. RC4 is a stream encryption algorithm with variable key length developed by American software developer Ronald Rivest. The algorithm consists of a pseudo-random number generator and an XOR operation, and supports encryption and decryption using the same key. There is a security loophole in the RC4 algorithm used in the TLS protocol and the SSL protocol. The loophole stems from the fact that the program does not correctly combine state data and key data during the initialization phase. A remote attacker can exploit this vulnerability to perform a plaintext-recovery attack on the initialization bytes in the data stream by sniffing specific network traffic and then conducting a brute force attack. HP Service Manager Software versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40
BACKGROUND
CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector
CVE-2015-2808
5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI
d=emr_na-c01345499
RESOLUTION
HPE has made the following mitigation information available to resolve the vulnerability for the impacted versions of HPE Service Manager: https://softw aresupport.hpe.com/group/softwaresupport/search-result/-/facetsearch/document /KM01566352
For versions 9.30, 9.31, 9.32, 9.33, 9.34 please:
Upgrade to SM 9.35.P4 (recommended) or SM 9.34.P5
SM9.35 P4 package, SM 9.35 AIX Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143332
SM 9.35 HP Itanium Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143206
SM 9.35 HP Itanium Server for Oracle 12c 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143388
SM 9.35 Linux Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143530
SM 9.35 Solaris Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143276
SM 9.35 Windows Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143589
SM 9.34.P5 package, AIX Server 9.34.5003 p5
https://softwaresupport.hpe.com/km/KM02310304
HP Itanium Server 9.34.5003 p5
https://softwaresupport.hpe.com/km/KM02311066
Linux Server 9.34.5003 p5
https://softwaresupport.hpe.com/km/KM02310566
Solaris Server 9.34.5003 p5
https://softwaresupport.hpe.com/km/KM02311656
Windows Server 9.34.5003 p5
https://softwaresupport.hpe.com/km/KM02310486
For version 9.35 please:
Upgrade to SM 9.35.P4
SM9.35 P4 package, SM 9.35 AIX Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143332
SM 9.35 HP Itanium Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143206
SM 9.35 HP Itanium Server for Oracle 12c 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143388
SM 9.35 Linux Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143530
SM 9.35 Solaris Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143276
SM 9.35 Windows Server 9.35.4001 p4
https://softwaresupport.hpe.com/km/KM02143589
For version 9.40 please:
Upgrade to SM 9.41.P3
SM9.41.P3 package, Service Manager 9.41.3016 p3 - Server for AIX
https://softwaresupport.hpe.com/km/KM02236813
Service Manager 9.41.3016 p3 - Server for HP-UX/IA
https://softwaresupport.hpe.com/km/KM02236897
Service Manager 9.41.3016 p3 - Server for Linux
https://softwaresupport.hpe.com/km/KM02236827
Service Manager 9.41.3016 p3 - Server for Solaris
https://softwaresupport.hpe.com/km/KM02236843
Service Manager 9.41.3016 p3 - Server for Windows
https://softwaresupport.hpe.com/km/KM02236929
HISTORY Version:1 (rev.1) - 1 July 2016 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04773004
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04773004 Version: 1
HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2015-08-25 Last Updated: 2015-08-25
Potential Security Impact: Remote unauthorized modification, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in HP Integration Adaptor.
- The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification.
- The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information.
References:
CVE-2015-4000 - "Logjam" CVE-2015-2808 - "Bar Mitzvah" SSRT102214
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Integration Adaptor v9.12.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2015-2808 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following mitigation information available to resolve the vulnerability for the impacted versions of HP Integration Adaptor.
Please consult HP Software Support Online (SSO):
https://softwaresupport.hp.com/group/softwaresupport/search-result/-/face
tsearch/document/KM01763510?lang=en&cc=us&hpappid=113963_OSP_PRO_HPE
HISTORY Version:1 (rev.1) - 25 August 2015 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Customers unable to apply the update should contact HPE Support to discuss options. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2015:1230-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1230.html Issue date: 2015-07-15 CVE Names: CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
- Description:
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)
A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748)
It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601)
A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808)
Note: With this update, OpenJDK now disables RC4 SSL/TLS cipher suites by default to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug 1207101, linked to in the References section, for additional details about this change.
A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000)
Note: This update forces the TLS/SSL client implementation in OpenJDK to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Refer to Red Hat Bugzilla bug 1223211, linked to in the References section, for additional details about this change.
It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749)
Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632)
A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625)
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1207101 - CVE-2015-2808 SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher 1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks 1241965 - CVE-2015-2625 OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694) 1242019 - CVE-2015-2601 OpenJDK: non-constant time comparisons in crypto code (JCE, 8074865) 1242232 - CVE-2015-2628 OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376) 1242234 - CVE-2015-4731 OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397) 1242240 - CVE-2015-4732 OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405) 1242275 - CVE-2015-4733 OpenJDK: RemoteObjectInvocationHandler allows calling finalize() (RMI, 8076409) 1242281 - CVE-2015-4748 OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374) 1242372 - CVE-2015-2621 OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853) 1242379 - CVE-2015-4749 OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378) 1242394 - CVE-2015-2632 ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520) 1242447 - CVE-2015-4760 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715) 1243139 - CVE-2015-2590 OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.src.rpm
i386: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.i386.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.src.rpm
i386: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.i386.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.i386.rpm
x86_64: java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2015-2590 https://access.redhat.com/security/cve/CVE-2015-2601 https://access.redhat.com/security/cve/CVE-2015-2621 https://access.redhat.com/security/cve/CVE-2015-2625 https://access.redhat.com/security/cve/CVE-2015-2628 https://access.redhat.com/security/cve/CVE-2015-2632 https://access.redhat.com/security/cve/CVE-2015-2808 https://access.redhat.com/security/cve/CVE-2015-4000 https://access.redhat.com/security/cve/CVE-2015-4731 https://access.redhat.com/security/cve/CVE-2015-4732 https://access.redhat.com/security/cve/CVE-2015-4733 https://access.redhat.com/security/cve/CVE-2015-4748 https://access.redhat.com/security/cve/CVE-2015-4749 https://access.redhat.com/security/cve/CVE-2015-4760 https://access.redhat.com/security/updates/classification/#important https://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11 https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFVpljRXlSAg2UNWIIRAl93AJ0bTWDExJ3gT6Vf3jj7gLWm1931JQCfSHwy geoA6gBwA56Ep9ZcHnUCxAU= =qQgk -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0247",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "communications application session controller",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.9.0"
},
{
"model": "sparc enterprise m5000",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp"
},
{
"model": "s5720ei",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c03"
},
{
"model": "s5720hi",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "s5700s-li",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "satellite",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "s6700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "oceanstor cse",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "satellite",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.9.0"
},
{
"model": "s5700hi",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5800t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s2600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "s12700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "integrated lights out manager",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.0.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.1.3.0.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.2.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "manager",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "1.7"
},
{
"model": "s5700ei",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "policy center",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c10"
},
{
"model": "sparc enterprise m3000",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp_1121"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "communications policy management",
"scope": "lt",
"trust": 1.0,
"vendor": "oracle",
"version": "9.9.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "oceanstor replicationdirector",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "sparc enterprise m5000",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp_1121"
},
{
"model": "sparc enterprise m9000",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "11.1.1.7.0"
},
{
"model": "oceanstor 18800f",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "oceanstor 18500",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "s7700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "15.04"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "linux enterprise debuginfo",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "s5700li",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "s2750",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "9700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "s5700si",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c02"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "12"
},
{
"model": "oceanstor 9000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s6800t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "s3700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "integrated lights out manager",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.2.11"
},
{
"model": "quidway s9300",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "communications application session controller",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.0.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "integrated lights out manager",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0.4"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "e6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c04"
},
{
"model": "s2700",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "12.2.1.1.0"
},
{
"model": "sparc enterprise m9000",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp_1121"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "s5710hi",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "sparc enterprise m4000",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp_1121"
},
{
"model": "sparc enterprise m8000",
"scope": "lt",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp_1121"
},
{
"model": "e9000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5500t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "integrated lights out manager",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "4.0.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "smc2.0",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r002c01"
},
{
"model": "linux enterprise software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "oceanstor vis6600t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "s5710ei",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor 18800",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "ultravr",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "sparc enterprise m3000",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "policy center",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v100r003c00"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "sparc enterprise m4000",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp"
},
{
"model": "sparc enterprise m8000",
"scope": "gte",
"trust": 1.0,
"vendor": "fujitsu",
"version": "xcp"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "oceanstor hvs85t",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "te60",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.4",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.11",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.9.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_policy_management:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.9.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:sparc_enterprise_m3000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp_1121",
"versionStartIncluding": "xcp",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:sparc_enterprise_m3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:sparc_enterprise_m4000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp_1121",
"versionStartIncluding": "xcp",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:sparc_enterprise_m4000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:sparc_enterprise_m5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp_1121",
"versionStartIncluding": "xcp",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:sparc_enterprise_m5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:sparc_enterprise_m8000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp_1121",
"versionStartIncluding": "xcp",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:sparc_enterprise_m8000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fujitsu:sparc_enterprise_m9000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "xcp_1121",
"versionStartIncluding": "xcp",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:fujitsu:sparc_enterprise_m9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:e6000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:e6000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:e9000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:e9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_18500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_18500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_18800_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_18800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_18800f_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_18800f:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_9000_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_cse_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_cse:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_hvs85t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_hvs85t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_s2600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_s2600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_s5500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_s5500t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_s5600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_s5600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_s5800t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_s5800t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_s6800t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_s6800t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:oceanstor_vis6600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:oceanstor_vis6600t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:quidway_s9300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:quidway_s9300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:9700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:9700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s3700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700ei_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700ei:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700hi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700si_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700si:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5710ei_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5710ei:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5710hi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5710hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s2750_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s2750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700li_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700li:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5700s-li_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5700s-li:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5720hi_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5720hi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:s5720ei_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:s5720ei:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:huawei:policy_center:v100r003c10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:policy_center:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:smc2.0:v100r002c01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:smc2.0:v100r002c02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:smc2.0:v100r002c03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:smc2.0:v100r002c04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:ultravr:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:huawei:oceanstor_replicationdirector:v100r003c00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:cognos_metrics_manager:10.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:cognos_metrics_manager:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:cognos_metrics_manager:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "137746"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "132593"
},
{
"db": "PACKETSTORM",
"id": "136248"
}
],
"trust": 0.4
},
"cve": "CVE-2015-2808",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-80769",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2808",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-80769",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue. RC4 is a stream encryption algorithm with variable key length developed by American software developer Ronald Rivest. The algorithm consists of a pseudo-random number generator and an XOR operation, and supports encryption and decryption using the same key. There is a security loophole in the RC4 algorithm used in the TLS protocol and the SSL protocol. The loophole stems from the fact that the program does not correctly combine state data and key data during the initialization phase. A remote attacker can exploit this vulnerability to perform a plaintext-recovery attack on the initialization bytes in the data stream by sniffing specific network traffic and then conducting a brute force attack. \nHP Service Manager Software versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40\n\nBACKGROUND\n\n CVSS Base Metrics\n =================\n Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n CVE-2015-2808\n 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n Information on CVSS is documented in\n HPE Customer Notice HPSN-2008-002 here:\n\n https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay/?docI\nd=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following mitigation information available to resolve the\nvulnerability for the impacted versions of HPE Service Manager: https://softw\naresupport.hpe.com/group/softwaresupport/search-result/-/facetsearch/document\n/KM01566352\n\nFor versions 9.30, 9.31, 9.32, 9.33, 9.34 please:\n\nUpgrade to SM 9.35.P4 (recommended) or SM 9.34.P5\n\nSM9.35 P4 package, SM 9.35 AIX Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143332\n\nSM 9.35 HP Itanium Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143206\n\nSM 9.35 HP Itanium Server for Oracle 12c 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143388\n\nSM 9.35 Linux Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143530\n\nSM 9.35 Solaris Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143276\n\nSM 9.35 Windows Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143589\n\nSM 9.34.P5 package, AIX Server 9.34.5003 p5\n\nhttps://softwaresupport.hpe.com/km/KM02310304\n\nHP Itanium Server 9.34.5003 p5\n\nhttps://softwaresupport.hpe.com/km/KM02311066\n\nLinux Server 9.34.5003 p5\n\nhttps://softwaresupport.hpe.com/km/KM02310566\n\nSolaris Server 9.34.5003 p5\n\nhttps://softwaresupport.hpe.com/km/KM02311656\n\nWindows Server 9.34.5003 p5\n\nhttps://softwaresupport.hpe.com/km/KM02310486\n\nFor version 9.35 please:\n\nUpgrade to SM 9.35.P4\n\nSM9.35 P4 package, SM 9.35 AIX Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143332\n\nSM 9.35 HP Itanium Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143206\n\nSM 9.35 HP Itanium Server for Oracle 12c 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143388\n\nSM 9.35 Linux Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143530\n\nSM 9.35 Solaris Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143276\n\nSM 9.35 Windows Server 9.35.4001 p4\n\nhttps://softwaresupport.hpe.com/km/KM02143589\n\nFor version 9.40 please:\n\nUpgrade to SM 9.41.P3\n\nSM9.41.P3 package, Service Manager 9.41.3016 p3 - Server for AIX\n\nhttps://softwaresupport.hpe.com/km/KM02236813\n\nService Manager 9.41.3016 p3 - Server for HP-UX/IA\n\nhttps://softwaresupport.hpe.com/km/KM02236897\n\nService Manager 9.41.3016 p3 - Server for Linux\n\nhttps://softwaresupport.hpe.com/km/KM02236827\n\nService Manager 9.41.3016 p3 - Server for Solaris\n\nhttps://softwaresupport.hpe.com/km/KM02236843\n\nService Manager 9.41.3016 p3 - Server for Windows\n\nhttps://softwaresupport.hpe.com/km/KM02236929\n\nHISTORY\nVersion:1 (rev.1) - 1 July 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04773004\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04773004\nVersion: 1\n\nHPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification,\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2015-08-25\nLast Updated: 2015-08-25\n\nPotential Security Impact: Remote unauthorized modification, disclosure of\ninformation\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in HP Integration\nAdaptor. \n\n - The TLS vulnerability using US export-grade 512-bit keys in\nDiffie-Hellman key exchange known as \"Logjam\" could be exploited remotely to\nallow unauthorized modification. \n - The RC4 stream cipher vulnerability in SSL/TLS known as \"Bar Mitzvah\"\ncould be exploited remotely to allow disclosure of information. \n\nReferences:\n\nCVE-2015-4000 - \"Logjam\"\nCVE-2015-2808 - \"Bar Mitzvah\"\nSSRT102214\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Integration Adaptor v9.12. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2015-4000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2015-2808 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following mitigation information available to resolve the\nvulnerability for the impacted versions of HP Integration Adaptor. \n\n Please consult HP Software Support Online (SSO):\n\n https://softwaresupport.hp.com/group/softwaresupport/search-result/-/face\ntsearch/document/KM01763510?lang=en\u0026cc=us\u0026hpappid=113963_OSP_PRO_HPE\n\nHISTORY\nVersion:1 (rev.1) - 25 August 2015 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2015 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. Customers unable to apply the update should contact\nHPE Support to discuss options. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2015:1230-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2015-1230.html\nIssue date: 2015-07-15\nCVE Names: CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 \n CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 \n CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 \n CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 \n CVE-2015-4749 CVE-2015-4760 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix multiple security issues are\nnow available for Red Hat Enterprise Linux 5. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\n\n3. Description:\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit. \n\nMultiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI\ncomponents in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass certain Java sandbox restrictions. (CVE-2015-4760,\nCVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733)\n\nA flaw was found in the way the Libraries component of OpenJDK verified\nOnline Certificate Status Protocol (OCSP) responses. An OCSP response with\nno nextUpdate date specified was incorrectly handled as having unlimited\nvalidity, possibly causing a revoked X.509 certificate to be interpreted as\nvalid. (CVE-2015-4748)\n\nIt was discovered that the JCE component in OpenJDK failed to use constant\ntime comparisons in multiple cases. An attacker could possibly use these\nflaws to disclose sensitive information by measuring the time used to\nperform operations using these non-constant time comparisons. \n(CVE-2015-2601)\n\nA flaw was found in the RC4 encryption algorithm. When using certain keys\nfor RC4 encryption, an attacker could obtain portions of the plain text\nfrom the cipher text without the knowledge of the encryption key. \n(CVE-2015-2808)\n\nNote: With this update, OpenJDK now disables RC4 SSL/TLS cipher suites by\ndefault to address the CVE-2015-2808 issue. Refer to Red Hat Bugzilla bug\n1207101, linked to in the References section, for additional details about\nthis change. \n\nA flaw was found in the way the TLS protocol composed the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenJDK to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Refer to Red Hat Bugzilla bug 1223211,\nlinked to in the References section, for additional details about this\nchange. \n\nIt was discovered that the JNDI component in OpenJDK did not handle DNS\nresolutions correctly. An attacker able to trigger such DNS errors could\ncause a Java application using JNDI to consume memory and CPU time, and\npossibly block further DNS resolution. (CVE-2015-4749)\n\nMultiple information leak flaws were found in the JMX and 2D components in\nOpenJDK. An untrusted Java application or applet could use this flaw to\nbypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632)\n\nA flaw was found in the way the JSSE component in OpenJDK performed X.509\ncertificate identity verification when establishing a TLS/SSL connection to\na host identified by an IP address. In certain cases, the certificate was\naccepted as valid if it was issued for a host name to which the IP address\nresolves rather than for the IP address. (CVE-2015-2625)\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1207101 - CVE-2015-2808 SSL/TLS: \"Invariance Weakness\" vulnerability in RC4 stream cipher\n1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks\n1241965 - CVE-2015-2625 OpenJDK: name for reverse DNS lookup used in certificate identity check (JSSE, 8067694)\n1242019 - CVE-2015-2601 OpenJDK: non-constant time comparisons in crypto code (JCE, 8074865)\n1242232 - CVE-2015-2628 OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376)\n1242234 - CVE-2015-4731 OpenJDK: improper permission checks in MBeanServerInvocationHandler (JMX, 8076397)\n1242240 - CVE-2015-4732 OpenJDK: insufficient context checks during object deserialization (Libraries, 8076405)\n1242275 - CVE-2015-4733 OpenJDK: RemoteObjectInvocationHandler allows calling finalize() (RMI, 8076409)\n1242281 - CVE-2015-4748 OpenJDK: incorrect OCSP nextUpdate checking (Libraries, 8075374)\n1242372 - CVE-2015-2621 OpenJDK: incorrect code permission checks in RMIConnectionImpl (JMX, 8075853)\n1242379 - CVE-2015-4749 OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)\n1242394 - CVE-2015-2632 ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520)\n1242447 - CVE-2015-4760 ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)\n1243139 - CVE-2015-2590 OpenJDK: deserialization issue in ObjectInputStream.readSerialData() (Libraries, 8076401)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.i386.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.i386.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-2590\nhttps://access.redhat.com/security/cve/CVE-2015-2601\nhttps://access.redhat.com/security/cve/CVE-2015-2621\nhttps://access.redhat.com/security/cve/CVE-2015-2625\nhttps://access.redhat.com/security/cve/CVE-2015-2628\nhttps://access.redhat.com/security/cve/CVE-2015-2632\nhttps://access.redhat.com/security/cve/CVE-2015-2808\nhttps://access.redhat.com/security/cve/CVE-2015-4000\nhttps://access.redhat.com/security/cve/CVE-2015-4731\nhttps://access.redhat.com/security/cve/CVE-2015-4732\nhttps://access.redhat.com/security/cve/CVE-2015-4733\nhttps://access.redhat.com/security/cve/CVE-2015-4748\nhttps://access.redhat.com/security/cve/CVE-2015-4749\nhttps://access.redhat.com/security/cve/CVE-2015-4760\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVpljRXlSAg2UNWIIRAl93AJ0bTWDExJ3gT6Vf3jj7gLWm1931JQCfSHwy\ngeoA6gBwA56Ep9ZcHnUCxAU=\n=qQgk\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2808"
},
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "PACKETSTORM",
"id": "137746"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "132593"
},
{
"db": "PACKETSTORM",
"id": "136248"
},
{
"db": "PACKETSTORM",
"id": "132698"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-80769",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2808",
"trust": 1.6
},
{
"db": "BID",
"id": "91787",
"trust": 1.1
},
{
"db": "BID",
"id": "73684",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032788",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033737",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032734",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033432",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033071",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1036222",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032708",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032868",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032990",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033072",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032910",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032858",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032600",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032599",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032707",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033386",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033415",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033431",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1033769",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10727",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10783",
"trust": 1.1
},
{
"db": "MCAFEE",
"id": "SB10163",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "133337",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "137746",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136248",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "132872",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132592",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133392",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132890",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133336",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132891",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133329",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133391",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132753",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "135172",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133344",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "136773",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133366",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132345",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201503-654",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-80769",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132593",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "132698",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "PACKETSTORM",
"id": "137746"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "132593"
},
{
"db": "PACKETSTORM",
"id": "136248"
},
{
"db": "PACKETSTORM",
"id": "132698"
},
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"id": "VAR-201504-0247",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
}
],
"trust": 0.6578776233333333
},
"last_update_date": "2024-07-23T20:58:53.769000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1230.html"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv71888"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv71892"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/73684"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/91787"
},
{
"trust": 1.1,
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034"
},
{
"trust": 1.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"trust": 1.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"trust": 1.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
},
{
"trust": 1.1,
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"trust": 1.1,
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"trust": 1.1,
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04770140"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04772190"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773119"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773241"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04773256"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04832246"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04926789"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04708650"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04711380"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05085988"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05193347"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05289935"
},
{
"trust": 1.1,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05336888"
},
{
"trust": 1.1,
"url": "https://kb.juniper.net/jsa10783"
},
{
"trust": 1.1,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098709"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04687922"
},
{
"trust": 1.1,
"url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-mantin-bar-mitzvah-attack-breaking-ssl-with-13-year-old-rc4-weakness-wp.pdf"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1006.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1007.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1020.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1021.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1091.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1228.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1229.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1241.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1242.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1243.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2015-1526.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032599"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032600"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032707"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032708"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032734"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032788"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032858"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032868"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032910"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032990"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033071"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033072"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033386"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033415"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033431"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033432"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033737"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033769"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036222"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2696-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2706-1"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.0,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10727"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"trust": 1.0,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10163"
},
{
"trust": 1.0,
"url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2808"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/security_bulletin_archive"
},
{
"trust": 0.2,
"url": "http://www.hpe.com/support/subscriber_choice"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4000"
},
{
"trust": 0.2,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
},
{
"trust": 0.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10727"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10163"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143456209711959\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143629696317098\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143818140118771\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143817899717054\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143817021313142\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144060576831314\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144069189622016\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144104565600964\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144060606031437\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144102017024820\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144059660127919\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144059703728085\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144043644216842\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=143741441012338\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144104533800819\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=144493176821532\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02236843"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02236813"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143530"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143589"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143332"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02310486"
},
{
"trust": 0.1,
"url": "https://softw"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02236827"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02310566"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02310304"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143206"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay/?doci"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143388"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02311066"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02236897"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02143276"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02311656"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hpe.com/km/km02236929"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/face"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2802"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4732"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4760"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2628"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4760"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2601"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4000"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2632"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207101#c11"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2632"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2621"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4748"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4731"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2625"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2625"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-4749"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2590"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2590"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4731"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-4748"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-2628"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "PACKETSTORM",
"id": "137746"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "132593"
},
{
"db": "PACKETSTORM",
"id": "136248"
},
{
"db": "PACKETSTORM",
"id": "132698"
},
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-80769"
},
{
"db": "PACKETSTORM",
"id": "137746"
},
{
"db": "PACKETSTORM",
"id": "133337"
},
{
"db": "PACKETSTORM",
"id": "132593"
},
{
"db": "PACKETSTORM",
"id": "136248"
},
{
"db": "PACKETSTORM",
"id": "132698"
},
{
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-01T00:00:00",
"db": "VULHUB",
"id": "VHN-80769"
},
{
"date": "2016-07-01T17:05:00",
"db": "PACKETSTORM",
"id": "137746"
},
{
"date": "2015-08-26T23:41:29",
"db": "PACKETSTORM",
"id": "133337"
},
{
"date": "2015-07-08T00:35:28",
"db": "PACKETSTORM",
"id": "132593"
},
{
"date": "2016-03-15T13:14:00",
"db": "PACKETSTORM",
"id": "136248"
},
{
"date": "2015-07-16T17:45:39",
"db": "PACKETSTORM",
"id": "132698"
},
{
"date": "2015-04-01T02:00:35.097000",
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-80769"
},
{
"date": "2023-09-07T17:15:37.500000",
"db": "NVD",
"id": "CVE-2015-2808"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136248"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP Security Bulletin HPSBGN03627 1",
"sources": [
{
"db": "PACKETSTORM",
"id": "137746"
}
],
"trust": 0.1
}
}
VAR-200707-0675
Vulnerability from variot - Updated: 2024-07-23 20:51The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". plural DNS There is a vulnerability in the implementation that makes cache poisoning attacks easier. Recent research has found a more efficient method of cash poisoning than previously known. DNS As a cache server, PC Please note that there is a possibility of attack. Cash poisoning attack forged response This is done by sending a packet. query The source port of the packet query By changing the value randomly every time, the probability of a successful cache poisoning attack can be reduced.By cash poisoning attack DNS Fake cache server DNS Information can be cached and DNS Nodes using the cache server may be directed to fake sites. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
Advisory ID: cisco-sa-20080708-dns
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
Revision 1.0
For Public Release 2008 July 08 1800 UTC (GMT)
Summary
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.
To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected.
Cisco has released free software updates that address this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.
This security advisory is being published simultaneously with announcements from other affected organizations. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages. For information about specific fixed versions, please refer to the Software Versions and Fixes section.
A device that is running Cisco IOS Software is configured to act
as a DNS server if the command "ip dns server" is present in the
configuration. This command is not enabled by default.
-
Cisco Network Registrar
All Cisco Network Registrar versions are affected, and DNS services are enabled by default.
The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button.
-
Cisco Application and Content Networking System
All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default.
ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration.
-
Cisco Global Site Selector Used in Combination with Cisco Network Registrar
The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software.
Products Confirmed Not Vulnerable +--------------------------------
Products that do not offer DNS server capabilities are not affected by this vulnerability.
The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.)
Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid.
The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:
-
Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854.
-
Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298.
-
Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930.
This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447.
Vulnerability Scoring Details +----------------------------
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss
Cisco Bugs:
-
DNS cache prone to poisoning/forged answers attacks (CSCsq21930)
-
DNS susceptible to forged query response attacks (CSCsq01298)
-
Need to make DNS implementation more resilient against forged answers (CSCso81854)
CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial
CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
(same score for the three Cisco bugs listed above.)
Impact
Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
Cisco IOS Software +-----------------
Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table.
+----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+
Cisco Network Registrar +----------------------
+---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+
Cisco Network Registrar software is available for download at:
http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval
Cisco Application and Content Networking System +----------------------------------------------
This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008.
Cisco ACNS 5.5 software is available for download at:
http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55
Workarounds
There are no workarounds.
Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts +-------------------------------
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations +------------------------------------------------
Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.
Customers without Service Contracts +----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.
- +1 800 553 2447 (toll free from within North America)
- +1 408 526 7209 (toll call from anywhere in the world)
- e-mail: tac@cisco.com
Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.
Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings.
Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-teams@first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Jul 08, 2008 Document ID: 107064
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- . This could be used to misdirect users and services; i.e. for web and email traffic (CVE-2008-1447).
This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
Updated Packages:
Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9 J7qxrU208lhOcIjhtq8FWX8= =91dV -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2008-0014 Synopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. Issue date: 2008-08-29 Updated on: 2008-08-29 (initial release of advisory) CVE numbers: CVE-2008-2101 CVE-2007-5269 CVE-2008-1447 CVE-2008-3691 CVE-2008-3692 CVE-2008-3693 CVE-2008-3694 CVE-2008-3695 CVE-2007-5438 CVE-2008-3696 CVE-2008-3697 CVE-2008-3698 CVE-2008-1806 CVE-2008-1807 CVE-2008-1808 CVE-2007-5503
-
Summary
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
-
Relevant releases
VMware Workstation 6.0.4 and earlier, VMware Workstation 5.5.7 and earlier, VMware Player 2.0.4 and earlier, VMware Player 1.0.7 and earlier, VMware ACE 2.0.4 and earlier, VMware ACE 1.0.6 and earlier, VMware Server 1.0.6 and earlier,
VMware ESX 3.0.3 without patches ESX303-200808404-SG, ESX303-200808403-SG ESX303-200808406-SG.
VMware ESX 3.0.2 without patches ESX-1005109, ESX-1005113, ESX-1005114.
VMware ESX 3.0.1 without patches ESX-1005108, ESX-1005112, ESX-1005111, ESX-1004823, ESX-1005117.
NOTE: Hosted products VMware Workstation 5.x, VMware Player 1.x, and VMware ACE 1.x will reach end of general support 2008-11-09. Customers should plan to upgrade to the latest version of their respective products.
Extended support (Security and Bug fixes) for ESX 3.0.2 ends on 10/29/2008 and Extended support for ESX 3.0.2 Update 1 ends on 8/8/2009. Users should plan to upgrade to ESX 3.0.3 and preferably to the newest release available. Extended Support (Security and Bug fixes) for ESX 3.0.1 has ended on 2008-07-31. -
Problem Description
I Security Issues
a. Setting ActiveX killbit
Starting from this release, VMware has set the killbit on its
ActiveX controls. Setting the killbit ensures that ActiveX
controls cannot run in Internet Explorer (IE), and avoids
security issues involving ActiveX controls in IE. See the
Microsoft KB article 240797 and the related references on this
topic.
Security vulnerabilities have been reported for ActiveX controls
provided by VMware when run in IE. Under specific circumstances,
exploitation of these ActiveX controls might result in denial-of-
service or can allow running of arbitrary code when the user
browses a malicious Web site or opens a malicious file in IE
browser. An attempt to run unsafe ActiveX controls in IE might
result in pop-up windows warning the user.
Note: IE can be configured to run unsafe ActiveX controls without
prompting. VMware recommends that you retain the default
settings in IE, which prompts when unsafe actions are
requested.
Earlier, VMware had issued knowledge base articles, KB 5965318 and
KB 9078920 on security issues with ActiveX controls. To avoid
malicious scripts that exploit ActiveX controls, do not enable
unsafe ActiveX objects in your browser settings. As a best
practice, do not browse untrusted Web sites as an administrator
and do not click OK or Yes if prompted by IE to allow certain
actions.
VMware would like to thank Julien Bachmann, Shennan Wang, Shinnai,
and Michal Bucko for reporting these issues to us.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.x Windows 6.0.5 build 109488 or later
Workstation 6.x Linux not affected
Workstation 5.x Windows 5.5.8 build 108000 or later
Workstation 5.x Linux not affected
Player 2.x Windows 2.0.5 build 109488 or later
Player 2.x Linux not affected
Player 1.x Windows 1.0.8 build or later
Player 1.x Linux not affected
ACE 2.x Windows 2.0.5 build 109488 or later
ACE 1.x Windows 1.0.7 build 108880 or later
Server 1.x Windows 1.0.7 build 108231 or later
Server 1.x Linux not affected
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi not affected
ESX any ESX not affected
b. VMware ISAPI Extension Denial of Service
The Internet Server Application Programming Interface (ISAPI) is
an API that extends the functionality of Internet Information
Server (IIS). VMware uses ISAPI extensions in its Server product.
One of the ISAPI extensions provided by VMware is vulnerable to a
remote denial of service. By sending a malformed request, IIS
might shut down. IIS 6.0 restarts automatically. However, IIS 5.0
does not restart automatically when its Startup Type is set to
Manual.
VMware would like to thank the Juniper Networks J-Security
Security Research Team for reporting this issue to us.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.x Windows not affected
Workstation 6.x Linux not affected
Workstation 5.x Windows not affected
Workstation 5.x Linux not affected
Player 2.x Windows not affected
Player 2.x Linux not affected
Player 1.x Windows not affected
Player 1.x Linux not affected
ACE 2.x Windows not affected
ACE 1.x Windows not affected
Server 1.x Windows 1.0.7 build 108231 or later
Server 1.x Linux not affected
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi not affected
ESX any ESX not affected
c. OpenProcess Local Privilege Escalation on Host System
This release fixes a privilege escalation vulnerability in host
systems. Exploitation of this vulnerability allows users to run
arbitrary code on the host system with elevated privileges.
VMware would like to thank Sun Bing from McAfee, Inc. for
reporting this issue to us.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.x Windows not affected
Workstation 6.x Linux not affected
Workstation 5.x Windows 5.5.8 build 108000 or later
Workstation 5.x Linux not affected
Player 2.x Windows not affected
Player 2.x Linux not affected
Player 1.x Windows 1.0.8 build 109488 or later
Player 1.x Linux not affected
ACE 2.x Windows not affected
ACE 1.x Windows 1.0.7 build 108880 or later
Server 1.x Windows 1.0.7 build 108231 or later
Server 1.x Linux not affected
Fusion 1.x Mac OS/X not affected
ESXi 3.5 ESXi not affected
ESX any ESX not affected
d. Update to Freetype
FreeType 2.3.6 resolves an integer overflow vulnerability and other
vulnerabilities that can allow malicious users to run arbitrary code
or might cause a denial-of-service after reading a maliciously
crafted file. This release updates FreeType to 2.3.7.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.x Windows not affected
Workstation 6.x Linux 6.0.5 build 109488 or later
Workstation 5.x Windows not affected
Workstation 5.x Linux 5.5.8 build 108000 or later
Player 2.x Windows not affected
Player 2.x Linux 2.0.5 build 109488 or later
Player 1.x Windows not affected
Player 1.x Linux 1.0.8 build 108000 or later
ACE 2.x Windows not affected
ACE 1.x Windows not affected
Server 1.x Windows not affected
Server 1.x Linux 1.0.7 build 108231 or later
Fusion 1.x Mac OS/X affected, patch pending
ESXi 3.5 ESXi not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 3.0.1 ESX not affected
ESX 2.5.5 ESX affected, patch pending
ESX 2.5.4 ESX affected, patch pending
e. Update to Cairo
Cairo 1.4.12 resolves an integer overflow vulnerability that can
allow malicious users to run arbitrary code or might cause a
denial-of-service after reading a maliciously crafted PNG file.
This release updates Cairo to 1.4.14.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.x Windows not affected
Workstation 6.x Linux 6.0.5 build 109488 or later
Workstation 5.x Windows not affected
Workstation 5.x Linux not affected
Player 2.x Windows not affected
Player 2.x Linux 2.0.5 build 109488 or later
Player 1.x Windows not affected
Player 1.x Linux not affected
ACE 2.x Windows not affected
ACE 1.x Windows not affected
Server 1.x Windows not affected
Server 1.x Linux not affected
Fusion 1.x Mac OS/X affected, patch pending
ESXi 3.5 ESXi not affected
ESX any ESX not affected
f. VMware Consolidated Backup(VCB) command-line utilities may expose sensitive information
VMware Consolidated Backup command-line utilities accept the user
password through the -p command-line option. Users logged into the
service console could gain access to the username and password used
by VCB command-line utilities when such commands are running.
This patch resolves this issue by providing an alternative way of
passing the password used by VCB command-line utilities.
The following options are recommended for passing the password:
1. The password is specified in /etc/backuptools.conf
(PASSWORD=xxxxx), and -p is not used in the command line.
/etc/backuptools.conf file permissions are read/write only
for root.
2. No password is specified in /etc/backuptools.conf and the
-p option is not used in the command line. The user will be
prompted to enter a password.
ESX is not affected unless you use VCB.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= ===================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX ESX350-200806203-UG
ESX 3.0.3 ESX ESX303-200808403-SG
ESX 3.0.2 ESX ESX-1004824
ESX 3.0.1 ESX ESX-1004823
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
g. Third Party Library libpng Updated to 1.2.29
Several flaws were discovered in the way third party library
libpng handled various PNG image chunks. An attacker could
create a carefully crafted PNG image file in such a way that
it causes an application linked with libpng to crash when the
file is manipulated.
NOTE: There are multiple patches required to remediate the issue.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= ===================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi 3.5 ESXi affected, patch pending
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX ESX303-200808404-SG
ESX303-200808403-SG
ESX 3.0.2 ESX ESX-1005109 ESX-1005114 ESX-1005113
ESX 3.0.1 ESX ESX-1005112 ESX-1005108 ESX-1005111
ESX 2.5.5 ESX affected, patch pending
ESX 2.5.4 ESX affected, patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
II ESX Service Console rpm updates
a. update to bind
This update upgrades the service console rpms for bind-utils and
bind-lib to version 9.2.4-22.el3.
Version 9.2.4.-22.el3 addresses the recently discovered
vulnerability in the BIND software used for Domain Name
resolution (DNS). Of the BIND packages, VMware only ships bind-util
and bind-lib in the service console and these components by
themselves cannot be used to setup a DNS server.
VMware explicitly discourages installing applications like BIND
on the service console. In case the customer has installed BIND,
and the DNS server is configured to support recursive queries,
their ESX Server system is affected and they should replace BIND
with a patched version.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= ===================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi 3.5 ESXi not affected
ESX 3.5 ESX patch pending
ESX 3.0.3 ESX ESX303-200808406-SG
ESX 3.0.2 ESX ESX-1006356
ESX 3.0.1 ESX ESX-1005117
ESX 2.5.5 ESX patch pending
ESX 2.5.4 ESX patch pending
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
- Solution
Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.
VMware Workstation 6.0.5
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Windows binary md5sum: 46b4c54f0493f59f52ac6c2965296859
RPM Installation file for 32-bit Linux md5sum: 49ebfbd05d146ecc43262622ab746f03
tar Installation file for 32-bit Linux md5sum: 14ac93bffeee72528629d4caecc5ef37
RPM Installation file for 64-bit Linux md5sum: 0a856f1a1a31ba3c4b08bcf85d97ccf6
tar Installation file for 64-bit Linux md5sum: 3b459254069d663e9873a661bc97cf6c
VMware Workstation 5.5.8
http://www.vmware.com/download/ws/ws5.html Release notes: http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Windows binary: md5sum: 745c3250e5254eaf6e65fcfc4172070f
Compressed Tar archive for 32-bit Linux md5sum: 65a454749d15d4863401619d7ff5566e
Linux RPM version for 32-bit Linux md5sum: d80adc73b1500bdb0cb24d1b0733bcff
VMware Player 2.0.5 and 1.0.8
http://www.vmware.com/download/player/ Release notes Player 1.x: http://www.vmware.com/support/player/doc/releasenotes_player.html Release notes Player 2.0 http://www.vmware.com/support/player2/doc/releasenotes_player2.html
2.0.5 Windows binary md5sum: 60265438047259b23ff82fdfe737f969
VMware Player 2.0.5 for Linux (.rpm) md5sum: 3bc81e203e947e6ca5b55b3f33443d34
VMware Player 2.0.5 for Linux (.tar) md5sum: f499603d790edc5aa355e45b9c5eae01
VMware Player 2.0.5 - 64-bit (.rpm) md5sum: 85bc2f11d06c362feeff1a64ee5a6834
VMware Player 2.0.5 - 64-bit (.tar) md5sum: b74460bb961e88817884c7e2c0f30215
1.0.8 Windows binary md5sum: e5f927304925297a7d869f74b7b9b053
Player 1.0.8 for Linux (.rpm) md5sum: a13fdb8d72b661cefd24e7dcf6e2a990
Player 1.0.8 for Linux (.tar) md5sum: 99fbe861253eec5308d8c47938e8ad1e
VMware ACE 2.0.5
http://www.vmware.com/download/ace/ Release notes 2.0: http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
ACE Manager Server Virtual Appliance Virtual Appliance for the ACE Management Server md5sum: 41e7349f3b6568dffa23055bb629208d
ACE for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host (ACE Option Page key required for enabling ACE authoring) md5sum:46b4c54f0493f59f52ac6c2965296859
ACE Management Server for Windows ACE Management Server installation file for Windows md5sum:33a015c4b236329bcb7e12c82271c417
ACE Management Server for Red Hat Enterprise Linux 4 ACE Management Server installation file for Red Hat Enterprise Linux 4 md5sum:dc3bd89fd2285f41ed42f8b28cd5535f
ACE Management Server for SUSE Enterprise Linux 9 ACE Management Server installation file for SUSE Enterprise Linux 9 md5sum:2add6a4fc97e1400fb2f94274ce0dce0
VMware ACE 1.0.7
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html md5sum: 42d806cddb8e9f905722aeac19740f33
VMware Server 1.0.7
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server/doc/releasenotes_server.html
VMware Server for Windows 32-bit and 64-bit md5sum: 2e2ee5ebe08ae48eac5e661cad01acf6
VMware Server Windows client package md5sum: ce7d906a5a8de37cbc20db4332de1adb
VMware Server for Linux md5sum: 04f201122b16222cd58fc81ca814ff8c
VMware Server for Linux rpm md5sum: 6bae706df040c35851823bc087597d8d
Management Interface md5sum: e67489bd2f23bcd4a323d19df4e903e8
VMware Server Linux client package md5sum: 99f1107302111ffd3f766194a33d492b
ESX
ESX 3.5.0 patch ESX350-200806203-UG (VCB) http://download3.vmware.com/software/esx/ESX350-200806203-UG.zip md5sum: 3bd512dc8aa2b276f7cfd19080d193c9 http://kb.vmware.com/kb/1005896
ESX 3.0.3 patch ESX303-200808403-SG (libpng) http://download3.vmware.com/software/vi/ESX303-200808403-SG.zip md5sum: 5f1e75631e53c0e9e013acdbe657cfc7 http://kb.vmware.com/kb/1006034
ESX 3.0.3 patch ESX303-200808404-SG (libpng) http://download3.vmware.com/software/vi/ESX303-200808404-SG.zip md5sum: 65468a5b6ba105cfde1dd444d77b2df4 http://kb.vmware.com/kb/1006035
ESX 3.0.3 patch ESX303-200808406-SG (bind) http://download3.vmware.com/software/vi/ESX303-200808406-SG.zip md5sum: a11273e8d430e5784071caff673995f4 http://kb.vmware.com/kb/1006357
ESX 3.0.3 patch (VCB)
ESX 3.0.2 patch ESX-1005109 (libpng) http://download3.vmware.com/software/vi/ESX-1005109.tgz md5sum: 456d74d94317f852024aed5d3852be09 http://kb.vmware.com/kb/1005109
ESX 3.0.2 patch ESX-1005113 (libpng) http://download3.vmware.com/software/vi/ESX-1005113.tgz md5sum: 5d604f2bfd90585b9c8679f5fc8c31b7 http://kb.vmware.com/kb/1005113
ESX 3.0.2 patch ESX-1005114 (libpng) http://download3.vmware.com/software/vi/ESX-1005114.tgz md5sum: 3b6d33b334f0020131580fdd8f9b5365 http://kb.vmware.com/kb/1005114
ESX 3.0.2 patch ESX-1004824 (VCB) http://download3.vmware.com/software/vi/ESX-1004824.tgz md5sum: c72b0132c9f5d7b4cb1b9e47748a9c5b http://kb.vmware.com/kb/1004824
ESX 3.0.2 patch ESX-1006356 (bind) http://download3.vmware.com/software/vi/ESX-1006356.tgz md5sum: f0bc9d0b641954145df3986cdb1c2bab http://kb.vmware.com/kb/1006356
ESX 3.0.1 patch ESX-1005111 (libpng) http://download3.vmware.com/software/vi/ESX-1005111.tgz md5sum: 60e1be9b41070b3531c06f9a0595e24c http://kb.vmware.com/kb/1005111
ESX 3.0.1 patch ESX-1005112 (libpng) http://download3.vmware.com/software/vi/ESX-1005112.tgz md5sum: ad645cef0f9fa18bb648ba5a37074732 http://kb.vmware.com/kb/1005112
ESX 3.0.1 patch ESX-1005108 (libpng) http://download3.vmware.com/software/vi/ESX-1005108.tgz md5sum: aabc873d978f023c929ccd9a54588ea5 http://kb.vmware.com/kb/1005108
ESX 3.0.1 patch ESX-1004823 (VCB) http://download3.vmware.com/software/vi/ESX-1004823.tgz md5sum: 5ff2e8ce50c18afca76fb16c28415a59 http://kb.vmware.com/kb/1004823
ESX 3.0.1 patch ESX-1005117 (bind) http://download3.vmware.com/software/vi/ESX-1005117.tgz md5sum: 5271ecc6e36fb6f1fdf372e57891aa33 http://kb.vmware.com/kb/1005117
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3694 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3696 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3697 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503
- Change log
2008-08-29 VMSA-2008-0014 initial release
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available. Effective attack techniques against these vulnerabilities have been demonstrated. Tools and techniques have been developed that can reliably poison a domain of the attacker's choosing on most current implementations. As a result, the consensus of DNS software implementers is to implement source port randomization in their resolvers as a mitigation.
II. Impact
An attacker with the ability to conduct a successful cache poisoning attack can cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker's control.
III. Solution
Apply a patch from your vendor
Patches have been released by a number of vendors to implement source port randomization in the nameserver. Please see the Systems Affected section of Vulnerability Note VU#800113 for additional details for specific vendors.
As mentioned above, stub resolvers are also vulnerable to these attacks. Stub resolvers that will issue queries in response to attacker behavior, and may receive packets from an attacker, should be patched. System administrators should be alert for patches to client operating systems that implement port randomization in the stub resolver.
Workarounds
Restrict access Administrators, particularly those who are unable to apply a patch, can limit exposure to this vulnerability by restricting sources that can ask for recursion. Note that restricting access will still allow attackers with access to authorized hosts to exploit this vulnerability.
Filter traffic at network perimeters Because the ability to spoof IP addresses is necessary to conduct these attacks, administrators should take care to filter spoofed addresses at the network perimeter. IETF Request for Comments (RFC) documents RFC 2827, RFC 3704, and RFC 3013 describe best current practices (BCPs) for implementing this defense. It is important to understand your network's configuration and service requirements before deciding what changes are appropriate.
Run a local DNS cache In lieu of strong port randomization characteristics in a stub resolver, administrators can protect their systems by using local caching full-service resolvers, both on the client systems and on servers that are topologically close on the network to the client systems. This should be done in conjunction with the network segmentation and filtering strategies mentioned above.
Disable recursion Disable recursion on any nameserver responding to DNS requests made by untrusted systems.
Implement source port randomization Vendors that implement DNS software are encouraged to review IETF Internet Draft, "Measures for making DNS more resilient against forged answers," for additional information about implementing mitigations in their products. This document is a work in progress and may change prior to its publication as an RFC, if it is approved.
IV. References
* US-CERT Vulnerability Note VU#800113 -
<http://www.kb.cert.org/vuls/id/800113>
* US-CERT Vulnerability Note VU#484649 -
<http://www.kb.cert.org/vuls/id/484649>
* US-CERT Vulnerability Note VU#252735 -
<http://www.kb.cert.org/vuls/id/252735>
* US-CERT Vulnerability Note VU#927905 -
<http://www.kb.cert.org/vuls/id/927905>
* US-CERT Vulnerability Note VU#457875 -
<http://www.kb.cert.org/vuls/id/457875>
* Internet Draft: Measures for making DNS more resilient against forged
answers -
<http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience>
* RFC 3833 - <http://tools.ietf.org/html/rfc3833>
* RFC 2827 - <http://tools.ietf.org/html/rfc2827>
* RFC 3704 - <http://tools.ietf.org/html/rfc3704>
* RFC 3013 - <http://tools.ietf.org/html/rfc3013>
* Microsoft Security Bulletin MS08-037 -
<http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx>
* Internet Systems Consortium BIND Vulnerabilities -
<http://www.isc.org/sw/bind/bind-security.php>
US-CERT thanks Dan Kaminsky of IOActive and Paul Vixie of Internet Systems Consortium (ISC) for notifying us about this problem and for helping us to construct this advisory.
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA08-190B.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA08-190B Feedback VU#800113" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2008 by US-CERT, a government organization.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
TITLE: Red Hat update for bind
SECUNIA ADVISORY ID: SA26195
VERIFY ADVISORY: http://secunia.com/advisories/26195/
CRITICAL: Moderately critical
IMPACT: Spoofing
WHERE:
From remote
OPERATING SYSTEM: Red Hat Enterprise Linux (v. 5 server) http://secunia.com/product/13652/ Red Hat Enterprise Linux Desktop (v. 5 client) http://secunia.com/product/13653/ Red Hat Enterprise Linux Desktop Workstation (v. 5 client) http://secunia.com/product/13651/ RedHat Enterprise Linux AS 2.1 http://secunia.com/product/48/ RedHat Enterprise Linux AS 3 http://secunia.com/product/2534/ RedHat Enterprise Linux AS 4 http://secunia.com/product/4669/ RedHat Enterprise Linux ES 2.1 http://secunia.com/product/1306/ RedHat Enterprise Linux ES 3 http://secunia.com/product/2535/ RedHat Enterprise Linux ES 4 http://secunia.com/product/4668/ RedHat Enterprise Linux WS 3 http://secunia.com/product/2536/ RedHat Enterprise Linux WS 2.1 http://secunia.com/product/1044/ RedHat Enterprise Linux WS 4 http://secunia.com/product/4670/ RedHat Linux Advanced Workstation 2.1 for Itanium http://secunia.com/product/1326/
DESCRIPTION: Red Hat has issued an update for bind.
For more information: SA26152
SOLUTION: Updated packages are available from Red Hat Network. http://rhn.redhat.com
ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2007-0740.html
OTHER REFERENCES: SA26152: http://secunia.com/advisories/26152/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280) ===============================================
Ben Laurie of Google's Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).
In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
Attack Description
In order to mount an attack against a vulnerable OP, the attacker first finds the private key corresponding to the weak TLS certificate. He then sets up a website masquerading as the original OP, both for the OpenID protocol and also for HTTP/HTTPS.
There are two cases, one is where the victim is a user trying to identify themselves, in which case, even if they use HTTPS to "ensure" that the site they are visiting is indeed their provider, they will be unable to detect the substitution and will give their login credentials to the attacker.
The second case is where the victim is the Relying Party (RP). In this case, even if the RP uses TLS to connect to the OP, as is recommended for higher assurance, he will not be defended, as the vast majority of OpenID implementations do not check CRLs, and will, therefore, accept the malicious site as the true OP.
Mitigation
Mitigation is surprisingly hard. In theory the vulnerable site should revoke their weak certificate and issue a new one.
However, since the CRLs will almost certainly not be checked, this means the site will still be vulnerable to attack for the lifetime of the certificate (and perhaps beyond, depending on user behaviour). Note that shutting down the site DOES NOT prevent the attack.
Therefore mitigation falls to other parties. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted for any OP that cannot demonstrate it has never had a weak certificate.
Discussion
Normally, when security problems are encountered with a single piece of software, the responsible thing to do is to is to wait until fixes are available before making any announcement. However, as a number of examples in the past have demonstrated, this approach does not work particularly well when many different pieces of software are involved because it is necessary to coordinate a simultaneous release of the fixes, whilst hoping that the very large number of people involved will cooperate in keeping the vulnerability secret.
In the present situation, the fixes will involve considerable development work in adding CRL handling to a great many pieces of openID code. This is a far from trivial amount of work.
The fixes will also involve changes to browser preferences to ensure that CRLs are checked by default -- which many vendors have resisted for years. We are extremely pessimistic that a security vulnerability in OpenID will be seen as sufficiently important to change the browser vendors minds.
Hence, we see no value in delaying this announcement; and by making the details public as soon as possible, we believe that individuals who rely on OpenID will be better able to take their own individual steps to avoid relying upon the flawed certificates we have identified.
OpenID is at heart quite a weak protocol, when used in its most general form[1], and consequently there is very limited reliance upon its security. This means that the consequences of the combination of attacks that are now possible is nothing like as serious as might otherwise have been the case.
However, it does give an insight into the type of security disaster that may occur in the future if we do not start to take CRLs seriously, but merely stick them onto "to-do" lists or disable them in the name of tiny performance improvements.
Affected Sites
There is no central registry of OpenID systems, and so we cannot be sure that we have identified all of the weak certificates that are currently being served. The list of those we have found so far is:
openid.sun.com www.xopenid.net openid.net.nz
Notes
[1] There are ways of using OpenID that are significantly more secure than the commonly deployed scheme, I shall describe those in a separate article.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
Release Date: 2008-07-16 Last Updated: 2010-10-12
Potential Security Impact: Remote DNS cache poisoning
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2.
Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support. The patch PHNE_37865 is available from: http://itrc.hp.com
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release / Action
B.11.11 running v8.1.2 Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / BIND Depot name / Action
B.11.11 running v9.2.0 / BIND920V15.depot / Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / Action
B.11.23 running v9.2.0 / Install PHNE_37865; Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / Action
B.11.11 running v9.3.2 / Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
B.11.23 running v9.3.2 / Install revision C.9.3.2.7.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
B.11.31 running v9.3.2 / Install revision C.9.3.2.3.0 or subsequent; Remove "query-source port" and "query-source-v6 port" options in
/etc/named.conf.
Note: Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
Note: Firewall configurations may need to be adjusted to allow DNS queries from random source ports to pass. In addition,
firewalls that forward DNS queries must not replace the random source ports.
MANUAL ACTIONS: Yes - NonUpdate Remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. Check firewall settings. For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates For B.11.11 running v9.2.0 install BIND920v15.depot
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It
analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can
also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
AFFECTED VERSIONS
For BIND v8.1.2 HP-UX B.11.11 ============= InternetSrvcs.INETSVCS-RUN action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
For BIND v9.3.2 HP-UX B.11.11 ============= BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com
HP-UX B.11.23
BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com
HP-UX B.11.31
NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.3.2.7.0 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://software.hp.com
For BIND v9.2.0 HP-UX B.11.11 ============= BINDv920.INETSVCS-BIND action: install revision B.11.11.01.015 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL Contact HP Support for information on where to download depot.
HP-UX B.11.23
InternetSrvcs.INETSVCS-INETD InternetSrvcs.INETSVCS-RUN InternetSrvcs.INETSVCS2-RUN action: install patch PHNE_37865 or subsequent, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf. URL: http://itrc.hp.com
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 16 July 2008 Initial release Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2 Version:4 (rev.4) - 08 August 2008 Updated manual actions to include named.conf and firewall configuration setings Version:5 (rev.5) - 12 October 2010 Updated version for BIND v9.2.0 depot for B.11.11
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0675",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "eq",
"trust": 1.8,
"vendor": "isc",
"version": "8"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": "rtx1100",
"scope": null,
"trust": 1.1,
"vendor": "yamaha",
"version": null
},
{
"model": "rtx1500",
"scope": null,
"trust": 1.1,
"vendor": "yamaha",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "rtx2000",
"scope": null,
"trust": 1.1,
"vendor": "yamaha",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "rt300i",
"scope": null,
"trust": 1.1,
"vendor": "yamaha",
"version": null
},
{
"model": "rtx1000",
"scope": null,
"trust": 1.1,
"vendor": "yamaha",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.2.9"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "4"
},
{
"model": "ios 12.4",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluecat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "force10",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "funkwerk",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "infoblox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nixu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nominum",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.8,
"vendor": "isc",
"version": "9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5 to v10.5.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v1.1 to v2.0.2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8624el"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8624ps"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724sl"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724sl v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8724xl"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8748sl"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8748xl"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "8948xl"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9606sx/sc"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9606t"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9812t"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9816gb"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924sp"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924t/4sp"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "9924ts"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar260s v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410 v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410s v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar415s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740s"
},
{
"model": "switchblade4000",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "id gateway",
"scope": null,
"trust": 0.8,
"vendor": "internet initiative",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "xr-1100",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.2 previous version"
},
{
"model": "xr-410",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.9 previous version"
},
{
"model": "xr-410-l2",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.1 previous version"
},
{
"model": "xr-440",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.7.7 previous version"
},
{
"model": "xr-510",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.3 previous version"
},
{
"model": "xr-540",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.2 previous version"
},
{
"model": "xr-640",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.7 previous version"
},
{
"model": "xr-640-l2",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver1.6.1 previous version"
},
{
"model": "xr-730",
"scope": "eq",
"trust": 0.8,
"vendor": "century",
"version": "ver3.5.0 previous version"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "hp tru64 unix",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v 5.1b-3"
},
{
"model": "hp tru64 unix",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "v 5.1b-4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "none"
},
{
"model": "windows server 2003",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "(x64)"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "sp3"
},
{
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt100i"
},
{
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt102i"
},
{
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt103i"
},
{
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt200i"
},
{
"model": "rt series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt80i)"
},
{
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt105i"
},
{
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt105e"
},
{
"model": "rt105 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt105p)"
},
{
"model": "rt107e",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt140i"
},
{
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140e"
},
{
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140p"
},
{
"model": "rt140 series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rt140f)"
},
{
"model": "rt58i",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rta55i"
},
{
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta54i"
},
{
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta52i"
},
{
"model": "rta series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rta50i)"
},
{
"model": "rtv series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rtv700"
},
{
"model": "rtv series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtv01)"
},
{
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "(rt60w"
},
{
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtw65i"
},
{
"model": "rtw series",
"scope": "eq",
"trust": 0.8,
"vendor": "yamaha",
"version": "rtw65b)"
},
{
"model": "rtx3000",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "srt100",
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "fitelnet-e series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-e20/e30"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f40"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f80/f100/f120/f140/f1000/f2000"
},
{
"model": "ip38x series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix1000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix2000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ix3000 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "ipcom series",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "netware sp1.1",
"scope": "eq",
"trust": 0.6,
"vendor": "novell",
"version": "6.5"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows xp home sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9-1"
},
{
"model": "ios 12.3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing cyberguard tsp",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "dnsmasq",
"version": "2.35"
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "networks pmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "rt140i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"model": "rt105i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "windows server datacenter edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "netware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2"
},
{
"model": "networks screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"model": "windows server enterprise edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "ios 12.3yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "-par",
"scope": "ne",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "windows xp professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.3"
},
{
"model": "coat systems packetshaper",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "ios 12.3xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1"
},
{
"model": "networks junose p0-2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.03"
},
{
"model": "bind p6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.17"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "astaro",
"version": "7"
},
{
"model": "river systems linux",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "storage management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "ios 12.3xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "4.1.43"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.03"
},
{
"model": "rtx3000",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.4"
},
{
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "bind b3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.02"
},
{
"model": "windows xp tablet pc edition sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3"
},
{
"model": "bind b4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.3"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.0"
},
{
"model": "vitalqip sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.1"
},
{
"model": "ios 12.3xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.02"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.4"
},
{
"model": "windows server web edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.19"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "windows server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "windows advanced server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "matsumoto ruby -p229",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "ios 12.0wc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "matsumoto ruby -p115",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"model": "networks self-service ccss7",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-0"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.04"
},
{
"model": "computing cyberguard classic",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "matsumoto ruby -p286",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6.1"
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "tcp/ip services for openvms integrity",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.157.3"
},
{
"model": "ios 12.3yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "matsumoto ruby -p22",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "matsumoto ruby -p230",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.6"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1"
},
{
"model": "networks nsna switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4070"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "ios 12.1ay",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rt105p",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "bind beta",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.2"
},
{
"model": "ios 12.2by",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20070"
},
{
"model": "bind 9.5.0a7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "windows advanced server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.1"
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.03"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "networks optical software upgrade manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "8.0"
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "windows server standard edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.20"
},
{
"model": "windows datacenter server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bind 9.5.1b1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "coat systems packetshaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.4"
},
{
"model": "windows professional",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "rt102i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.7"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"model": "bind 9.5.0a6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.8"
},
{
"model": "rtv01",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "windows xp home sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "tcp/ip services for openvms integrity",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"model": "networks ensm enterprise nms",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-10.4"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "ios 12.4xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "network registar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "rta54i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.3xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "coat systems packetshaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.2"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.1"
},
{
"model": "djbdns",
"scope": "ne",
"trust": 0.3,
"vendor": "djbdns",
"version": "0"
},
{
"model": "ios 12.3ys",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "matsumoto ruby pre1",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6"
},
{
"model": "ios 12.4xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ios 12.4xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "net-dns/dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.43"
},
{
"model": "bind p7",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "windows advanced server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.4"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "windows xp media center edition sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.3"
},
{
"model": "windows xp tablet pc edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.14"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.4"
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "rt200i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.3xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server enterprise edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind 9.4.3b2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "windows server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "bind p5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "windows server standard edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows xp media center edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.1"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "rt58i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.02"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1"
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0.5"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "networks optical ambb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.4"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "coat systems ishaper",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.14"
},
{
"model": "networks junose p0-1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "nios",
"scope": "eq",
"trust": 0.3,
"vendor": "infoblox",
"version": "4"
},
{
"model": "ios 12.3yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows datacenter server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "networks optical rmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.7"
},
{
"model": "windows advanced server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.3ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ios 12.4mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind 9.5.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "networks optical application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.9"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "networks screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "windows professional sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "networks srg",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1.0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "networks optical fmbb",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.4xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2"
},
{
"model": "bind 9.3.5-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "ios 12.1ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "tru64 unix b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "ios 12.3xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind 9.5.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4xv"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4"
},
{
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "ios 12.3yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.3"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.02"
},
{
"model": "windows xp home",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.3xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "windows professional sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "rt107e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.3"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.1"
},
{
"model": "windows advanced server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "gnu/*/linux 2.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"model": "ios 12.4xz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "windows server itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6"
},
{
"model": "wanjet",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0.2"
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "srt100",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.1ex",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.047.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "ios 12.3yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "7.x"
},
{
"model": "ios 12.3xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rt103i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "windows server itanium sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "dns library pydns",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "2.3"
},
{
"model": "windows xp home sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "5.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.6"
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks multimedia comm mcs5100",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks junos 8.5.r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.01"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "windows server datacenter edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "ipod touch",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "rt80i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "ios 12.3xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3va",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.6"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.01"
},
{
"model": "networks bcm",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "200"
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "-current",
"scope": null,
"trust": 0.3,
"vendor": "openbsd",
"version": null
},
{
"model": "network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.4"
},
{
"model": "rt100i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "networks junose p0-1",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1.3"
},
{
"model": "dns one appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "infoblox",
"version": "2"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.4.3"
},
{
"model": "ios 12.4xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks self-service ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.6"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.10"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0.2"
},
{
"model": "windows xp tablet pc edition",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.4md",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"model": "windows server enterprise edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "network registar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0.1"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.01"
},
{
"model": "coat systems ishaper",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "matsumoto ruby pre4",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"model": "windows xp professional edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "x64"
},
{
"model": "nonstop server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.2"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "netware sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1.01"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "matsumoto ruby -p71",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"model": "ios 12.3bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.04"
},
{
"model": "ios 12.3yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.8"
},
{
"model": "ios 12.3yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp professional sp3",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.6.4"
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.15"
},
{
"model": "open enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.01"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.3"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.5.2"
},
{
"model": "bind 9.5.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.2"
},
{
"model": "netware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "access gateway standard edition rev a",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.7"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.3"
},
{
"model": "bind 9.5.0a5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "windows xp tablet pc edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ios 12.4xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "software vantio",
"scope": "eq",
"trust": 0.3,
"vendor": "nominum",
"version": "3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4(21)"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.5"
},
{
"model": "rta50i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "ios 12.4xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "matsumoto ruby -p230",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.11"
},
{
"model": "network registar",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.3.1.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0.2.8"
},
{
"model": "networks junose p0-7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.18"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.13"
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "windows datacenter server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.7"
},
{
"model": "windows datacenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "rt60w",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.2"
},
{
"model": "windows xp professional sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "rt57i",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "windows server itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "windows server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.1"
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "matsumoto ruby -p114",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "networks ensm enterprise nms",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "-10.5"
},
{
"model": "rt140p",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "matsumoto ruby -p287",
"scope": "ne",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.6"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
},
{
"model": "wanjet",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.2"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.02"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "matsumoto ruby -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1.4"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "3,1 rc1",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "networks self-service web centric ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "access gateway standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4.1"
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "dnsmasq",
"scope": "eq",
"trust": 0.3,
"vendor": "dnsmasq",
"version": "2.4.1"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.04"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.1"
},
{
"model": "ios 12.3yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks self-service mps",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "10000"
},
{
"model": "matsumoto ruby",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.9-2"
},
{
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.2"
},
{
"model": "tru64 unix b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1.0"
},
{
"model": "ios 12.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "networks trail manager route advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "matsumoto ruby pre2",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"model": "ios 12.4xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.2.5"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.4.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.1"
},
{
"model": "networks junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "ios 12.4xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "access gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"model": "windows datacenter server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "netware sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "netware sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing sidewinder g2",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "6.1.0.01"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "ios 12.4xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rt105e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rt140f",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "ios 12.3yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "vitalqip",
"scope": "eq",
"trust": 0.3,
"vendor": "lucent",
"version": "6.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "windows professional sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.12"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5"
},
{
"model": "rt56v",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "rtv700",
"scope": null,
"trust": 0.3,
"vendor": "yamaha",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "netware sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.5.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0"
},
{
"model": "windows xp professional",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "netware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.5"
},
{
"model": "networks junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.4"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "rtw65i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "bind p4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "gnu/*/linux 2.0-current",
"scope": null,
"trust": 0.3,
"vendor": "openwall",
"version": null
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "networks self-service wvads",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "secure name server",
"scope": "eq",
"trust": 0.3,
"vendor": "nixu",
"version": "1"
},
{
"model": "matsumoto ruby pre3",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.2"
},
{
"model": "windows server web edition sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "ios 12.2yo",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "river systems linux",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "0"
},
{
"model": "coat systems proxysg",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.8.7"
},
{
"model": "ios 12.4xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "software caching name server",
"scope": "eq",
"trust": 0.3,
"vendor": "nominum",
"version": "3"
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows xp media center edition sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "rta55i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "windows server datacenter edition itanium",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20030"
},
{
"model": "ios 12.3xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "matsumoto ruby -p72",
"scope": "ne",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.14"
},
{
"model": "coat systems proxyra",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "coat systems proxyra",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "2.3.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.5"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.5"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind 9.5.0a4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0"
},
{
"model": "3-dns",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "1.2-par",
"scope": null,
"trust": 0.3,
"vendor": "pdnsd",
"version": null
},
{
"model": "ios 12.3xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.2.4"
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks nsna switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4050"
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netware sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "6.0"
},
{
"model": "rta52i",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.0"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.11"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.02"
},
{
"model": "computing sidewinder g2",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "6.1.0.02"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.4"
},
{
"model": "windows server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ios 12.2cz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bind 9.5.0-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"model": "rtw65b",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "windows server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003x64"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netware",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "bind p3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.3"
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "ios 12.3tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.01"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "netware sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "bind -p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "net-dns/dnsmasq",
"scope": "ne",
"trust": 0.3,
"vendor": "gentoo",
"version": "2.45"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "networks junose p0-6",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.3"
},
{
"model": "windows xp media center edition sp1",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "netware sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "5.1"
},
{
"model": "windows professional sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.6"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.16"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.03"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "ios 12.3ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks self service voicexml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.4xy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "cns network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "rt140e",
"scope": "eq",
"trust": 0.3,
"vendor": "yamaha",
"version": "0"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.0.01"
},
{
"model": "windows xp professional sp2",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "-par",
"scope": "eq",
"trust": 0.3,
"vendor": "pdnsd",
"version": "1.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"model": "coat systems proxysg",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "networks optical trail manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind 9.4.2-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks adonis",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecat",
"version": "5.1.7"
},
{
"model": "computing sidewinder software",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.2.1.02"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.1.01"
},
{
"model": "windows server datacenter edition sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.0.0.04"
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "windows server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2tpc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "matsumoto ruby -p231",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.1"
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "windows server datacenter edition itanium sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1.4"
},
{
"model": "computing sidewinder",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "5.1.0.02"
},
{
"model": "matsumoto ruby -p21",
"scope": "eq",
"trust": 0.3,
"vendor": "yukihiro",
"version": "1.8.7"
},
{
"model": "bigip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.5.9"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.1"
},
{
"model": "windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dan Kaminsky",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.6
},
"cve": "CVE-2008-1447",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.4,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-1447",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-31572",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-1447",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-1447",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800113",
"trust": 0.8,
"value": "27.54"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#252735",
"trust": 0.8,
"value": "3.83"
},
{
"author": "CNNVD",
"id": "CNNVD-200807-129",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31572",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2008-1447",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". plural DNS There is a vulnerability in the implementation that makes cache poisoning attacks easier. Recent research has found a more efficient method of cash poisoning than previously known. DNS As a cache server, PC Please note that there is a possibility of attack. Cash poisoning attack forged response This is done by sending a packet. query The source port of the packet query By changing the value randomly every time, the probability of a successful cache poisoning attack can be reduced.By cash poisoning attack DNS Fake cache server DNS Information can be cached and DNS Nodes using the cache server may be directed to fake sites. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. Multiple vendors\u0027 implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. \nSuccessfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. \nThis issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache\nPoisoning Attacks\n\nAdvisory ID: cisco-sa-20080708-dns\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nRevision 1.0\n\nFor Public Release 2008 July 08 1800 UTC (GMT)\n\nSummary\n=======\n\nMultiple Cisco products are vulnerable to DNS cache poisoning attacks\ndue to their use of insufficiently randomized DNS transaction IDs and\nUDP source ports in the DNS queries that they produce, which may allow\nan attacker to more easily forge DNS answers that can poison DNS caches. \n\nTo exploit this vulnerability an attacker must be able to cause a\nvulnerable DNS server to perform recursive DNS queries. Therefore, DNS\nservers that are only authoritative, or servers where recursion is not\nallowed, are not affected. \n\nCisco has released free software updates that address this vulnerability. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. \n\nThis security advisory is being published simultaneously with\nannouncements from other affected organizations. \nProducts that process DNS messages with the RD flag set will attempt to\nanswer the question asked on behalf of the client. A product is only\naffected if using a vulnerable implementation of the DNS protocol, the\nDNS server functionality for the product is enabled, and the DNS feature\nfor the product is configured to process recursive DNS query messages. For information about specific fixed\n versions, please refer to the Software Versions and Fixes section. \n\n A device that is running Cisco IOS Software is configured to act\n as a DNS server if the command \"ip dns server\" is present in the\n configuration. This command is not enabled by default. \n\n * Cisco Network Registrar\n\n All Cisco Network Registrar versions are affected, and DNS services\n are enabled by default. \n\n The DNS server on CNR is enabled via the command-line interface\n (CLI) commands \"server dns enable start-on-reboot\" or \"dns enable\n start-on-reboot\" or via the web management interface in the Servers\n page by selecting the appropriate \"Start,\" \"Stop,\" or \"Reload\"\n button. \n\n * Cisco Application and Content Networking System\n\n All Cisco Application and Content Networking System (ACNS) versions\n are affected; DNS services are disabled by default. \n\n ACNS is configured to act as a DNS server if the command\n \"dns enable\" is present in the configuration. \n\n * Cisco Global Site Selector Used in Combination with Cisco Network\n Registrar\n\n The Cisco Global Site Selector (GSS) is affected when it is used in\n combination with Cisco Network Registrar software to provide a more\n complete DNS solution. Fixed software would come in the form of an\n update of the Cisco Network Registrar software rather than an update\n of the GSS software. \n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nProducts that do not offer DNS server capabilities are not affected by\nthis vulnerability. \n\nThe Cisco GSS by itself is not affected by this vulnerability. However,\nit is affected when it is used with Cisco Network Registrar software. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe Domain Name System is an integral part of networks that are based\non TCP/IP such as the Internet. Simply stated, the Domain Name System\nis a hierarchical database that contains mappings of hostnames and IP\naddresses. When handling\na query from a DNS client, a DNS server can look into its portion of the\nglobal DNS database (if the query is for a portion of the DNS database\nfor which the DNS server is authoritative), or it can relay the query\nto other DNS servers (if it is configured to do so and if the query\nis for a portion of the DNS database for which the DNS server is not\nauthoritative.)\n\nBecause of the processing time and bandwidth that is associated with\nhandling a DNS query, most DNS servers locally store responses that\nare received from other DNS servers. If this happens, a user who\nis trying to visit www.example.com may end up contacting the wrong web\nserver. The fundamental implementation\nweakness is that the DNS transaction ID and source port number used to\nvalidate DNS responses are not sufficiently randomized and can easily\nbe predicted, which allows an attacker to create forged responses to\nDNS queries that will match the expected values. The DNS server will\nconsider such responses to be valid. \n\nThe following Cisco products that offer DNS server functionality have\nbeen found to be susceptible to DNS cache poisoning attacks:\n\n * Cisco IOS Software: The vulnerability documented in Cisco bug ID\n CSCso81854. \n\n * Cisco Network Registrar: The vulnerability documented in Cisco\n bug ID CSCsq01298. \n\n * Cisco Application and Content Networking System (ACNS): The\n vulnerability documented in Cisco bug ID CSCsq21930. \n\nThis vulnerability has been assigned Common Vulnerabilities and\nExposures (CVE) ID CVE-2008-1447. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\nCisco Bugs:\n\n* DNS cache prone to poisoning/forged answers attacks (CSCsq21930)\n\n* DNS susceptible to forged query response attacks (CSCsq01298)\n\n* Need to make DNS implementation more resilient against forged answers\n(CSCso81854)\n\nCVSS Base Score - 6.4\n Access Vector - Network\n Access Complexity - Low\n Authentication - None\n Confidentiality Impact - None\n Integrity Impact - Partial\n Availability Impact - Partial\n\nCVSS Temporal Score - 5.3\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n(same score for the three Cisco bugs listed above.)\n\nImpact\n======\n\nSuccessful exploitation of the vulnerability described in this document\nmay result in invalid hostname-to-IP address mappings in the cache of an\naffected DNS server. This may lead users of this DNS server to contact\nthe wrong provider of network services. The ultimate impact varies\ngreatly, ranging from a simple denial of service (for example, making\nwww.example.com resolve to 127.0.0.1) to phishing and financial fraud. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult\nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine\nexposure and a complete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nCisco IOS Software\n+-----------------\n\nEach row of the Cisco IOS Software table (below) names a Cisco IOS\nSoftware release train. If a given release train is vulnerable, then\nthe earliest possible releases that contain the fix (along with the\nanticipated date of availability for each, if applicable) are listed in\nthe \"First Fixed Release\" column of the table. The \"Recommended Release\"\ncolumn indicates the releases which have fixes for all the published\nvulnerabilities at the time of this Advisory. A device running a release\nin the given train that is earlier than the release in a specific column\n(less than the First Fixed Release) is known to be vulnerable. Cisco\nrecommends upgrading to a release equal to or later than the release in\nthe \"Recommended Releases\" column of the table. \n\n+----------------------------------------+\n| Major | Availability of |\n| Release | Repaired Releases |\n|------------+---------------------------|\n| Affected | First Fixed | Recommended |\n| 12.0-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| 12.0 | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)DB | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0DB | release | |\n| | 12.0(7)DB | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)DC | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0DC | release | |\n| | 12.0(7)DC | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0S | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0ST | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0SZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.0T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.0W | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0WC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.0WT | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XE1 | |\n| | are | |\n| 12.0XE | vulnerable, | |\n| | release | |\n| | 12.0(7)XE1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.0XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XK2 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0XK | release | |\n| | 12.0(7)XK2 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0XL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.0(7)XR1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.0XR | release | |\n| | 12.0(7)XR1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.0XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.0XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.1-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.1 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.1AA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1AX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(22)AY1 | |\n| | are | |\n| 12.1AY | vulnerable, | 12.1(22) |\n| | release | EA11 |\n| | 12.1(22)AY1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1AZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1CX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(4)DB1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1DB | release | |\n| | 12.1(4)DB1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(4)DC2 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1DC | release | |\n| | 12.1(4)DC2 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.1E | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(11)EA1 | |\n| | are | |\n| 12.1EA | vulnerable, | 12.1(22) |\n| | release | EA11 |\n| | 12.1(11)EA1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1EB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.1(8a)EX | |\n| | are | |\n| 12.1EX | vulnerable, | |\n| | release | |\n| | 12.1(8a)EX | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1EY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1EZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1GA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1GB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.1T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.1XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.1(1)XC1 | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.1XC | release | |\n| | 12.1(1)XC1 | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.1XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XT | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1XZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Note: | |\n| | Releases | |\n| | prior to | |\n| | 12.1(5)YE1 | |\n| | are | 12.4(19a) |\n| 12.1YE | vulnerable, | |\n| | release | 12.4(19b) |\n| | 12.1(5)YE1 | |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.1YF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.1YJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.2-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2B | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2BC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2BW | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.2(8)BY | |\n| | are | |\n| | vulnerable, | 12.4(19a) |\n| 12.2BY | release | |\n| | 12.2(8)BY | 12.4(19b) |\n| | and later | |\n| | are not | |\n| | vulnerable; | |\n| | first fixed | |\n| | in 12.4 | |\n|------------+-------------+-------------|\n| 12.2BZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2CZ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.2DA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2DD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2DX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EWA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2EZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2FZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2IXF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2MB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2MC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2S | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SBC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SCA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SED | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SEG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SGA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SRC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SVD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SXI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2SZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.2(8) | |\n| | TPC10d are | |\n| | vulnerable, | |\n| 12.2TPC | release | |\n| | 12.2(8) | |\n| | TPC10d and | |\n| | later are | |\n| | not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.2UZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XC | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XG | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XI | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XK | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XL | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XM | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XN | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XNA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XO | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XT | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2XU | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2XV | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2XW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YD | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YE | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YH | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YJ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2YK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YL | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YM | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YN | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.2(18) |\n| | migrate to | SXF15; |\n| 12.2YO | any release | Available |\n| | in 12.2SY | on |\n| | | 08-AUG-08 |\n|------------+-------------+-------------|\n| 12.2YP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YR | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YS | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YT | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YU | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2YV | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2YW | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2YZ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.2ZC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZD | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZE | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZF | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZG | first fixed | |\n| | in 12.4T | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZH | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.2ZJ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.2ZL | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.2ZP | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.2ZYA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.3-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3 | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3B | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3BC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3BW | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3EU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JEC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JL | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.3JX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3T | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3TPC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.3VA | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XA | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XB | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XC | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XD | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XE | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XF | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XG | first fixed | |\n| | in 12.4T | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XH | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3XI | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3XJ | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XK | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XQ | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3XR | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(19a) |\n| 12.3XS | first fixed | |\n| | in 12.4 | 12.4(19b) |\n|------------+-------------+-------------|\n| 12.3XU | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3XW | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.3XY | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | | 12.4(19a) |\n| | | |\n| | Vulnerable; | 12.4(19b) |\n| 12.3YA | first fixed | |\n| | in 12.4 | 12.4(20)T; |\n| | | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YD | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | | 12.3(14) |\n| | | YX12 |\n| | Vulnerable; | |\n| 12.3YF | first fixed | 12.4(20)T; |\n| | in 12.3YX | Available |\n| | | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YG | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YH | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YI | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.3YJ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YK | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Releases | |\n| | prior to | |\n| | 12.3(14) | |\n| | YM12 are | |\n| | vulnerable, | 12.3(14) |\n| 12.3YM | release | YM12 |\n| | 12.3(14) | |\n| | YM12 and | |\n| | later are | |\n| | not | |\n| | vulnerable; | |\n|------------+-------------+-------------|\n| 12.3YQ | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YS | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.3YT | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| | Vulnerable; | |\n| 12.3YU | first fixed | |\n| | in 12.4XB | |\n|------------+-------------+-------------|\n| 12.3YX | 12.3(14) | 12.3(14) |\n| | YX12 | YX12 |\n|------------+-------------+-------------|\n| 12.3YZ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| Affected | First Fixed | Recommended |\n| 12.4-Based | Release | Release |\n| Releases | | |\n|------------+-------------+-------------|\n| | 12.4(18b) | |\n| | | |\n| | 12.4(19a) | 12.4(19a) |\n| 12.4 | | |\n| | 12.4(19b) | 12.4(19b) |\n| | | |\n| | 12.4(21) | |\n|------------+-------------+-------------|\n| 12.4JA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMA | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMB | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JMC | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4JX | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4MD | 12.4(15)MD | 12.4(15)MD |\n|------------+-------------+-------------|\n| 12.4MR | 12.4(19)MR | 12.4(19)MR |\n|------------+-------------+-------------|\n| 12.4SW | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | 12.4(15)T6 | |\n| | | 12.4(20)T; |\n| 12.4T | 12.4(20)T; | Available |\n| | Available | on |\n| | on | 11-JUL-08 |\n| | 11-JUL-08 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XA | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XB | 12.4(2)XB10 | |\n|------------+-------------+-------------|\n| 12.4XC | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| | 12.4(4) | 12.4(20)T; |\n| | XD11; | Available |\n| 12.4XD | Available | on |\n| | on | 11-JUL-08 |\n| | 31-JUL-08 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XE | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XF | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4XG | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XJ | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n|------------+-------------+-------------|\n| 12.4XK | Not | |\n| | Vulnerable | |\n|------------+-------------+-------------|\n| 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 |\n|------------+-------------+-------------|\n| 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 |\n|------------+-------------+-------------|\n| 12.4XN | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XQ | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XT | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XV | Vulnerable; | |\n| | contact TAC | |\n|------------+-------------+-------------|\n| 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 |\n|------------+-------------+-------------|\n| 12.4XY | 12.4(15)XY3 | |\n|------------+-------------+-------------|\n| | Vulnerable; | 12.4(20)T; |\n| 12.4XZ | first fixed | Available |\n| | in 12.4T | on |\n| | | 11-JUL-08 |\n+----------------------------------------+\n\nCisco Network Registrar\n+----------------------\n\n+---------------------------------------+\n| Affected | |\n| Release | First Fixed Release |\n| Train | |\n|--------------+------------------------|\n| 6.1.x | Contact TAC |\n|--------------+------------------------|\n| | 6.3.1.1 patch; |\n| 6.3.x | available mid-July |\n| | 2008 |\n|--------------+------------------------|\n| 7.0.x | 7.0.1; available in |\n| | mid-July 2008 |\n+---------------------------------------+\n\nCisco Network Registrar software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval\n\nCisco Application and Content Networking System\n+----------------------------------------------\n\nThis issue is fixed in version 5.5.11 of Cisco ACNS software. This\nrelease will be available for download from www.cisco.com in late July\n2008. \n\nCisco ACNS 5.5 software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/acns55\n\nWorkarounds\n===========\n\nThere are no workarounds. \n\nAdditional information about identification and mitigation of attacks\nagainst DNS is in the Cisco Applied Intelligence white paper \"DNS Best\nPractices, Network Protections, and Attack Identification,\" available at\nhttp://www.cisco.com/web/about/security/intelligence/dns-bcp.html. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreements with third-party support organizations, such\nas Cisco Partners, authorized resellers, or service providers should\ncontact that support organization for guidance and assistance with the\nappropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or fix\nis the most appropriate for use in the intended network before it is\ndeployed. \n\nCustomers without Service Contracts\n+----------------------------------\n\nCustomers who purchase direct from Cisco but do not hold a Cisco service\ncontract, and customers who purchase through third-party vendors but are\nunsuccessful in obtaining fixed software through their point of sale\nshould acquire upgrades by contacting the Cisco Technical Assistance\nCenter (TAC). TAC contacts are as follows. \n\n * +1 800 553 2447 (toll free from within North America)\n * +1 408 526 7209 (toll call from anywhere in the world)\n * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to a\nfree upgrade. Free upgrades for non-contract customers must be requested\nthrough the TAC. \n\nRefer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml\nfor additional TAC contact information, including localized telephone\nnumbers, and instructions and e-mail addresses for use in various\nlanguages. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. Cisco would like to\nthank Dan Kaminsky for notifying vendors about his findings. \n\nNote that vulnerability information for Cisco IOS Software is being\nprovided in this advisory outside of the announced publication schedule\nfor Cisco IOS Software described at http://www.cisco.com/go/psirt due to\nindustry-wide disclosure of the vulnerability. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-teams@first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+-----------------------------------------------------------+\n| Revision 1.0 | 2008-July-08 | Initial public release |\n+-----------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2007-2008 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Jul 08, 2008 Document ID: 107064\n\n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t\n2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC\n=XGZw\n-----END PGP SIGNATURE-----\n. This could be used to misdirect users and services;\n i.e. for web and email traffic (CVE-2008-1447). \n \n This update provides the latest stable BIND releases for all platforms\n except Corporate Server/Desktop 3.0 and MNF2, which have been patched\n to correct the issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm\n 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm\n 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm\n d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm\n c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm\n 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm\n 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm\n 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm\n 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm\n c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm\n f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm\n 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm\n 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm\n 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm\n 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Corporate 3.0:\n de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm\n 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm\n dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm\n c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm\n 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm\n 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9\nJ7qxrU208lhOcIjhtq8FWX8=\n=91dV\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0014\nSynopsis: Updates to VMware Workstation, VMware Player,\n VMware ACE, VMware Server, VMware ESX address\n information disclosure, privilege escalation and\n other security issues. \nIssue date: 2008-08-29\nUpdated on: 2008-08-29 (initial release of advisory)\nCVE numbers: CVE-2008-2101 CVE-2007-5269 CVE-2008-1447\n CVE-2008-3691 CVE-2008-3692 CVE-2008-3693\n CVE-2008-3694 CVE-2008-3695 CVE-2007-5438\n CVE-2008-3696 CVE-2008-3697 CVE-2008-3698\n CVE-2008-1806 CVE-2008-1807 CVE-2008-1808\n CVE-2007-5503\n- --------------------------------------------------------------------------\n\n1. Summary\n\n Updates to VMware Workstation, VMware Player, VMware ACE, VMware\n Server, VMware ESX address information disclosure, privilege\n escalation and other security issues. \n\n2. Relevant releases\n\n VMware Workstation 6.0.4 and earlier,\n VMware Workstation 5.5.7 and earlier,\n VMware Player 2.0.4 and earlier,\n VMware Player 1.0.7 and earlier,\n VMware ACE 2.0.4 and earlier,\n VMware ACE 1.0.6 and earlier,\n VMware Server 1.0.6 and earlier,\n\n VMware ESX 3.0.3 without patches ESX303-200808404-SG, ESX303-200808403-SG\n ESX303-200808406-SG. \n\n\n VMware ESX 3.0.2 without patches ESX-1005109, ESX-1005113,\n ESX-1005114. \n\n VMware ESX 3.0.1 without patches ESX-1005108, ESX-1005112,\n ESX-1005111, ESX-1004823,\n ESX-1005117. \n\n NOTE: Hosted products VMware Workstation 5.x, VMware Player 1.x,\n and VMware ACE 1.x will reach end of general support\n 2008-11-09. Customers should plan to upgrade to the latest\n version of their respective products. \n\n Extended support (Security and Bug fixes) for ESX 3.0.2 ends\n on 10/29/2008 and Extended support for ESX 3.0.2 Update 1\n ends on 8/8/2009. Users should plan to upgrade to ESX 3.0.3\n and preferably to the newest release available. \n\n Extended Support (Security and Bug fixes) for ESX 3.0.1 has\n ended on 2008-07-31. \n\n3. Problem Description\n\n I Security Issues\n\n a. Setting ActiveX killbit\n\n Starting from this release, VMware has set the killbit on its\n ActiveX controls. Setting the killbit ensures that ActiveX\n controls cannot run in Internet Explorer (IE), and avoids\n security issues involving ActiveX controls in IE. See the\n Microsoft KB article 240797 and the related references on this\n topic. \n\n Security vulnerabilities have been reported for ActiveX controls\n provided by VMware when run in IE. Under specific circumstances,\n exploitation of these ActiveX controls might result in denial-of-\n service or can allow running of arbitrary code when the user\n browses a malicious Web site or opens a malicious file in IE\n browser. An attempt to run unsafe ActiveX controls in IE might\n result in pop-up windows warning the user. \n\n Note: IE can be configured to run unsafe ActiveX controls without\n prompting. VMware recommends that you retain the default\n settings in IE, which prompts when unsafe actions are\n requested. \n\n Earlier, VMware had issued knowledge base articles, KB 5965318 and\n KB 9078920 on security issues with ActiveX controls. To avoid\n malicious scripts that exploit ActiveX controls, do not enable\n unsafe ActiveX objects in your browser settings. As a best\n practice, do not browse untrusted Web sites as an administrator\n and do not click OK or Yes if prompted by IE to allow certain\n actions. \n\n VMware would like to thank Julien Bachmann, Shennan Wang, Shinnai,\n and Michal Bucko for reporting these issues to us. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.x Windows 6.0.5 build 109488 or later\n Workstation 6.x Linux not affected\n Workstation 5.x Windows 5.5.8 build 108000 or later\n Workstation 5.x Linux not affected\n\n Player 2.x Windows 2.0.5 build 109488 or later\n Player 2.x Linux not affected\n Player 1.x Windows 1.0.8 build or later\n Player 1.x Linux not affected\n\n ACE 2.x Windows 2.0.5 build 109488 or later\n ACE 1.x Windows 1.0.7 build 108880 or later\n\n Server 1.x Windows 1.0.7 build 108231 or later\n Server 1.x Linux not affected\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX any ESX not affected\n\n\n b. VMware ISAPI Extension Denial of Service\n\n The Internet Server Application Programming Interface (ISAPI) is\n an API that extends the functionality of Internet Information\n Server (IIS). VMware uses ISAPI extensions in its Server product. \n\n One of the ISAPI extensions provided by VMware is vulnerable to a\n remote denial of service. By sending a malformed request, IIS\n might shut down. IIS 6.0 restarts automatically. However, IIS 5.0\n does not restart automatically when its Startup Type is set to\n Manual. \n\n VMware would like to thank the Juniper Networks J-Security\n Security Research Team for reporting this issue to us. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.x Windows not affected\n Workstation 6.x Linux not affected\n Workstation 5.x Windows not affected\n Workstation 5.x Linux not affected\n\n Player 2.x Windows not affected\n Player 2.x Linux not affected\n Player 1.x Windows not affected\n Player 1.x Linux not affected\n\n ACE 2.x Windows not affected\n ACE 1.x Windows not affected\n\n Server 1.x Windows 1.0.7 build 108231 or later\n Server 1.x Linux not affected\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX any ESX not affected\n\n c. OpenProcess Local Privilege Escalation on Host System\n\n This release fixes a privilege escalation vulnerability in host\n systems. Exploitation of this vulnerability allows users to run\n arbitrary code on the host system with elevated privileges. \n\n VMware would like to thank Sun Bing from McAfee, Inc. for\n reporting this issue to us. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.x Windows not affected\n Workstation 6.x Linux not affected\n Workstation 5.x Windows 5.5.8 build 108000 or later\n Workstation 5.x Linux not affected\n\n Player 2.x Windows not affected\n Player 2.x Linux not affected\n Player 1.x Windows 1.0.8 build 109488 or later\n Player 1.x Linux not affected\n\n ACE 2.x Windows not affected\n ACE 1.x Windows 1.0.7 build 108880 or later\n\n Server 1.x Windows 1.0.7 build 108231 or later\n Server 1.x Linux not affected\n\n Fusion 1.x Mac OS/X not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX any ESX not affected\n\n d. Update to Freetype\n\n FreeType 2.3.6 resolves an integer overflow vulnerability and other\n vulnerabilities that can allow malicious users to run arbitrary code\n or might cause a denial-of-service after reading a maliciously\n crafted file. This release updates FreeType to 2.3.7. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.x Windows not affected\n Workstation 6.x Linux 6.0.5 build 109488 or later\n Workstation 5.x Windows not affected\n Workstation 5.x Linux 5.5.8 build 108000 or later\n\n Player 2.x Windows not affected\n Player 2.x Linux 2.0.5 build 109488 or later\n Player 1.x Windows not affected\n Player 1.x Linux 1.0.8 build 108000 or later\n\n ACE 2.x Windows not affected\n ACE 1.x Windows not affected\n\n Server 1.x Windows not affected\n Server 1.x Linux 1.0.7 build 108231 or later\n\n Fusion 1.x Mac OS/X affected, patch pending\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 3.0.1 ESX not affected\n ESX 2.5.5 ESX affected, patch pending\n ESX 2.5.4 ESX affected, patch pending\n\n e. Update to Cairo\n\n Cairo 1.4.12 resolves an integer overflow vulnerability that can\n allow malicious users to run arbitrary code or might cause a\n denial-of-service after reading a maliciously crafted PNG file. \n This release updates Cairo to 1.4.14. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.x Windows not affected\n Workstation 6.x Linux 6.0.5 build 109488 or later\n Workstation 5.x Windows not affected\n Workstation 5.x Linux not affected\n\n Player 2.x Windows not affected\n Player 2.x Linux 2.0.5 build 109488 or later\n Player 1.x Windows not affected\n Player 1.x Linux not affected\n\n ACE 2.x Windows not affected\n ACE 1.x Windows not affected\n\n Server 1.x Windows not affected\n Server 1.x Linux not affected\n\n Fusion 1.x Mac OS/X affected, patch pending\n\n ESXi 3.5 ESXi not affected\n\n ESX any ESX not affected\n\n f. VMware Consolidated Backup(VCB) command-line utilities may expose\n sensitive information\n\n VMware Consolidated Backup command-line utilities accept the user\n password through the -p command-line option. Users logged into the\n service console could gain access to the username and password used\n by VCB command-line utilities when such commands are running. \n\n This patch resolves this issue by providing an alternative way of\n passing the password used by VCB command-line utilities. \n\n The following options are recommended for passing the password:\n\n 1. The password is specified in /etc/backuptools.conf\n (PASSWORD=xxxxx), and -p is not used in the command line. \n /etc/backuptools.conf file permissions are read/write only\n for root. \n\n 2. No password is specified in /etc/backuptools.conf and the\n -p option is not used in the command line. The user will be\n prompted to enter a password. \n\n ESX is not affected unless you use VCB. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= ===================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX ESX350-200806203-UG\n ESX 3.0.3 ESX ESX303-200808403-SG\n ESX 3.0.2 ESX ESX-1004824\n ESX 3.0.1 ESX ESX-1004823\n ESX 2.5.5 ESX not affected\n ESX 2.5.4 ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion\n\n g. Third Party Library libpng Updated to 1.2.29\n\n Several flaws were discovered in the way third party library\n libpng handled various PNG image chunks. An attacker could\n create a carefully crafted PNG image file in such a way that\n it causes an application linked with libpng to crash when the\n file is manipulated. \n\n NOTE: There are multiple patches required to remediate the issue. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= ===================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 3.5 ESXi affected, patch pending\n\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX ESX303-200808404-SG\n ESX303-200808403-SG\n ESX 3.0.2 ESX ESX-1005109 ESX-1005114 ESX-1005113\n ESX 3.0.1 ESX ESX-1005112 ESX-1005108 ESX-1005111\n ESX 2.5.5 ESX affected, patch pending\n ESX 2.5.4 ESX affected, patch pending\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion\n\n\n II ESX Service Console rpm updates\n\n a. update to bind\n\n This update upgrades the service console rpms for bind-utils and\n bind-lib to version 9.2.4-22.el3. \n\n Version 9.2.4.-22.el3 addresses the recently discovered\n vulnerability in the BIND software used for Domain Name\n resolution (DNS). Of the BIND packages, VMware only ships bind-util\n and bind-lib in the service console and these components by\n themselves cannot be used to setup a DNS server. \n\n VMware explicitly discourages installing applications like BIND\n on the service console. In case the customer has installed BIND,\n and the DNS server is configured to support recursive queries,\n their ESX Server system is affected and they should replace BIND\n with a patched version. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= ===================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 3.5 ESXi not affected\n\n ESX 3.5 ESX patch pending\n ESX 3.0.3 ESX ESX303-200808406-SG\n ESX 3.0.2 ESX ESX-1006356\n ESX 3.0.1 ESX ESX-1005117\n ESX 2.5.5 ESX patch pending\n ESX 2.5.4 ESX patch pending\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum of your downloaded file. \n\n VMware Workstation 6.0.5\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n\n Windows binary\n md5sum: 46b4c54f0493f59f52ac6c2965296859\n\n RPM Installation file for 32-bit Linux\n md5sum: 49ebfbd05d146ecc43262622ab746f03\n\n tar Installation file for 32-bit Linux\n md5sum: 14ac93bffeee72528629d4caecc5ef37\n\n RPM Installation file for 64-bit Linux\n md5sum: 0a856f1a1a31ba3c4b08bcf85d97ccf6\n\n tar Installation file for 64-bit Linux\n md5sum: 3b459254069d663e9873a661bc97cf6c\n\n VMware Workstation 5.5.8\n ------------------------\n http://www.vmware.com/download/ws/ws5.html\n Release notes:\n http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n\n Windows binary:\n md5sum: 745c3250e5254eaf6e65fcfc4172070f\n\n Compressed Tar archive for 32-bit Linux\n md5sum: 65a454749d15d4863401619d7ff5566e\n\n Linux RPM version for 32-bit Linux\n md5sum: d80adc73b1500bdb0cb24d1b0733bcff\n\n\n VMware Player 2.0.5 and 1.0.8\n -----------------------------\n http://www.vmware.com/download/player/\n Release notes Player 1.x:\n http://www.vmware.com/support/player/doc/releasenotes_player.html\n Release notes Player 2.0\n http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n\n 2.0.5 Windows binary\n md5sum: 60265438047259b23ff82fdfe737f969\n\n VMware Player 2.0.5 for Linux (.rpm)\n md5sum: 3bc81e203e947e6ca5b55b3f33443d34\n\n VMware Player 2.0.5 for Linux (.tar)\n md5sum: f499603d790edc5aa355e45b9c5eae01\n\n VMware Player 2.0.5 - 64-bit (.rpm)\n md5sum: 85bc2f11d06c362feeff1a64ee5a6834\n\n VMware Player 2.0.5 - 64-bit (.tar)\n md5sum: b74460bb961e88817884c7e2c0f30215\n\n 1.0.8 Windows binary\n md5sum: e5f927304925297a7d869f74b7b9b053\n\n Player 1.0.8 for Linux (.rpm)\n md5sum: a13fdb8d72b661cefd24e7dcf6e2a990\n\n Player 1.0.8 for Linux (.tar)\n md5sum: 99fbe861253eec5308d8c47938e8ad1e\n\n\n VMware ACE 2.0.5\n ----------------\n http://www.vmware.com/download/ace/\n Release notes 2.0:\n http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n ACE Manager Server Virtual Appliance\n Virtual Appliance for the ACE Management Server\n md5sum: 41e7349f3b6568dffa23055bb629208d\n\n ACE for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host (ACE Option\n Page key required for enabling ACE authoring)\n md5sum:46b4c54f0493f59f52ac6c2965296859\n\n ACE Management Server for Windows\n ACE Management Server installation file for Windows\n md5sum:33a015c4b236329bcb7e12c82271c417\n\n ACE Management Server for Red Hat Enterprise Linux 4\n ACE Management Server installation file for Red Hat Enterprise Linux 4\n md5sum:dc3bd89fd2285f41ed42f8b28cd5535f\n\n ACE Management Server for SUSE Enterprise Linux 9\n ACE Management Server installation file for SUSE Enterprise Linux 9\n md5sum:2add6a4fc97e1400fb2f94274ce0dce0\n\n VMware ACE 1.0.7\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n md5sum: 42d806cddb8e9f905722aeac19740f33\n\n VMware Server 1.0.7\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server/doc/releasenotes_server.html\n\n VMware Server for Windows 32-bit and 64-bit\n md5sum: 2e2ee5ebe08ae48eac5e661cad01acf6\n\n VMware Server Windows client package\n md5sum: ce7d906a5a8de37cbc20db4332de1adb\n\n VMware Server for Linux\n md5sum: 04f201122b16222cd58fc81ca814ff8c\n\n VMware Server for Linux rpm\n md5sum: 6bae706df040c35851823bc087597d8d\n\n Management Interface\n md5sum: e67489bd2f23bcd4a323d19df4e903e8\n\n VMware Server Linux client package\n md5sum: 99f1107302111ffd3f766194a33d492b\n\n ESX\n ---\n ESX 3.5.0 patch ESX350-200806203-UG (VCB)\n http://download3.vmware.com/software/esx/ESX350-200806203-UG.zip\n md5sum: 3bd512dc8aa2b276f7cfd19080d193c9\n http://kb.vmware.com/kb/1005896\n\n ESX 3.0.3 patch ESX303-200808403-SG (libpng)\n http://download3.vmware.com/software/vi/ESX303-200808403-SG.zip\n md5sum: 5f1e75631e53c0e9e013acdbe657cfc7\n http://kb.vmware.com/kb/1006034\n\n ESX 3.0.3 patch ESX303-200808404-SG (libpng)\n http://download3.vmware.com/software/vi/ESX303-200808404-SG.zip\n md5sum: 65468a5b6ba105cfde1dd444d77b2df4\n http://kb.vmware.com/kb/1006035\n\n ESX 3.0.3 patch ESX303-200808406-SG (bind)\n http://download3.vmware.com/software/vi/ESX303-200808406-SG.zip\n md5sum: a11273e8d430e5784071caff673995f4\n http://kb.vmware.com/kb/1006357\n\n ESX 3.0.3 patch (VCB)\n\n ESX 3.0.2 patch ESX-1005109 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005109.tgz\n md5sum: 456d74d94317f852024aed5d3852be09\n http://kb.vmware.com/kb/1005109\n\n ESX 3.0.2 patch ESX-1005113 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005113.tgz\n md5sum: 5d604f2bfd90585b9c8679f5fc8c31b7\n http://kb.vmware.com/kb/1005113\n\n ESX 3.0.2 patch ESX-1005114 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005114.tgz\n md5sum: 3b6d33b334f0020131580fdd8f9b5365\n http://kb.vmware.com/kb/1005114\n\n ESX 3.0.2 patch ESX-1004824 (VCB)\n http://download3.vmware.com/software/vi/ESX-1004824.tgz\n md5sum: c72b0132c9f5d7b4cb1b9e47748a9c5b\n http://kb.vmware.com/kb/1004824\n\n ESX 3.0.2 patch ESX-1006356 (bind)\n http://download3.vmware.com/software/vi/ESX-1006356.tgz\n md5sum: f0bc9d0b641954145df3986cdb1c2bab\n http://kb.vmware.com/kb/1006356\n\n ESX 3.0.1 patch ESX-1005111 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005111.tgz\n md5sum: 60e1be9b41070b3531c06f9a0595e24c\n http://kb.vmware.com/kb/1005111\n\n ESX 3.0.1 patch ESX-1005112 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005112.tgz\n md5sum: ad645cef0f9fa18bb648ba5a37074732\n http://kb.vmware.com/kb/1005112\n\n ESX 3.0.1 patch ESX-1005108 (libpng)\n http://download3.vmware.com/software/vi/ESX-1005108.tgz\n md5sum: aabc873d978f023c929ccd9a54588ea5\n http://kb.vmware.com/kb/1005108\n\n ESX 3.0.1 patch ESX-1004823 (VCB)\n http://download3.vmware.com/software/vi/ESX-1004823.tgz\n md5sum: 5ff2e8ce50c18afca76fb16c28415a59\n http://kb.vmware.com/kb/1004823\n\n ESX 3.0.1 patch ESX-1005117 (bind)\n http://download3.vmware.com/software/vi/ESX-1005117.tgz\n md5sum: 5271ecc6e36fb6f1fdf372e57891aa33\n http://kb.vmware.com/kb/1005117\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2101\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3691\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3692\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3693\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3694\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3695\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5438\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3696\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3697\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3698\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1808\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2008-08-29 VMSA-2008-0014\ninitial release\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available. Effective attack techniques against these\n vulnerabilities have been demonstrated. Tools\n and techniques have been developed that can reliably poison a domain of the\n attacker\u0027s choosing on most current implementations. As a result, the\n consensus of DNS software implementers is to implement source port\n randomization in their resolvers as a mitigation. \n\n\nII. Impact\n\n An attacker with the ability to conduct a successful cache poisoning attack\n can cause a nameserver\u0027s clients to contact the incorrect, and possibly\n malicious, hosts for particular services. Consequently, web traffic, email,\n and other important network data can be redirected to systems under the\n attacker\u0027s control. \n\n\nIII. Solution\n\nApply a patch from your vendor\n\n Patches have been released by a number of vendors to implement source port\n randomization in the nameserver. Please see the Systems Affected\n section of Vulnerability Note VU#800113 for additional details for specific\n vendors. \n\n As mentioned above, stub resolvers are also vulnerable to these attacks. \n Stub resolvers that will issue queries in response to attacker behavior, and\n may receive packets from an attacker, should be patched. System\n administrators should be alert for patches to client operating systems that\n implement port randomization in the stub resolver. \n\nWorkarounds\n\n Restrict access\n Administrators, particularly those who are unable to apply a patch, can\n limit exposure to this vulnerability by restricting sources that can ask for\n recursion. Note that restricting access will still allow attackers with\n access to authorized hosts to exploit this vulnerability. \n\n Filter traffic at network perimeters\n Because the ability to spoof IP addresses is necessary to conduct these\n attacks, administrators should take care to filter spoofed addresses at the\n network perimeter. IETF Request for Comments (RFC) documents RFC 2827, RFC\n 3704, and RFC 3013 describe best current practices (BCPs) for implementing\n this defense. It is important to understand your network\u0027s configuration and\n service requirements before deciding what changes are appropriate. \n\n Run a local DNS cache\n In lieu of strong port randomization characteristics in a stub resolver,\n administrators can protect their systems by using local caching full-service\n resolvers, both on the client systems and on servers that are topologically\n close on the network to the client systems. This should be done in\n conjunction with the network segmentation and filtering strategies mentioned\n above. \n\n Disable recursion\n Disable recursion on any nameserver responding to DNS requests made by\n untrusted systems. \n\n Implement source port randomization\n Vendors that implement DNS software are encouraged to review IETF Internet\n Draft, \"Measures for making DNS more resilient against forged answers,\" for\n additional information about implementing mitigations in their products. \n This document is a work in progress and may change prior to its publication\n as an RFC, if it is approved. \n\n\nIV. References\n\n * US-CERT Vulnerability Note VU#800113 -\n \u003chttp://www.kb.cert.org/vuls/id/800113\u003e\n * US-CERT Vulnerability Note VU#484649 -\n \u003chttp://www.kb.cert.org/vuls/id/484649\u003e\n * US-CERT Vulnerability Note VU#252735 -\n \u003chttp://www.kb.cert.org/vuls/id/252735\u003e\n * US-CERT Vulnerability Note VU#927905 -\n \u003chttp://www.kb.cert.org/vuls/id/927905\u003e\n * US-CERT Vulnerability Note VU#457875 -\n \u003chttp://www.kb.cert.org/vuls/id/457875\u003e\n * Internet Draft: Measures for making DNS more resilient against forged\n answers -\n \u003chttp://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience\u003e\n * RFC 3833 - \u003chttp://tools.ietf.org/html/rfc3833\u003e\n * RFC 2827 - \u003chttp://tools.ietf.org/html/rfc2827\u003e\n * RFC 3704 - \u003chttp://tools.ietf.org/html/rfc3704\u003e\n * RFC 3013 - \u003chttp://tools.ietf.org/html/rfc3013\u003e\n * Microsoft Security Bulletin MS08-037 -\n \u003chttp://www.microsoft.com/technet/security/bulletin/ms08-037.mspx\u003e\n * Internet Systems Consortium BIND Vulnerabilities -\n \u003chttp://www.isc.org/sw/bind/bind-security.php\u003e\n\n ____________________________________________________________________\n\n US-CERT thanks Dan Kaminsky of IOActive and Paul Vixie of Internet Systems\n Consortium (ISC) for notifying us about this problem and for helping us to\n construct this advisory. \n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA08-190B.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA08-190B Feedback VU#800113\" in the\n subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2008 by US-CERT, a government organization. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for bind\n\nSECUNIA ADVISORY ID:\nSA26195\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26195/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nRed Hat Enterprise Linux (v. 5 server)\nhttp://secunia.com/product/13652/\nRed Hat Enterprise Linux Desktop (v. 5 client)\nhttp://secunia.com/product/13653/\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client)\nhttp://secunia.com/product/13651/\nRedHat Enterprise Linux AS 2.1\nhttp://secunia.com/product/48/\nRedHat Enterprise Linux AS 3\nhttp://secunia.com/product/2534/\nRedHat Enterprise Linux AS 4\nhttp://secunia.com/product/4669/\nRedHat Enterprise Linux ES 2.1\nhttp://secunia.com/product/1306/\nRedHat Enterprise Linux ES 3\nhttp://secunia.com/product/2535/\nRedHat Enterprise Linux ES 4\nhttp://secunia.com/product/4668/\nRedHat Enterprise Linux WS 3\nhttp://secunia.com/product/2536/\nRedHat Enterprise Linux WS 2.1\nhttp://secunia.com/product/1044/\nRedHat Enterprise Linux WS 4\nhttp://secunia.com/product/4670/\nRedHat Linux Advanced Workstation 2.1 for Itanium\nhttp://secunia.com/product/1326/\n\nDESCRIPTION:\nRed Hat has issued an update for bind. \n\nFor more information:\nSA26152\n\nSOLUTION:\nUpdated packages are available from Red Hat Network. \nhttp://rhn.redhat.com\n\nORIGINAL ADVISORY:\nhttp://rhn.redhat.com/errata/RHSA-2007-0740.html\n\nOTHER REFERENCES:\nSA26152:\nhttp://secunia.com/advisories/26152/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280)\n===============================================\n\nBen Laurie of Google\u0027s Applied Security team, while working with an\nexternal researcher, Dr. Richard Clayton of the Computer Laboratory,\nCambridge University, found that various OpenID Providers (OPs) had\nTLS Server Certificates that used weak keys, as a result of the Debian\nPredictable Random Number Generator (CVE-2008-0166). \n\nIn combination with the DNS Cache Poisoning issue (CVE-2008-1447) and\nthe fact that almost all SSL/TLS implementations do not consult CRLs\n(currently an untracked issue), this means that it is impossible to\nrely on these OPs. \n\nAttack Description\n------------------\n\nIn order to mount an attack against a vulnerable OP, the attacker\nfirst finds the private key corresponding to the weak TLS\ncertificate. He then sets up a website masquerading as the original\nOP, both for the OpenID protocol and also for HTTP/HTTPS. \n\nThere are two cases, one is where the victim is a user trying to\nidentify themselves, in which case, even if they use HTTPS to \"ensure\"\nthat the site they are visiting is indeed their provider, they will be\nunable to detect the substitution and will give their login\ncredentials to the attacker. \n\nThe second case is where the victim is the Relying Party (RP). In this\ncase, even if the RP uses TLS to connect to the OP, as is recommended\nfor higher assurance, he will not be defended, as the vast majority of\nOpenID implementations do not check CRLs, and will, therefore, accept\nthe malicious site as the true OP. \n\nMitigation\n----------\n\nMitigation is surprisingly hard. In theory the vulnerable site should\nrevoke their weak certificate and issue a new one. \n\nHowever, since the CRLs will almost certainly not be checked, this\nmeans the site will still be vulnerable to attack for the lifetime of\nthe certificate (and perhaps beyond, depending on user\nbehaviour). Note that shutting down the site DOES NOT prevent the\nattack. \n\nTherefore mitigation falls to other parties. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted\n for any OP that cannot demonstrate it has never had a weak\n certificate. \n\nDiscussion\n----------\n\nNormally, when security problems are encountered with a single piece\nof software, the responsible thing to do is to is to wait until fixes\nare available before making any announcement. However, as a number of\nexamples in the past have demonstrated, this approach does not work\nparticularly well when many different pieces of software are involved\nbecause it is necessary to coordinate a simultaneous release of the\nfixes, whilst hoping that the very large number of people involved\nwill cooperate in keeping the vulnerability secret. \n\nIn the present situation, the fixes will involve considerable\ndevelopment work in adding CRL handling to a great many pieces of\nopenID code. This is a far from trivial amount of work. \n\nThe fixes will also involve changes to browser preferences to ensure\nthat CRLs are checked by default -- which many vendors have resisted\nfor years. We are extremely pessimistic that a security vulnerability\nin OpenID will be seen as sufficiently important to change the browser\nvendors minds. \n\nHence, we see no value in delaying this announcement; and by making\nthe details public as soon as possible, we believe that individuals\nwho rely on OpenID will be better able to take their own individual\nsteps to avoid relying upon the flawed certificates we have\nidentified. \n\nOpenID is at heart quite a weak protocol, when used in its most\ngeneral form[1], and consequently there is very limited reliance upon\nits security. This means that the consequences of the combination of\nattacks that are now possible is nothing like as serious as might\notherwise have been the case. \n\nHowever, it does give an insight into the type of security disaster\nthat may occur in the future if we do not start to take CRLs\nseriously, but merely stick them onto \"to-do\" lists or disable them in\nthe name of tiny performance improvements. \n\nAffected Sites\n--------------\n\nThere is no central registry of OpenID systems, and so we cannot be\nsure that we have identified all of the weak certificates that are\ncurrently being served. The list of those we have found so far is:\n\nopenid.sun.com\nwww.xopenid.net\nopenid.net.nz\n\nNotes\n-----\n\n[1] There are ways of using OpenID that are significantly more secure\n than the commonly deployed scheme, I shall describe those in a\n separate article. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nRelease Date: 2008-07-16\nLast Updated: 2010-10-12\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote DNS cache poisoning\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running BIND. \nHP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2. \n\nCustomers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below. \n\nA new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support. \nThe patch PHNE_37865 is available from: http://itrc.hp.com\n\nThe BIND v9.3.2 updates are available for download from: http://software.hp.com\n\nHP-UX Release / Action\n\nB.11.11 running v8.1.2\n Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \n\nHP-UX Release / BIND Depot name / Action\n\nB.11.11 running v9.2.0 /\n BIND920V15.depot /\n Remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \n\nHP-UX Release / Action\n\nB.11.23 running v9.2.0 /\n Install PHNE_37865; Remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \n\nHP-UX Release / Action\n\nB.11.11 running v9.3.2 /\n Install revision C.9.3.2.7.0 or subsequent; Remove \"query-source port\" and \"query-source-v6 port\" options in\n\n/etc/named.conf. \n\nB.11.23 running v9.3.2 /\n Install revision C.9.3.2.7.0 or subsequent; Remove \"query-source port\" and \"query-source-v6 port\" options in\n\n/etc/named.conf. \n\nB.11.31 running v9.3.2 /\n Install revision C.9.3.2.3.0 or subsequent; Remove \"query-source port\" and \"query-source-v6 port\" options in\n\n/etc/named.conf. \n\nNote: Remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \n\nNote: Firewall configurations may need to be adjusted to allow DNS queries from random source ports to pass. In addition,\n\nfirewalls that forward DNS queries must not replace the random source ports. \n\nMANUAL ACTIONS: Yes - NonUpdate\nRemove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. Check firewall settings. \nFor B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates\nFor B.11.11 running v9.2.0 install BIND920v15.depot\n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It\n\nanalyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can\n\nalso download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nAFFECTED VERSIONS\n\nFor BIND v8.1.2\nHP-UX B.11.11\n=============\nInternetSrvcs.INETSVCS-RUN\naction: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \n\nFor BIND v9.3.2\nHP-UX B.11.11\n=============\nBindUpgrade.BIND-UPGRADE\naction: install revision C.9.3.2.7.0 or subsequent, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \nURL: http://software.hp.com\n\nHP-UX B.11.23\n=============\nBindUpgrade.BIND-UPGRADE\nBindUpgrade.BIND2-UPGRADE\naction: install revision C.9.3.2.7.0 or subsequent, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \nURL: http://software.hp.com\n\nHP-UX B.11.31\n=============\nNameService.BIND-AUX\nNameService.BIND-RUN\naction: install revision C.9.3.2.7.0 or subsequent, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \nURL: http://software.hp.com\n\nFor BIND v9.2.0\nHP-UX B.11.11\n=============\nBINDv920.INETSVCS-BIND\naction: install revision B.11.11.01.015 or subsequent, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \nURL Contact HP Support for information on where to download depot. \n\nHP-UX B.11.23\n=============\nInternetSrvcs.INETSVCS-INETD\nInternetSrvcs.INETSVCS-RUN\nInternetSrvcs.INETSVCS2-RUN\naction: install patch PHNE_37865 or subsequent, remove \"query-source port\" and \"query-source-v6 port\" options in /etc/named.conf. \nURL: http://itrc.hp.com\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 16 July 2008 Initial release\nVersion:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information\nVersion:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2\nVersion:4 (rev.4) - 08 August 2008 Updated manual actions to include named.conf and firewall configuration setings\nVersion:5 (rev.5) - 12 October 2010 Updated version for BIND v9.2.0 depot for B.11.11\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1447"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "69536"
},
{
"db": "PACKETSTORM",
"id": "68360"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68061"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "PACKETSTORM",
"id": "94774"
}
],
"trust": 4.41
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=6122",
"trust": 0.3,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-31572",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800113",
"trust": 3.8
},
{
"db": "NVD",
"id": "CVE-2008-1447",
"trust": 3.8
},
{
"db": "BID",
"id": "30131",
"trust": 2.9
},
{
"db": "USCERT",
"id": "TA08-190B",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "30980",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "31014",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "30925",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA08-260A",
"trust": 2.6
},
{
"db": "USCERT",
"id": "TA08-190A",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2008-2025",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-0297",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2334",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2383",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2113",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2558",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2019",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2377",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2584",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2342",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-0622",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2166",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2051",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2092",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2029",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2384",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2268",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2052",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2549",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2197",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2009-0311",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2055",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2467",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2123",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2482",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2525",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2023",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2582",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2114",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2196",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2139",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2466",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2050",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2195",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2291",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2030",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020548",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020578",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020448",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020558",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020702",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020440",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020575",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020437",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020802",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020449",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020579",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020561",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020804",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020577",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020560",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020651",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020653",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020438",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020576",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31209",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31197",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31422",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30977",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31151",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31354",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31093",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31221",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31254",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31451",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31169",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30988",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30973",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31687",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31199",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31137",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30998",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31065",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31882",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31019",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31153",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31482",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31495",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33178",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33714",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31213",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31326",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31052",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31011",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31588",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31033",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31031",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31430",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30979",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31022",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31094",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31030",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31204",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31072",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31152",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31237",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31012",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "33786",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31143",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31236",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31900",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "30989",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "31823",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "6130",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "6123",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "6122",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "26195",
"trust": 0.9
},
{
"db": "CERT/CC",
"id": "VU#252735",
"trust": 0.9
},
{
"db": "EXPLOIT-DB",
"id": "4266",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA08-190A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "68878",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68061",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68288",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "94774",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68068",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68039",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68360",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68038",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68412",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68118",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73060",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68502",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68199",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73732",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68037",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68546",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68063",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68543",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-65607",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31572",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-1447",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69536",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#484649",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#457875",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#927905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68924",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "94774"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "69536"
},
{
"db": "PACKETSTORM",
"id": "68360"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68061"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"id": "VAR-200707-0675",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
],
"trust": 0.5363860340000001
},
"last_update_date": "2024-07-23T20:51:26.313000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2008-09-12",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
},
{
"title": "APPLE-SA-2008-09-15",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
},
{
"title": "APPLE-SA-2008-07-31",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
},
{
"title": "APPLE-SA-2008-09-09",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
},
{
"title": "Security Update 2008-006",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3137"
},
{
"title": "Security Update 2008-005",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht2647"
},
{
"title": "iPod touch v2.1",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3026"
},
{
"title": "bind-9.3.3-10.4AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=140"
},
{
"title": "dnsmasq-2.45-1AXS3.1.1",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=345"
},
{
"title": "cisco-sa-20080708-dns",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
},
{
"title": "20080709",
"trust": 0.8,
"url": "http://www.furukawa.co.jp/fitelnet/topic/vulnera_20080709.html"
},
{
"title": "DNS cache poisoning",
"trust": 0.8,
"url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
},
{
"title": "JVNVU800113",
"trust": 0.8,
"url": "http://www.centurysys.co.jp/support/xr_common/jvnvu800113.html"
},
{
"title": "HPSBUX02351",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01506861"
},
{
"title": "HPSBOV02357 SSRT080058",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01662368"
},
{
"title": "HPSBMP02404 SSRT090014",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01660723"
},
{
"title": "HPSBUX02358",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01527346"
},
{
"title": "IZ26672",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26672"
},
{
"title": "IZ26667",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26667"
},
{
"title": "IZ26668",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26668"
},
{
"title": "IZ26671",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26671"
},
{
"title": "IZ26670",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"title": "IZ26669",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26669"
},
{
"title": "4525",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=4525"
},
{
"title": "4338",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=4338"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.iij.ad.jp"
},
{
"title": "CERT VU#800113 DNS Cache Poisoning Issue",
"trust": 0.8,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"title": "956187",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/956187.mspx"
},
{
"title": "MS08-037",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx"
},
{
"title": "1316",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1316"
},
{
"title": "1649",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1649"
},
{
"title": "1296",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1296"
},
{
"title": "1297",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1297"
},
{
"title": "NV08-008",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv08-008.html"
},
{
"title": "RHSA-2008:0789",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0789.html"
},
{
"title": "RHSA-2008:0533",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"title": "VU800113",
"trust": 0.8,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"title": "239392",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239392-1"
},
{
"title": "240048",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240048-1"
},
{
"title": "dns_12",
"trust": 0.8,
"url": "http://fenics.fujitsu.com/products/support/2008/dns_12.html"
},
{
"title": "DNS\u306b\u95a2\u3059\u308b\u30ad\u30e3\u30c3\u30b7\u30e5\u30dd\u30a4\u30ba\u30cb\u30f3\u30b0\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20080813.html"
},
{
"title": "956187",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/advisory/956187.mspx"
},
{
"title": "MS08-037",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms08-037.mspx"
},
{
"title": "RHSA-2008:0533",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0533j.html"
},
{
"title": "RHSA-2008:0789",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2008-0789j.html"
},
{
"title": "MS08-037e",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/security/bulletins/ms08-037e.mspx"
},
{
"title": "TLSA-2008-26",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/tlsa-2008-26j.txt"
},
{
"title": "TA08-190A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-190a.html"
},
{
"title": "TA08-190B",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta08-190b.html"
},
{
"title": "Debian CVElist Bug Report Logs: dnsmasq: appears to be vulnerable to cache poisoning attack CVE-2008-1447",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=bea0103df57677c569776d970bb2ff1a"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-622-1"
},
{
"title": "Ubuntu Security Notice: dnsmasq vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-627-1"
},
{
"title": "Debian Security Advisories: DSA-1605-1 glibc -- DNS cache poisoning",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=26abd8c8b0e5ca972a55a1b90d3fdfc5"
},
{
"title": "Debian Security Advisories: DSA-1617-1 refpolicy -- incompatible policy",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3418f614f56d497e28f842674f8d8f8c"
},
{
"title": "Debian Security Advisories: DSA-1603-1 bind9 -- DNS cache poisoning",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=23e55365f62c349622abb2d713a280af"
},
{
"title": "Debian CVElist Bug Report Logs: appears to be vulnerable to cache poisoning attack CVE-2008-1447",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9e131108e982a49c97c4f3c5801dfb53"
},
{
"title": "Debian CVElist Bug Report Logs: python-dns vulnerable to CVE-2008-1447 DNS source port guessable",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=2a465496dabf8f2d87b1ff911ad8df9b"
},
{
"title": "Symantec Security Advisories: SA26 : DNS Cache Poisoning Vulnerability (CERT VU#800113)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=078765ce503e834a2fa43ae116b70180"
},
{
"title": "Citrix Security Bulletins: Archive: Vulnerability in Access Gateway Standard and Advanced Edition Appliance firmware could result in DNS Cache Poisoning",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=df5619e77c6173020dc0459f4b4bf1f2"
},
{
"title": "Citrix Security Bulletins: Archive: Vulnerability in NetScaler and Access Gateway Enterprise Edition could result in DNS Cache Poisoning",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=5c63f9f5138045493cfb7d220588077b"
},
{
"title": "Ubuntu Security Notice: ruby1.8 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-651-1"
},
{
"title": "VMware Security Advisories: Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=f3db6c283715ce027fe46e96804874b4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-331",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.8
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/800113"
},
{
"trust": 2.7,
"url": "http://support.citrix.com/article/ctx117991"
},
{
"trust": 2.7,
"url": "http://support.citrix.com/article/ctx118183"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/30131"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
},
{
"trust": 2.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
},
{
"trust": 2.1,
"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
},
{
"trust": 2.1,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
},
{
"trust": 2.1,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
},
{
"trust": 2.1,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"trust": 2.1,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
},
{
"trust": 2.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
},
{
"trust": 2.1,
"url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
},
{
"trust": 2.1,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"trust": 2.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
},
{
"trust": 2.0,
"url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
},
{
"trust": 1.8,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"trust": 1.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
},
{
"trust": 1.8,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3026"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht3129"
},
{
"trust": 1.8,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
},
{
"trust": 1.8,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
},
{
"trust": 1.8,
"url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
},
{
"trust": 1.8,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
},
{
"trust": 1.8,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1603"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1604"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1605"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1619"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2008/dsa-1623"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/6122"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/6123"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/6130"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
},
{
"trust": 1.8,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
},
{
"trust": 1.8,
"url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
},
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
},
{
"trust": 1.8,
"url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
},
{
"trust": 1.8,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
},
{
"trust": 1.8,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
},
{
"trust": 1.8,
"url": "http://www.doxpara.com/?p=1176"
},
{
"trust": 1.8,
"url": "http://www.doxpara.com/dmk_bo2k8.ppt"
},
{
"trust": 1.8,
"url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
},
{
"trust": 1.8,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
},
{
"trust": 1.8,
"url": "http://www.openbsd.org/errata42.html#013_bind"
},
{
"trust": 1.8,
"url": "http://www.openbsd.org/errata43.html#004_bind"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020437"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020438"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020440"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020448"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020449"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020548"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020558"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020560"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020561"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020575"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020576"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020577"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020578"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020579"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020651"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020653"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020702"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020802"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1020804"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30925"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30973"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30977"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30979"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30980"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30988"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30989"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/30998"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31011"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31012"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31014"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31019"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31022"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31030"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31031"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31033"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31052"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31065"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31072"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31093"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31094"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31137"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31143"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31151"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31152"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31153"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31169"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31197"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31199"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31204"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31207"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31209"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31212"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31213"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31221"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31236"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31237"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31254"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31326"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31354"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31422"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31430"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31451"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31482"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31495"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31588"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31687"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31823"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31882"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/31900"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33178"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33714"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/33786"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-622-1"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-627-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2019/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2023/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2025/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2029/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2030/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2050/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2051/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2052/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2055/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2092/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2113/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2114/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2123/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2139/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2166/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2195/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2196/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2197/references"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2291"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2334"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2342"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2377"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2383"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2384"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2467"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2482"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2549"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2582"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/0297"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/0311"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0622"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
},
{
"trust": 1.7,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc3833"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 1.6,
"url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
},
{
"trust": 1.2,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26195/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.8,
"url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3013"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4033"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_random.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_transmit.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/forgery.html"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/microsoftdns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind9dns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind8dns"
},
{
"trust": 0.8,
"url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
},
{
"trust": 0.8,
"url": "http://blogs.iss.net/archive/morednsnat.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/cert/jvnvu800113/"
},
{
"trust": 0.8,
"url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
},
{
"trust": 0.8,
"url": "http://www.isc.org/sw/bind/bind-security.php"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/docs/bind9dns.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23252735/index.html"
},
{
"trust": 0.8,
"url": "http://www.milw0rm.com/exploits/4266"
},
{
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/2019"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/2055"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2008/200812_dns.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200912_dns.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/vuln/documents/2008/200809_dns.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2008/at080013.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2008/at080014.txt"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2014/at140016.html"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2014-04-15-portrandomization.html"
},
{
"trust": 0.8,
"url": "http://jprs.jp/tech/security/2014-05-30-poisoning-countermeasure-auth-1.pdf"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu800113/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-190a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-190b/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-190a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-190b/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1447"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/30925/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/31014/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/30980/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-190a.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/2009/20090212_155349.html"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/isrs_available_for_bind_dns"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht3137"
},
{
"trust": 0.3,
"url": "http://blog.ncircle.com/blogs/sync/archives/2008/08/apple_dns_patch_fails_to_rando.html"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.5-p2"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.4.2-p2"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.5.0-p2"
},
{
"trust": 0.3,
"url": "http://www.bluecatnetworks.com/clientsupport/"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com"
},
{
"trust": 0.3,
"url": "http://www.tinydns.org/"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2008/07/on-dns-attacks-in-wild-and-journalistic.html"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html"
},
{
"trust": 0.3,
"url": "http://www.securebits.org/dnsmre.html"
},
{
"trust": 0.3,
"url": "http://www.f5.com/products/big-ip/"
},
{
"trust": 0.3,
"url": "http://www.f5.com/"
},
{
"trust": 0.3,
"url": "http://support.citrix.com/article/ctx116762"
},
{
"trust": 0.3,
"url": "http://www.sec-consult.com/files/whitepaper-dns-node-redelegation.pdf"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/current/index.html#internet_system_consortium_releases_bind"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windows/default.mspx"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata42.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata43.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-464.php"
},
{
"trust": 0.3,
"url": "http://darkoz.com/?p=15"
},
{
"trust": 0.3,
"url": "http://www.bluecatnetworks.com/"
},
{
"trust": 0.3,
"url": "http://f5.com/products/firepass/"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "http://www.windriver.com/"
},
{
"trust": 0.3,
"url": "http://www.zonealarm.com/"
},
{
"trust": 0.3,
"url": "/archive/1/500540"
},
{
"trust": 0.3,
"url": "/archive/1/495304"
},
{
"trust": 0.3,
"url": "/archive/1/494716"
},
{
"trust": 0.3,
"url": "/archive/1/494055"
},
{
"trust": 0.3,
"url": "/archive/1/495034"
},
{
"trust": 0.3,
"url": "/archive/1/494305"
},
{
"trust": 0.3,
"url": "/archive/1/494493"
},
{
"trust": 0.3,
"url": "/archive/1/494108"
},
{
"trust": 0.3,
"url": "/archive/1/494818"
},
{
"trust": 0.3,
"url": "/archive/1/495212"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-288.htm"
},
{
"trust": 0.3,
"url": "http://hypersonic.bluecoat.com/support/securityadvisories/dns_cache_poisoning"
},
{
"trust": 0.3,
"url": "http://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01660723"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04530690 "
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4z"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/956187.mspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx"
},
{
"trust": 0.3,
"url": "http://www1.alcatel-lucent.com/psirt/statements/2008003/dnscache.htm"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/mapg-7g7nuc"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=762152\u0026poid="
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=751322"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0789.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-240048-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-245206-1"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912\u0026sliceid=1"
},
{
"trust": 0.3,
"url": "http://up2date.astaro.com/2008/09/up2date_6314_released.html"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=4527"
},
{
"trust": 0.3,
"url": "http://software.hp.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
},
{
"trust": 0.1,
"url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/331.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/622-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/6122/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/prod_warranties_item09186a008088e31f.html,"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/software/tablebuild/tablebuild.pl/nr-eval"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55"
},
{
"trust": 0.1,
"url": "http://www.cisco.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "https://www.example.com"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006356"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005896"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3698"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx350-200806203-ug.zip"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5438"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3696"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1004824"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005117.tgz"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1004824.tgz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3696"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005111"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1004823"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005108.tgz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005113"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3697"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3698"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-200808406-sg.zip"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005114.tgz"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3691"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005114"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3693"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-200808403-sg.zip"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1806"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3694"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005112"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3695"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3692"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3697"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005109"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3695"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005108"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-200808404-sg.zip"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006357"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005113.tgz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006034"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1006035"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1006356.tgz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1005117"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3693"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005112.tgz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005109.tgz"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3694"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1004823.tgz"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx-1005111.tgz"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3691"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5438"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3692"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/800113\u003e"
},
{
"trust": 0.1,
"url": "http://tools.ietf.org/html/rfc3704\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/252735\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/927905\u003e"
},
{
"trust": 0.1,
"url": "http://tools.ietf.org/html/rfc2827\u003e"
},
{
"trust": 0.1,
"url": "http://tools.ietf.org/html/rfc3013\u003e"
},
{
"trust": 0.1,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/484649\u003e"
},
{
"trust": 0.1,
"url": "http://www.isc.org/sw/bind/bind-security.php\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html\u003e"
},
{
"trust": 0.1,
"url": "http://tools.ietf.org/html/rfc3833\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/457875\u003e"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2536/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0740.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2535/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13653/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/48/"
},
{
"trust": 0.1,
"url": "http://rhn.redhat.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13651/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4669/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4668/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13652/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1326/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26152/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1306/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4670/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2534/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1044/"
},
{
"trust": 0.1,
"url": "https://www.xopenid.net"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0166"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "94774"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "69536"
},
{
"db": "PACKETSTORM",
"id": "68360"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68061"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#252735"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"db": "BID",
"id": "30131"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"db": "PACKETSTORM",
"id": "68039"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "94774"
},
{
"db": "PACKETSTORM",
"id": "68288"
},
{
"db": "PACKETSTORM",
"id": "69536"
},
{
"db": "PACKETSTORM",
"id": "68360"
},
{
"db": "PACKETSTORM",
"id": "68878"
},
{
"db": "PACKETSTORM",
"id": "68061"
},
{
"db": "PACKETSTORM",
"id": "58035"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#800113"
},
{
"date": "2007-07-27T00:00:00",
"db": "CERT/CC",
"id": "VU#252735"
},
{
"date": "2008-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31572"
},
{
"date": "2008-07-08T00:00:00",
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"date": "2008-07-08T00:00:00",
"db": "BID",
"id": "30131"
},
{
"date": "2008-07-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"date": "2008-07-10T06:26:35",
"db": "PACKETSTORM",
"id": "68039"
},
{
"date": "2008-07-10T07:29:30",
"db": "PACKETSTORM",
"id": "68068"
},
{
"date": "2010-10-15T02:12:40",
"db": "PACKETSTORM",
"id": "94774"
},
{
"date": "2008-07-17T19:16:48",
"db": "PACKETSTORM",
"id": "68288"
},
{
"date": "2008-08-31T23:44:00",
"db": "PACKETSTORM",
"id": "69536"
},
{
"date": "2008-07-21T19:44:10",
"db": "PACKETSTORM",
"id": "68360"
},
{
"date": "2008-08-06T21:52:19",
"db": "PACKETSTORM",
"id": "68878"
},
{
"date": "2008-07-10T07:07:50",
"db": "PACKETSTORM",
"id": "68061"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58035"
},
{
"date": "2008-08-08T20:46:25",
"db": "PACKETSTORM",
"id": "68924"
},
{
"date": "2008-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"date": "2008-07-08T23:41:00",
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800113"
},
{
"date": "2008-08-06T00:00:00",
"db": "CERT/CC",
"id": "VU#252735"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-31572"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2008-1447"
},
{
"date": "2015-04-13T21:35:00",
"db": "BID",
"id": "30131"
},
{
"date": "2014-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001495"
},
{
"date": "2020-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200807-129"
},
{
"date": "2020-03-24T18:19:46.383000",
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple DNS implementations vulnerable to cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200807-129"
}
],
"trust": 0.6
}
}
VAR-200808-0011
Vulnerability from variot - Updated: 2024-07-23 20:51Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apache Tomcat is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain the contents of sensitive files stored on the server. Information obtained may lead to further attacks. The following versions are affected: Tomcat 4.1.0 through 4.1.37 Tomcat 5.5.0 through 5.5.26 Tomcat 6.0.0 through 6.0.16 Tomcat 3.x, 4.0.x, and 5.0.x may also be affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CVE-2008-2370: Apache Tomcat information disclosure vulnerability
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: Tomcat 4.1.0 to 4.1.37 Tomcat 5.5.0 to 5.5.26 Tomcat 6.0.0 to 6.0.16 The unsupported Tomcat 3.x, 4.0.x and 5.0.x versions may be also affected
Description: When using a RequestDispatcher the target path was normalised before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected by a security constraint or by locating it in under the WEB-INF directory.
Mitigation: 6.0.x users should upgrade to 6.0.18 5.5.x users should obtain the latest source from svn or apply this patch which will be included from 5.5.27 http://svn.apache.org/viewvc?rev=680949&view=rev 4.1.x users should obtain the latest source from svn or apply this patch which will be included from 4.1.38 http://svn.apache.org/viewvc?rev=680950&view=rev
Example: For a page that contains: <% pageContext.forward("/page2.jsp?somepar=someval&par="+request.getParameter("blah")); %> an attacker can use: http://host/page.jsp?blah=/../WEB-INF/web.xml
Credit: This issue was discovered by Stefano Di Paola of Minded Security Research Labs. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01650939 Version: 1
HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-02-02 Last Updated: 2009-02-02
Potential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
References: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier HP-UX B.11.11 running Apache-based Web Server v2.2.8.01.01 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6420 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1232 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-1947 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2364 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2370 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0 CVE-2008-2938 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-3658 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location: URL: http://software.hp.com
Note: HP-UX Web Server Suite v.3.02 contains HP-UX Apache-based Web Server v.2.2.8.01.02 and HP-UX Tomcat-based Servlet Engine 5.5.27.01.01
HP-UX Release - B.11.23 and B.11.31 PA-32 Apache Depot name - HPUXWSATW-B302-32.depot
HP-UX Release - B.11.23 and B.11.31 IA-64 Apache Depot name - HPUXWSATW-B302-64.depot
HP-UX Release - B.11.11 PA-32 Apache Depot name - HPUXWSATW-B222-1111.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server or Tomcat-based Servelet Engine from the Apache Web Server Suite v3.02 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY hpuxwsTOMCAT.TOMCAT hpuxwsWEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com
HP-UX B.11.23
hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com
HP-UX B.11.31
hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 hpuxws22TOMCAT.TOMCAT hpuxws22WEBMIN.WEBMIN
action: install revision B.2.2.8.01.02 or subsequent URL: http://software.hp.com
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 2 February 2009 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2009 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0016 Synopsis: VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components Issue date: 2009-11-20 Updated on: 2009-11-20 (initial release of advisory) CVE numbers: --- JRE --- CVE-2009-1093 CVE-2009-1094 CVE-2009-1095 CVE-2009-1096 CVE-2009-1097 CVE-2009-1098 CVE-2009-1099 CVE-2009-1100 CVE-2009-1101 CVE-2009-1102 CVE-2009-1103 CVE-2009-1104 CVE-2009-1105 CVE-2009-1106 CVE-2009-1107 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2675 CVE-2009-2676 CVE-2009-2716 CVE-2009-2718 CVE-2009-2719 CVE-2009-2720 CVE-2009-2721 CVE-2009-2722 CVE-2009-2723 CVE-2009-2724 --- Tomcat --- CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-6286 CVE-2008-0002 --- ntp --- CVE-2009-1252 CVE-2009-0159 --- kernel --- CVE-2008-3528 CVE-2008-5700 CVE-2009-0028 CVE-2009-0269 CVE-2009-0322 CVE-2009-0675 CVE-2009-0676 CVE-2009-0778 CVE-2008-4307 CVE-2009-0834 CVE-2009-1337 CVE-2009-0787 CVE-2009-1336 CVE-2009-1439 CVE-2009-1633 CVE-2009-1072 CVE-2009-1630 CVE-2009-1192 CVE-2007-5966 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 CVE-2009-2692 CVE-2009-2698 CVE-2009-0745 CVE-2009-0746 CVE-2009-0747 CVE-2009-0748 CVE-2009-2847 CVE-2009-2848 --- python --- CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 --- bind --- CVE-2009-0696 --- libxml and libxml2 --- CVE-2009-2414 CVE-2009-2416 --- curl -- CVE-2009-2417 --- gnutil --- CVE-2007-2052
- Summary
Updated Java JRE packages and Tomcat packages address several security issues. Updates for the ESX Service Console and vMA include kernel, ntp, Python, bind libxml, libxml2, curl and gnutil packages. ntp is also updated for ESXi userworlds.
- Relevant releases
vCenter Server 4.0 before Update 1
ESXi 4.0 without patch ESXi400-200911201-UG
ESX 4.0 without patches ESX400-200911201-UG, ESX400-200911223-UG, ESX400-200911232-SG, ESX400-200911233-SG, ESX400-200911234-SG, ESX400-200911235-SG, ESX400-200911237-SG, ESX400-200911238-SG
vMA 4.0 before patch 02
- Problem Description
a. JRE Security Update
JRE update to version 1.5.0_20, which addresses multiple security
issues that existed in earlier releases of JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the following names to the security issues fixed in
JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,
CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099,
CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103,
CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the following names to the security issues fixed in
JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,
CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676,
CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720,
CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.0 Windows Update 1
VirtualCenter 2.5 Windows affected, patch pending
VirtualCenter 2.0.2 Windows affected, patch pending
Workstation any any not affected
Player any any not affected
Server 2.0 any affected, patch pending
Server 1.0 any not affected
ACE any any not affected
Fusion any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200911223-UG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 2 *
-
vMA JRE is updated to version JRE 1.5.0_21
Notes: These vulnerabilities can be exploited remotely only if the attacker has access to the Service Console network.
Security best practices provided by VMware recommend that the Service Console be isolated from the VM network. Please see http://www.vmware.com/resources/techresources/726 for more information on VMware security best practices. The currently installed version of JRE depends on your patch deployment history.
b. Update Apache Tomcat version to 6.0.20
Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 which addresses multiple security issues that existed in the previous version of Apache Tomcat.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.
VMware Product Running Replace with/ Product Version on Apply Patch ======== ======== ======= ======================= vCenter 4.0 Windows Update 1 VirtualCenter 2.5 Windows affected, patch pending VirtualCenter 2.0.2 Windows affected, patch pending
Workstation any any not affected
Player any any not affected
ACE any Windows not affected
Server 2.x any affected, patch pending Server 1.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200911223-UG ESX 3.5 ESX affected, patch pending ESX 3.0.3 ESX affected, patch pending ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 not affected
Notes: These vulnerabilities can be exploited remotely only if the
attacker has access to the Service Console network.
Security best practices provided by VMware recommend that the
Service Console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices.
The currently installed version of Tomcat depends on
your patch deployment history.
c. Third party library update for ntp.
The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source.
ESXi 3.5 and ESXi 4.0 have a ntp client that is affected by the following security issue. Note that the same security issue is present in the ESX Service Console as described in section d. of this advisory.
A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the "ntp" user.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue.
The NTP security issue identified by CVE-2009-0159 is not relevant for ESXi 3.5 and ESXi 4.0.
The following table lists what action remediates the vulnerability in this component (column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi 4.0 ESXi ESXi400-200911201-UG
ESXi 3.5 ESXi affected, patch pending
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 not affected
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
d. Service Console update for ntp
Service Console package ntp updated to version ntp-4.2.2pl-9.el5_3.2
The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source.
The Service Console present in ESX is affected by the following security issues.
A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the "ntp" user.
NTP authentication is not enabled by default on the Service Console.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue.
A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially-crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the privileges of the user running the ntpq command.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0159 to this issue.
The following table lists what action remediates the vulnerability in the Service Console (column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-200911238-SG
ESX 3.5 ESX affected, patch pending **
ESX 3.0.3 ESX affected, patch pending **
ESX 2.5.5 ESX affected, patch pending **
vMA 4.0 RHEL5 Patch 2
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
** The service consoles of ESX 2.5.5, ESX 3.0.3 and ESX 3.5 are not affected by CVE-2009-1252. The security issue identified by CVE-2009-0159 has a low impact on the service console of ESX 2.5.5, ESX 3.0.3 and ESX 3.5.
e. Updated Service Console package kernel
Updated Service Console package kernel addresses the security
issues below.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-3528, CVE-2008-5700, CVE-2009-0028,
CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676,
CVE-2009-0778 to the security issues fixed in kernel
2.6.18-128.1.6.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-4307, CVE-2009-0834, CVE-2009-1337,
CVE-2009-0787, CVE-2009-1336 to the security issues fixed in
kernel 2.6.18-128.1.10.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1439, CVE-2009-1633, CVE-2009-1072,
CVE-2009-1630, CVE-2009-1192 to the security issues fixed in
kernel 2.6.18-128.1.14.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-5966, CVE-2009-1385, CVE-2009-1388,
CVE-2009-1389, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407 to the
security issues fixed in kernel 2.6.18-128.4.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-2692, CVE-2009-2698 to the
security issues fixed in kernel 2.6.18-128.7.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-0745, CVE-2009-0746, CVE-2009-0747,
CVE-2009-0748, CVE-2009-2847, CVE-2009-2848 to the security issues
fixed in kernel 2.6.18-164.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911201-UG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
ESX 2.5.5 ESX not applicable
vMA 4.0 RHEL5 Patch 2 **
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
** vMA is updated to kernel version 2.6.18-164.
f. Updated Service Console package python
Service Console package Python update to version 2.4.3-24.el5.
When the assert() system call was disabled, an input sanitization
flaw was revealed in the Python string object implementation that
led to a buffer overflow. The missing check for negative size values
meant the Python memory allocator could allocate less memory than
expected. This could result in arbitrary code execution with the
Python interpreter's privileges.
Multiple buffer and integer overflow flaws were found in the Python
Unicode string processing and in the Python Unicode and string
object implementations. An attacker could use these flaws to cause
a denial of service.
Multiple integer overflow flaws were found in the Python imageop
module. If a Python application used the imageop module to
process untrusted images, it could cause the application to
disclose sensitive information, crash or, potentially, execute
arbitrary code with the Python interpreter's privileges.
Multiple integer underflow and overflow flaws were found in the
Python snprintf() wrapper implementation. An attacker could use
these flaws to cause a denial of service (memory corruption).
Multiple integer overflow flaws were found in various Python
modules. An attacker could use these flaws to cause a denial of
service.
An integer signedness error, leading to a buffer overflow, was
found in the Python zlib extension module. If a Python application
requested the negative byte count be flushed for a decompression
stream, it could cause the application to crash or, potentially,
execute arbitrary code with the Python interpreter's privileges.
A flaw was discovered in the strxfrm() function of the Python
locale module. Strings generated by this function were not properly
NULL-terminated, which could possibly cause disclosure of data
stored in the memory of a Python application using this function.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-2052 CVE-2007-4965 CVE-2008-1721
CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143
CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911235-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 Patch 2
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
g. Updated Service Console package bind
Service Console package bind updated to version 9.3.6-4.P1.el5
The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server
is operating correctly.
A flaw was found in the way BIND handles dynamic update message
packets containing the "ANY" record type. A remote attacker could
use this flaw to send a specially-crafted dynamic update packet
that could cause named to exit with an assertion failure.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0696 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911237-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 Patch 2
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
h. Updated Service Console package libxml2
Service Console package libxml2 updated to version 2.6.26-2.1.2.8.
libxml is a library for parsing and manipulating XML files. A
Document Type Definition (DTD) defines the legal syntax (and also
which elements can be used) for certain types of files, such as XML
files.
A stack overflow flaw was found in the way libxml processes the
root XML document element definition in a DTD. A remote attacker
could provide a specially-crafted XML file, which once opened by a
local, unsuspecting user, would lead to denial of service.
Multiple use-after-free flaws were found in the way libxml parses
the Notation and Enumeration attribute types. A remote attacker
could provide a specially-crafted XML file, which once opened by a
local, unsuspecting user, would lead to denial of service.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-2414 and CVE-2009-2416 to these
issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911234-SG
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 Patch 2
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
i. Updated Service Console package curl
Service Console package curl updated to version 7.15.5-2.1.el5_3.5
A cURL is affected by the previously published "null prefix attack",
caused by incorrect handling of NULL characters in X.509
certificates. If an attacker is able to get a carefully-crafted
certificate signed by a trusted Certificate Authority, the attacker
could use the certificate during a man-in-the-middle attack and
potentially confuse cURL into accepting it by mistake.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-2417 to this issue
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911232-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 2
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
j. Updated Service Console package gnutls
Service Console package gnutil updated to version 1.4.1-3.el5_3.5
A flaw was discovered in the way GnuTLS handles NULL characters in
certain fields of X.509 certificates. If an attacker is able to get
a carefully-crafted certificate signed by a Certificate Authority
trusted by an application using GnuTLS, the attacker could use the
certificate during a man-in-the-middle attack and potentially
confuse the application into accepting it by mistake.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-2730 to this issue
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi any ESXi not applicable
ESX 4.0 ESX ESX400-200911233-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 2
-
hosted products are VMware Workstation, Player, ACE, Server, Fusion.
-
Solution
Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.
VMware vCenter Server 4 Update 1
Version 4.0 Update 1 Build Number 208156 Release Date 2009/11/19 Type Product Binaries http://downloads.vmware.com/download/download.do?downloadGroup=VC40U1
VMware vCenter Server 4 and modules File size: 1.8 GB File type: .iso MD5SUM: 057d55b32eb27fe5f3e01bc8d3df3bc5 SHA1SUM: c90134418c2e4d3d6637d8bee44261300ad95ec1
VMware vCenter Server 4 and modules File size: 1.5 GB File type: .zip MD5SUM: f843d9c19795eb3bc5a77f5c545468a8 SHA1SUM: 9a7abd8e70bd983151e2ee40e1b3931525c4480c
VMware vSphere Client and Host Update Utility File size: 113.8 MB File type: .exe MD5SUM: 6cc6b2c958e7e9529c284e48dfae22a9 SHA1SUM: f4c19c63a75d93cffc57b170066358160788c959
VMware vCenter Converter BootCD File size: 98.8 MB File type: .zip MD5SUM: 3df94eb0e93de76b0389132ada2a3799 SHA1SUM: 5d7c04e4f9f8ae25adc8de5963fefd8a4c92464c
VMware vCenter Converter CLI (Linux) File size: 36.9 MB File type: .tar.gz MD5SUM: 3766097563936ba5e03e87e898f6bd48 SHA1SUM: 36d485bdb5eb279296ce8c8523df04bfb12a2cb4
ESXi 4.0 Update 1
ESXi400-200911201-UG
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-155-20091116-013169/ESXi-4.0.0-update01.zip md5sum:c6fdd6722d9e5cacb280bdcc2cca0627 sha1sum:de9d4875f86b6493f9da991a8cff37784215db2e http://kb.vmware.com/kb/1014886
NOTE: The three ESXi patches for Firmware, VMware Tools, and the VI Client "C" are contained in a single download file.
ESX 4.0 Update 1
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-158-20091118-187517/ESX-4.0.0-update01.zip md5sum: 68934321105c34dcda4cbeeab36a2b8f sha1sum: 0d8ae58cf9143d5c7113af9692dea11ed2dd864b http://kb.vmware.com/kb/1014842
To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle=ESX-4.0.0-update01.zip -b ESX400-200911223-UG -b ESX400-200911238-SG -b ESX400-200911201-UG -b ESX400-200911235-SG -b ESX400-200911237-SG -b ESX400-200911234-SG -b ESX400-200911232-SG -b ESX400-200911233-SG update
- References
CVE numbers --- JRE --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2672 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2673 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2675 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2716 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2718 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2719 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2722 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2723 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2724 --- Tomcat --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002 --- ntp --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 --- kernel --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5700 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0028 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0322 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0675 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0834 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1439 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1633 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1072 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5966 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2406 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2407 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848 --- python --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1887 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 --- bind --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 --- libxml and libxml2 --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 --- curl -- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 --- gnutil --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052
- Change log
2009-11-20 VMSA-2009-0016 Initial security advisory after release of vCenter 4.0 Update 1 and ESX 4.0 Update 1 on 2009-11-19 and release of vMA Patch 2 on 2009-11-23.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/lifecycle/
Copyright 2009 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAksHAooACgkQS2KysvBH1xmQMACfTEcnuPanvucXPmgJCTT054o+ dtoAniXz+9xLskrkPr3oUzAcDeV729WG =wSRz -----END PGP SIGNATURE----- .
Affected Products
The WiKID Strong Authentication Server - Enterprise Edition The WiKID Strong Authentication Server - Community Edition
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
Mitigation
Commercial users may download the most recent RPMs from the website: http://www.wikidsystems.com/downloads/
Users of the open source community version may download packages from Sourceforge: https://sourceforge.net/project/showfiles.php?group_id=144774
Nick Owen WiKID Systems, Inc. 404-962-8983 (desk) http://www.wikidsystems.com Two-factor authentication, without the hassle factor. References
Tomcat release notes tomcat.apache.org/security-5.html
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
A cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers (CVE-2008-1232).
A cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter (CVE-2008-1947).
A traversal vulnerability was found when the 'allowLinking' and 'URIencoding' settings were actived which could allow a remote attacker to use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process (CVE-2008-2938).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
Updated Packages:
Mandriva Linux 2008.0: 56ca5eb3e331c6675634a5e3f3c5afd7 2008.0/i586/tomcat5-5.5.23-9.2.10.2mdv2008.0.i586.rpm a1c688654decf045f80fb6d8978c73fa 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 2b7a97313ece05bbd5596045853cfca0 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm e8384332efad0e2317a646241bece6ee 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.i586.rpm a30cc8061f55f2613c517574263cdd21 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 4f4a12c8479f27c7f9ed877f5821afa3 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm ced904c459478c1123ed5da41dddbd7f 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 183e045a9b44747c7a4adaec5c860441 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm 78af5a5788ac359a99a24f03a39c7b94 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm 8e8569bfab5abef912299b9b751e49e9 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm 6899c327906423cdd02b930221c2496e 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: c4d1c4471c29d8cd34adb9f2002ef294 2008.0/x86_64/tomcat5-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2caf09173a64a378636496196d99756f 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm d6a9a290638267a1117a55041986d31a 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 2eead87d72af58ddc9e934b55e49a1aa 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 0fab26f89e83c882c5948a430bf82c8b 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 833334424b555a77e2a9951b71ed8fa3 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 115561d6233c3890cf3b85a7599ed03b 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm eccf76ede6fb9256a2b52c861a9b0bb3 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm cd9df1a8a1a5cb3216221bdefdfe8476 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm f7440a4111ec2fd30fa32e4bd74a0a20 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 1464eb297888c4df98d8b7eabe7f0197 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm
Mandriva Linux 2008.1: 594abdc70bc430657eb831520926c73f 2008.1/i586/tomcat5-5.5.25-1.2.1.1mdv2008.1.i586.rpm bdec2b83b4fdb4d10a01a65fbdac512d 2008.1/i586/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3dbc007722996d1c36f31642f80b5c2a 2008.1/i586/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 04b23d162d13f84d1d8707646ea9148c 2008.1/i586/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.i586.rpm 602bf7d4ff261e8af20d50b9e76634bb 2008.1/i586/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.i586.rpm 0066e7519a2d3478f0a3e70bd95a7e5b 2008.1/i586/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 1ba4743762cfa4594a27f0393de47823 2008.1/i586/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 262f2a39b800562cef36d724ce3efa35 2008.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm b9f2af35a734d0e3a2d9bfe292aaced1 2008.1/i586/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm 8307ef374c5b995feac394b6f27474d5 2008.1/i586/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm 3f4692170c35f992defcb4111a8133cd 2008.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm 02b9d28af879b825754eff6199bf1788 2008.1/i586/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 6b1e03e5206eb262970198dccba7d0a3 2008.1/x86_64/tomcat5-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 930cf38058a0f8902e2741c6512e0aa0 2008.1/x86_64/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm c527521cb93bab31df3f91422faf02a6 2008.1/x86_64/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm f8bef98047ef956c8e4c0f877155e1f1 2008.1/x86_64/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 97a8a59178259d26838ce20c176c459a 2008.1/x86_64/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 3bb885debc8576bd305c9fa4c9d25bfb 2008.1/x86_64/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 66dcf08e163fdaaf81992a7d25d84a20 2008.1/x86_64/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm dd92aab81bf4c75ab30b9b82153b24c0 2008.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 517ed776282d089dd84f81d47104f660 2008.1/x86_64/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 83d4bb973b7fec461e812d74541a5949 2008.1/x86_64/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbdd58e1c9e1e8f0089af055abbd85e0 2008.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm cbee0f1f720269f77a66e30709ecd7ae 2008.1/x86_64/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIwYsKmqjQ0CJFipgRApJjAKCVZ1XtEGoADQcp8l/m1ECSRstnjACg4qE8 j+sCdAEJN0CXvurmFcjUvNU= =+kFf -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: phpPgAds XML-RPC PHP Code Execution Vulnerability
SECUNIA ADVISORY ID: SA15884
VERIFY ADVISORY: http://secunia.com/advisories/15884/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/
DESCRIPTION: A vulnerability has been reported in phpPgAds, which can be exploited by malicious people to compromise a vulnerable system. http://sourceforge.net/project/showfiles.php?group_id=36679
OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.9"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "6.0.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.4"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "6.0.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.26"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.25"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.24"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.23"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.22"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.21"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.20"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.18"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.17"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.9"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.4"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "5.5.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.37"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.36"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.34"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.32"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.31"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.30"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.29"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.28"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.24"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.12"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.10"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "4.1.3"
},
{
"model": "virtualcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "virtualcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "vcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "6.0.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.33"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.17"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.21"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.6"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.25"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.14"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.20"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.2"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.18"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.7"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.1"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.9"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.16"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.22"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.35"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.23"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.8"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.15"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.11"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.26"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.27"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "5.5.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.13"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "4.1.4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "drupal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pear xml rpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpxmlrpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postnuke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "serendipity",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wordpress",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xoops",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpmyfaq",
"version": null
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "4.1.0 to 4.1.37 version"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "5.5.0 to 5.5.26 version"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "6.0.0 to 6.0.16 version"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.5"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(sparc)"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "(x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "hp xp p9000 performance advisor software",
"scope": "lt",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5.4.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "webotx application server",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systems wikid server",
"scope": "eq",
"trust": 0.3,
"vendor": "wikid",
"version": "3.0.4"
},
{
"model": "virtualcenter 2.5.update build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "31"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.55"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.52"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.51"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.25"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.24"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.23"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.22"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.21"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0.1"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jboss enterprise application platform el5",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "jboss enterprise application platform el4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "jboss enterprise application platform .cp03",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "developer suite as4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "application server ws4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "application server es4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "application server as4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"model": "zenworks linux management",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "7.3"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "xp p9000 performance advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4.1"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "meeting exchange enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "6.0"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.5"
},
{
"model": "tomcat beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.9"
},
{
"model": "tomcat beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.3"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1"
},
{
"model": "ode",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "ode",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0"
},
{
"model": "systems wikid server",
"scope": "ne",
"trust": 0.3,
"vendor": "wikid",
"version": "3.0.5"
},
{
"model": "virtualcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.56"
},
{
"model": "vcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.01"
},
{
"model": "opensolaris build snv 101",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "jboss enterprise application platform .cp04",
"scope": "ne",
"trust": 0.3,
"vendor": "redhat",
"version": "4.2"
},
{
"model": "xp p9000 performance advisor",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5.5.1"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "6.0.18"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "5.5.27"
},
{
"model": "tomcat",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.38"
},
{
"model": "ode",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "30494"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "\u0026#65279;Stefano Di Paola",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
}
],
"trust": 0.6
},
"cve": "CVE-2008-2370",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2008-2370",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-2370",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#442845",
"trust": 0.8,
"value": "20.75"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-030",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2008-2370",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Apache Tomcat is prone to a remote information-disclosure vulnerability. \nRemote attackers can exploit this issue to obtain the contents of sensitive files stored on the server. Information obtained may lead to further attacks. \nThe following versions are affected:\nTomcat 4.1.0 through 4.1.37\nTomcat 5.5.0 through 5.5.26\nTomcat 6.0.0 through 6.0.16\nTomcat 3.x, 4.0.x, and 5.0.x may also be affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCVE-2008-2370: Apache Tomcat information disclosure vulnerability\n\nSeverity: Important\n\nVendor:\nThe Apache Software Foundation\n\nVersions Affected:\nTomcat 4.1.0 to 4.1.37\nTomcat 5.5.0 to 5.5.26\nTomcat 6.0.0 to 6.0.16\nThe unsupported Tomcat 3.x, 4.0.x and 5.0.x versions may be also affected\n\nDescription:\nWhen using a RequestDispatcher the target path was normalised before the\nquery string was removed. A request that included a specially crafted\nrequest parameter could be used to access content that would otherwise be\nprotected by a security constraint or by locating it in under the WEB-INF\ndirectory. \n\nMitigation:\n6.0.x users should upgrade to 6.0.18\n5.5.x users should obtain the latest source from svn or apply this patch\nwhich will be included from 5.5.27\nhttp://svn.apache.org/viewvc?rev=680949\u0026view=rev\n4.1.x users should obtain the latest source from svn or apply this patch\nwhich will be included from 4.1.38\nhttp://svn.apache.org/viewvc?rev=680950\u0026view=rev\n\nExample:\nFor a page that contains:\n\u003c%\npageContext.forward(\"/page2.jsp?somepar=someval\u0026par=\"+request.getParameter(\"blah\"));\n%\u003e\nan attacker can use:\nhttp://host/page.jsp?blah=/../WEB-INF/web.xml\n\nCredit:\nThis issue was discovered by \ufeffStefano Di Paola of Minded Security Research\nLabs. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01650939\nVersion: 1\n\nHPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution of Arbitrary Code, Cross-Site Request Forgery (CSRF)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2009-02-02\nLast Updated: 2009-02-02\n\nPotential Security Impact: Remote Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, cross-site request forgery (CSRF)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite. \n\nReferences: CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23 and B.11.31 running Apache-based Web Server v2.2.8.01.01 or earlier or Tomcat-based Servelet Engine v5.5.27.01.01 or earlier \nHP-UX B.11.11 running Apache-based Web Server v2.2.8.01.01 or earlier \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6420 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-1232 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-1947 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-2364 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0\nCVE-2008-2370 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 5.0\nCVE-2008-2938 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-2939 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-3658 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 7.5\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n \nRESOLUTION\n\nHP has provided the following upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location: \nURL: http://software.hp.com \n\nNote: HP-UX Web Server Suite v.3.02 contains HP-UX Apache-based Web Server v.2.2.8.01.02 \nand HP-UX Tomcat-based Servlet Engine 5.5.27.01.01 \n\nHP-UX Release - B.11.23 and B.11.31 PA-32\nApache Depot name - HPUXWSATW-B302-32.depot\n \nHP-UX Release - B.11.23 and B.11.31 IA-64\nApache Depot name - HPUXWSATW-B302-64.depot\n \nHP-UX Release - B.11.11 PA-32\nApache Depot name - HPUXWSATW-B222-1111.depot\n \n\nMANUAL ACTIONS: Yes - Update \n\nInstall Apache-based Web Server or Tomcat-based Servelet Engine from the Apache Web Server Suite v3.02 or subsequent \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS \n\nHP-UX B.11.11 \n================== \nhpuxwsAPACHE.APACHE \nhpuxwsAPACHE.APACHE2 \nhpuxwsAPACHE.AUTH_LDAP \nhpuxwsAPACHE.AUTH_LDAP2 \nhpuxwsAPACHE.MOD_JK \nhpuxwsAPACHE.MOD_JK2 \nhpuxwsAPACHE.MOD_PERL \nhpuxwsAPACHE.MOD_PERL2 \nhpuxwsAPACHE.PHP \nhpuxwsAPACHE.PHP2 \nhpuxwsAPACHE.WEBPROXY \nhpuxwsTOMCAT.TOMCAT \nhpuxwsWEBMIN.WEBMIN \n\naction: install revision B.2.2.8.01.02 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.23 \n================== \nhpuxws22APCH32.APACHE \nhpuxws22APCH32.APACHE2 \nhpuxws22APCH32.AUTH_LDAP \nhpuxws22APCH32.AUTH_LDAP2 \nhpuxws22APCH32.MOD_JK \nhpuxws22APCH32.MOD_JK2 \nhpuxws22APCH32.MOD_PERL \nhpuxws22APCH32.MOD_PERL2 \nhpuxws22APCH32.PHP \nhpuxws22APCH32.PHP2 \nhpuxws22APCH32.WEBPROXY \nhpuxws22APCH32.WEBPROXY2 \nhpuxws22TOMCAT.TOMCAT \nhpuxws22WEBMIN.WEBMIN \n\naction: install revision B.2.2.8.01.02 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.31 \n================== \nhpuxws22APACHE.APACHE \nhpuxws22APACHE.APACHE2 \nhpuxws22APACHE.AUTH_LDAP \nhpuxws22APACHE.AUTH_LDAP2 \nhpuxws22APACHE.MOD_JK \nhpuxws22APACHE.MOD_JK2 \nhpuxws22APACHE.MOD_PERL \nhpuxws22APACHE.MOD_PERL2 \nhpuxws22APACHE.PHP \nhpuxws22APACHE.PHP2 \nhpuxws22APACHE.WEBPROXY \nhpuxws22APACHE.WEBPROXY2 \nhpuxws22TOMCAT.TOMCAT \nhpuxws22WEBMIN.WEBMIN \n\naction: install revision B.2.2.8.01.02 or subsequent \nURL: http://software.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) 2 February 2009 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2009 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -----------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0016\nSynopsis: VMware vCenter and ESX update release and vMA patch\n release address multiple security issue in third\n party components\nIssue date: 2009-11-20\nUpdated on: 2009-11-20 (initial release of advisory)\nCVE numbers: --- JRE ---\n CVE-2009-1093 CVE-2009-1094 CVE-2009-1095\n CVE-2009-1096 CVE-2009-1097 CVE-2009-1098\n CVE-2009-1099 CVE-2009-1100 CVE-2009-1101\n CVE-2009-1102 CVE-2009-1103 CVE-2009-1104\n CVE-2009-1105 CVE-2009-1106 CVE-2009-1107\n CVE-2009-2625 CVE-2009-2670 CVE-2009-2671\n CVE-2009-2672 CVE-2009-2673 CVE-2009-2675\n CVE-2009-2676 CVE-2009-2716 CVE-2009-2718\n CVE-2009-2719 CVE-2009-2720 CVE-2009-2721\n CVE-2009-2722 CVE-2009-2723 CVE-2009-2724\n --- Tomcat ---\n CVE-2008-5515 CVE-2009-0033 CVE-2009-0580\n CVE-2009-0781 CVE-2009-0783 CVE-2008-1232\n CVE-2008-1947 CVE-2008-2370 CVE-2007-5333\n CVE-2007-5342 CVE-2007-5461 CVE-2007-6286\n CVE-2008-0002\n --- ntp ---\n CVE-2009-1252 CVE-2009-0159\n --- kernel ---\n CVE-2008-3528 CVE-2008-5700 CVE-2009-0028\n CVE-2009-0269 CVE-2009-0322 CVE-2009-0675\n CVE-2009-0676 CVE-2009-0778 CVE-2008-4307\n CVE-2009-0834 CVE-2009-1337 CVE-2009-0787\n CVE-2009-1336 CVE-2009-1439 CVE-2009-1633\n CVE-2009-1072 CVE-2009-1630 CVE-2009-1192\n CVE-2007-5966 CVE-2009-1385 CVE-2009-1388\n CVE-2009-1389 CVE-2009-1895 CVE-2009-2406\n CVE-2009-2407 CVE-2009-2692 CVE-2009-2698\n CVE-2009-0745 CVE-2009-0746 CVE-2009-0747\n CVE-2009-0748 CVE-2009-2847 CVE-2009-2848\n --- python ---\n CVE-2007-2052 CVE-2007-4965 CVE-2008-1721\n CVE-2008-1887 CVE-2008-2315 CVE-2008-3142\n CVE-2008-3143 CVE-2008-3144 CVE-2008-4864\n CVE-2008-5031\n --- bind ---\n CVE-2009-0696\n --- libxml and libxml2 ---\n CVE-2009-2414 CVE-2009-2416\n --- curl --\n CVE-2009-2417\n --- gnutil ---\n CVE-2007-2052\n- -----------------------------------------------------------------------\n\n1. Summary\n\n Updated Java JRE packages and Tomcat packages address several security\n issues. Updates for the ESX Service Console and vMA include kernel,\n ntp, Python, bind libxml, libxml2, curl and gnutil packages. ntp is\n also updated for ESXi userworlds. \n\n2. Relevant releases\n\n vCenter Server 4.0 before Update 1\n\n ESXi 4.0 without patch ESXi400-200911201-UG\n\n ESX 4.0 without patches ESX400-200911201-UG, ESX400-200911223-UG,\n ESX400-200911232-SG, ESX400-200911233-SG,\n ESX400-200911234-SG, ESX400-200911235-SG,\n ESX400-200911237-SG, ESX400-200911238-SG\n\n vMA 4.0 before patch 02\n\n3. Problem Description\n\n a. JRE Security Update\n\n JRE update to version 1.5.0_20, which addresses multiple security\n issues that existed in earlier releases of JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095,\n CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099,\n CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103,\n CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,\n CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676,\n CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720,\n CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.0 Windows Update 1\n VirtualCenter 2.5 Windows affected, patch pending\n VirtualCenter 2.0.2 Windows affected, patch pending\n\n Workstation any any not affected\n\n Player any any not affected\n\n Server 2.0 any affected, patch pending\n Server 1.0 any not affected\n\n ACE any any not affected\n\n Fusion any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-200911223-UG\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 2 *\n\n * vMA JRE is updated to version JRE 1.5.0_21\n\n Notes: These vulnerabilities can be exploited remotely only if the\n attacker has access to the Service Console network. \n\n Security best practices provided by VMware recommend that the\n Service Console be isolated from the VM network. Please see\n http://www.vmware.com/resources/techresources/726 for more\n information on VMware security best practices. \n\n The currently installed version of JRE depends on your patch\n deployment history. \n\n\n b. Update Apache Tomcat version to 6.0.20\n\n Update for VirtualCenter and ESX patch update the Tomcat package to\n version 6.0.20 which addresses multiple security issues that existed\n in the previous version of Apache Tomcat. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.20: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580,\n CVE-2009-0781, CVE-2009-0783. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461,\n CVE-2007-6286, CVE-2008-0002. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ======== ======== ======= =======================\n vCenter 4.0 Windows Update 1\n VirtualCenter 2.5 Windows affected, patch pending\n VirtualCenter 2.0.2 Windows affected, patch pending\n\n Workstation any any not affected\n\n Player any any not affected\n\n ACE any Windows not affected\n\n Server 2.x any affected, patch pending\n Server 1.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-200911223-UG\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 not affected\n\n Notes: These vulnerabilities can be exploited remotely only if the\n attacker has access to the Service Console network. \n\n Security best practices provided by VMware recommend that the\n Service Console be isolated from the VM network. Please see\n http://www.vmware.com/resources/techresources/726 for more\n information on VMware security best practices. \n\n The currently installed version of Tomcat depends on\n your patch deployment history. \n\n c. Third party library update for ntp. \n\n The Network Time Protocol (NTP) is used to synchronize a computer\u0027s\n time with a referenced time source. \n\n ESXi 3.5 and ESXi 4.0 have a ntp client that is affected by the\n following security issue. Note that the same security issue is\n present in the ESX Service Console as described in section d. of\n this advisory. \n\n A buffer overflow flaw was discovered in the ntpd daemon\u0027s NTPv4\n authentication code. If ntpd was configured to use public key\n cryptography for NTP packet authentication, a remote attacker could\n use this flaw to send a specially-crafted request packet that could\n crash ntpd or, potentially, execute arbitrary code with the\n privileges of the \"ntp\" user. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-1252 to this issue. \n\n The NTP security issue identified by CVE-2009-0159 is not relevant\n for ESXi 3.5 and ESXi 4.0. \n\n The following table lists what action remediates the vulnerability\n in this component (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 4.0 ESXi ESXi400-200911201-UG\n ESXi 3.5 ESXi affected, patch pending\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 not affected\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n d. Service Console update for ntp\n\n Service Console package ntp updated to version ntp-4.2.2pl-9.el5_3.2\n\n The Network Time Protocol (NTP) is used to synchronize a computer\u0027s\n time with a referenced time source. \n\n The Service Console present in ESX is affected by the following\n security issues. \n\n A buffer overflow flaw was discovered in the ntpd daemon\u0027s NTPv4\n authentication code. If ntpd was configured to use public key\n cryptography for NTP packet authentication, a remote attacker could\n use this flaw to send a specially-crafted request packet that could\n crash ntpd or, potentially, execute arbitrary code with the\n privileges of the \"ntp\" user. \n\n NTP authentication is not enabled by default on the Service Console. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-1252 to this issue. \n\n A buffer overflow flaw was found in the ntpq diagnostic command. A\n malicious, remote server could send a specially-crafted reply to an\n ntpq request that could crash ntpq or, potentially, execute\n arbitrary code with the privileges of the user running the ntpq\n command. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0159 to this issue. \n\n The following table lists what action remediates the vulnerability\n in the Service Console (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-200911238-SG\n ESX 3.5 ESX affected, patch pending **\n ESX 3.0.3 ESX affected, patch pending **\n ESX 2.5.5 ESX affected, patch pending **\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n ** The service consoles of ESX 2.5.5, ESX 3.0.3 and ESX 3.5 are not\naffected\n by CVE-2009-1252. The security issue identified by CVE-2009-0159 has a\n low impact on the service console of ESX 2.5.5, ESX 3.0.3 and ESX 3.5. \n\n e. Updated Service Console package kernel\n\n Updated Service Console package kernel addresses the security\n issues below. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-3528, CVE-2008-5700, CVE-2009-0028,\n CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676,\n CVE-2009-0778 to the security issues fixed in kernel\n 2.6.18-128.1.6. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-4307, CVE-2009-0834, CVE-2009-1337,\n CVE-2009-0787, CVE-2009-1336 to the security issues fixed in\n kernel 2.6.18-128.1.10. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1439, CVE-2009-1633, CVE-2009-1072,\n CVE-2009-1630, CVE-2009-1192 to the security issues fixed in\n kernel 2.6.18-128.1.14. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-5966, CVE-2009-1385, CVE-2009-1388,\n CVE-2009-1389, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407 to the\n security issues fixed in kernel 2.6.18-128.4.1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-2692, CVE-2009-2698 to the\n security issues fixed in kernel 2.6.18-128.7.1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-0745, CVE-2009-0746, CVE-2009-0747,\n CVE-2009-0748, CVE-2009-2847, CVE-2009-2848 to the security issues\n fixed in kernel 2.6.18-164. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911201-UG\n ESX 3.5 ESX not applicable\n ESX 3.0.3 ESX not applicable\n ESX 2.5.5 ESX not applicable\n\n vMA 4.0 RHEL5 Patch 2 **\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n ** vMA is updated to kernel version 2.6.18-164. \n\n f. Updated Service Console package python\n\n Service Console package Python update to version 2.4.3-24.el5. \n\n When the assert() system call was disabled, an input sanitization\n flaw was revealed in the Python string object implementation that\n led to a buffer overflow. The missing check for negative size values\n meant the Python memory allocator could allocate less memory than\n expected. This could result in arbitrary code execution with the\n Python interpreter\u0027s privileges. \n\n Multiple buffer and integer overflow flaws were found in the Python\n Unicode string processing and in the Python Unicode and string\n object implementations. An attacker could use these flaws to cause\n a denial of service. \n\n Multiple integer overflow flaws were found in the Python imageop\n module. If a Python application used the imageop module to\n process untrusted images, it could cause the application to\n disclose sensitive information, crash or, potentially, execute\n arbitrary code with the Python interpreter\u0027s privileges. \n\n Multiple integer underflow and overflow flaws were found in the\n Python snprintf() wrapper implementation. An attacker could use\n these flaws to cause a denial of service (memory corruption). \n\n Multiple integer overflow flaws were found in various Python\n modules. An attacker could use these flaws to cause a denial of\n service. \n\n An integer signedness error, leading to a buffer overflow, was\n found in the Python zlib extension module. If a Python application\n requested the negative byte count be flushed for a decompression\n stream, it could cause the application to crash or, potentially,\n execute arbitrary code with the Python interpreter\u0027s privileges. \n\n A flaw was discovered in the strxfrm() function of the Python\n locale module. Strings generated by this function were not properly\n NULL-terminated, which could possibly cause disclosure of data\n stored in the memory of a Python application using this function. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-2052 CVE-2007-4965 CVE-2008-1721\n CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143\n CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911235-SG\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX affected, patch pending\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n g. Updated Service Console package bind\n\n Service Console package bind updated to version 9.3.6-4.P1.el5\n\n The Berkeley Internet Name Domain (BIND) is an implementation of the\n Domain Name System (DNS) protocols. BIND includes a DNS server\n (named); a resolver library (routines for applications to use when\n interfacing with DNS); and tools for verifying that the DNS server\n is operating correctly. \n\n A flaw was found in the way BIND handles dynamic update message\n packets containing the \"ANY\" record type. A remote attacker could\n use this flaw to send a specially-crafted dynamic update packet\n that could cause named to exit with an assertion failure. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0696 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911237-SG\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX affected, patch pending\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n h. Updated Service Console package libxml2\n\n Service Console package libxml2 updated to version 2.6.26-2.1.2.8. \n\n libxml is a library for parsing and manipulating XML files. A\n Document Type Definition (DTD) defines the legal syntax (and also\n which elements can be used) for certain types of files, such as XML\n files. \n\n A stack overflow flaw was found in the way libxml processes the\n root XML document element definition in a DTD. A remote attacker\n could provide a specially-crafted XML file, which once opened by a\n local, unsuspecting user, would lead to denial of service. \n\n Multiple use-after-free flaws were found in the way libxml parses\n the Notation and Enumeration attribute types. A remote attacker\n could provide a specially-crafted XML file, which once opened by a\n local, unsuspecting user, would lead to denial of service. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-2414 and CVE-2009-2416 to these\n issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911234-SG\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX affected, patch pending\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n i. Updated Service Console package curl\n\n Service Console package curl updated to version 7.15.5-2.1.el5_3.5\n\n A cURL is affected by the previously published \"null prefix attack\",\n caused by incorrect handling of NULL characters in X.509\n certificates. If an attacker is able to get a carefully-crafted\n certificate signed by a trusted Certificate Authority, the attacker\n could use the certificate during a man-in-the-middle attack and\n potentially confuse cURL into accepting it by mistake. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-2417 to this issue\n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911232-SG\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n j. Updated Service Console package gnutls\n\n Service Console package gnutil updated to version 1.4.1-3.el5_3.5\n\n A flaw was discovered in the way GnuTLS handles NULL characters in\n certain fields of X.509 certificates. If an attacker is able to get\n a carefully-crafted certificate signed by a Certificate Authority\n trusted by an application using GnuTLS, the attacker could use the\n certificate during a man-in-the-middle attack and potentially\n confuse the application into accepting it by mistake. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-2730 to this issue\n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX ESX400-200911233-SG\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 2\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum of your downloaded file. \n\n\n VMware vCenter Server 4 Update 1\n --------------------------------\n Version 4.0 Update 1\n Build Number 208156\n Release Date 2009/11/19\n Type Product Binaries\n http://downloads.vmware.com/download/download.do?downloadGroup=VC40U1\n\n VMware vCenter Server 4 and modules\n File size: 1.8 GB\n File type: .iso\n MD5SUM: 057d55b32eb27fe5f3e01bc8d3df3bc5\n SHA1SUM: c90134418c2e4d3d6637d8bee44261300ad95ec1\n\n VMware vCenter Server 4 and modules\n File size: 1.5 GB\n File type: .zip\n MD5SUM: f843d9c19795eb3bc5a77f5c545468a8\n SHA1SUM: 9a7abd8e70bd983151e2ee40e1b3931525c4480c\n\n VMware vSphere Client and Host Update Utility\n File size: 113.8 MB\n File type: .exe\n MD5SUM: 6cc6b2c958e7e9529c284e48dfae22a9\n SHA1SUM: f4c19c63a75d93cffc57b170066358160788c959\n\n VMware vCenter Converter BootCD\n File size: 98.8 MB\n File type: .zip\n MD5SUM: 3df94eb0e93de76b0389132ada2a3799\n SHA1SUM: 5d7c04e4f9f8ae25adc8de5963fefd8a4c92464c\n\n VMware vCenter Converter CLI (Linux)\n File size: 36.9 MB\n File type: .tar.gz\n MD5SUM: 3766097563936ba5e03e87e898f6bd48\n SHA1SUM: 36d485bdb5eb279296ce8c8523df04bfb12a2cb4\n\n\n ESXi 4.0 Update 1\n -----------------\n ESXi400-200911201-UG\n\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-155-20091116-013169/ESXi-4.0.0-update01.zip\n md5sum:c6fdd6722d9e5cacb280bdcc2cca0627\n sha1sum:de9d4875f86b6493f9da991a8cff37784215db2e\n http://kb.vmware.com/kb/1014886\n\n NOTE: The three ESXi patches for Firmware, VMware Tools, and the\n VI Client \"C\" are contained in a single download file. \n\n\n ESX 4.0 Update 1\n ----------------\n\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-158-20091118-187517/ESX-4.0.0-update01.zip\n md5sum: 68934321105c34dcda4cbeeab36a2b8f\n sha1sum: 0d8ae58cf9143d5c7113af9692dea11ed2dd864b\n http://kb.vmware.com/kb/1014842\n\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle=ESX-4.0.0-update01.zip -b ESX400-200911223-UG\n -b ESX400-200911238-SG -b ESX400-200911201-UG -b ESX400-200911235-SG\n -b ESX400-200911237-SG -b ESX400-200911234-SG -b ESX400-200911232-SG\n -b ESX400-200911233-SG update\n\n\n5. References\n\n CVE numbers\n --- JRE ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1105\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1106\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2670\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2671\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2672\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2673\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2675\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2716\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2718\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2719\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2720\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2722\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2723\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2724\n --- Tomcat ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002\n --- ntp ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159\n --- kernel ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5700\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0028\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0269\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0322\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0675\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0778\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4307\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0834\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0787\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1336\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1439\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1633\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1072\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1630\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5966\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1389\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2406\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2407\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2698\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0745\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0746\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0747\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0748\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848\n --- python ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1887\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031\n --- bind ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696\n --- libxml and libxml2 ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416\n --- curl --\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417\n --- gnutil ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052\n\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-11-20 VMSA-2009-0016\nInitial security advisory after release of vCenter 4.0 Update 1 and\nESX 4.0 Update 1 on 2009-11-19 and release of vMA Patch 2 on 2009-11-23. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/lifecycle/\n\nCopyright 2009 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.11 (GNU/Linux)\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\n\niEYEARECAAYFAksHAooACgkQS2KysvBH1xmQMACfTEcnuPanvucXPmgJCTT054o+\ndtoAniXz+9xLskrkPr3oUzAcDeV729WG\n=wSRz\n-----END PGP SIGNATURE-----\n. \n\n\nAffected Products\n=================\nThe WiKID Strong Authentication Server - Enterprise Edition\nThe WiKID Strong Authentication Server - Community Edition\n\nReferences\n==========\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286\n\nMitigation\n==========\n\nCommercial users may download the most recent RPMs from the website:\nhttp://www.wikidsystems.com/downloads/\n\nUsers of the open source community version may download packages from\nSourceforge:\nhttps://sourceforge.net/project/showfiles.php?group_id=144774\n\n\n\n- --\nNick Owen\nWiKID Systems, Inc. \n404-962-8983 (desk)\nhttp://www.wikidsystems.com\nTwo-factor authentication, without the hassle factor. References\n\n Tomcat release notes\n tomcat.apache.org/security-5.html\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370\n\n- - ------------------------------------------------------------------------\n6. \n \n A cross-site scripting vulnerability was found in the\n HttpServletResponse.sendError() method which could allow a remote\n attacker to inject arbitrary web script or HTML via forged HTTP headers\n (CVE-2008-1232). \n \n A cross-site scripting vulnerability was found in the host manager\n application that could allow a remote attacker to inject arbitrary\n web script or HTML via the hostname parameter (CVE-2008-1947). \n \n A traversal vulnerability was found when the \u0027allowLinking\u0027 and\n \u0027URIencoding\u0027 settings were actived which could allow a remote attacker\n to use a UTF-8-encoded request to extend their privileges and obtain\n local files accessible to the Tomcat process (CVE-2008-2938). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 56ca5eb3e331c6675634a5e3f3c5afd7 2008.0/i586/tomcat5-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n a1c688654decf045f80fb6d8978c73fa 2008.0/i586/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 2b7a97313ece05bbd5596045853cfca0 2008.0/i586/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n e8384332efad0e2317a646241bece6ee 2008.0/i586/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n a30cc8061f55f2613c517574263cdd21 2008.0/i586/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 4f4a12c8479f27c7f9ed877f5821afa3 2008.0/i586/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n ced904c459478c1123ed5da41dddbd7f 2008.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 183e045a9b44747c7a4adaec5c860441 2008.0/i586/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 78af5a5788ac359a99a24f03a39c7b94 2008.0/i586/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 8e8569bfab5abef912299b9b751e49e9 2008.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.i586.rpm\n 6899c327906423cdd02b930221c2496e 2008.0/i586/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.i586.rpm \n 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n c4d1c4471c29d8cd34adb9f2002ef294 2008.0/x86_64/tomcat5-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 2caf09173a64a378636496196d99756f 2008.0/x86_64/tomcat5-admin-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n d6a9a290638267a1117a55041986d31a 2008.0/x86_64/tomcat5-common-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 2eead87d72af58ddc9e934b55e49a1aa 2008.0/x86_64/tomcat5-jasper-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 0fab26f89e83c882c5948a430bf82c8b 2008.0/x86_64/tomcat5-jasper-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 833334424b555a77e2a9951b71ed8fa3 2008.0/x86_64/tomcat5-jsp-2.0-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 115561d6233c3890cf3b85a7599ed03b 2008.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n eccf76ede6fb9256a2b52c861a9b0bb3 2008.0/x86_64/tomcat5-server-lib-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n cd9df1a8a1a5cb3216221bdefdfe8476 2008.0/x86_64/tomcat5-servlet-2.4-api-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n f7440a4111ec2fd30fa32e4bd74a0a20 2008.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm\n 1464eb297888c4df98d8b7eabe7f0197 2008.0/x86_64/tomcat5-webapps-5.5.23-9.2.10.2mdv2008.0.x86_64.rpm \n 39fd3985d73f2f20efe4ed97c2a5e7c7 2008.0/SRPMS/tomcat5-5.5.23-9.2.10.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 594abdc70bc430657eb831520926c73f 2008.1/i586/tomcat5-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n bdec2b83b4fdb4d10a01a65fbdac512d 2008.1/i586/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 3dbc007722996d1c36f31642f80b5c2a 2008.1/i586/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 04b23d162d13f84d1d8707646ea9148c 2008.1/i586/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 602bf7d4ff261e8af20d50b9e76634bb 2008.1/i586/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 0066e7519a2d3478f0a3e70bd95a7e5b 2008.1/i586/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 1ba4743762cfa4594a27f0393de47823 2008.1/i586/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 262f2a39b800562cef36d724ce3efa35 2008.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n b9f2af35a734d0e3a2d9bfe292aaced1 2008.1/i586/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 8307ef374c5b995feac394b6f27474d5 2008.1/i586/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 3f4692170c35f992defcb4111a8133cd 2008.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.i586.rpm\n 02b9d28af879b825754eff6199bf1788 2008.1/i586/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.i586.rpm \n 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 6b1e03e5206eb262970198dccba7d0a3 2008.1/x86_64/tomcat5-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 930cf38058a0f8902e2741c6512e0aa0 2008.1/x86_64/tomcat5-admin-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n c527521cb93bab31df3f91422faf02a6 2008.1/x86_64/tomcat5-common-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n f8bef98047ef956c8e4c0f877155e1f1 2008.1/x86_64/tomcat5-jasper-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 97a8a59178259d26838ce20c176c459a 2008.1/x86_64/tomcat5-jasper-eclipse-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 3bb885debc8576bd305c9fa4c9d25bfb 2008.1/x86_64/tomcat5-jasper-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 66dcf08e163fdaaf81992a7d25d84a20 2008.1/x86_64/tomcat5-jsp-2.0-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n dd92aab81bf4c75ab30b9b82153b24c0 2008.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 517ed776282d089dd84f81d47104f660 2008.1/x86_64/tomcat5-server-lib-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n 83d4bb973b7fec461e812d74541a5949 2008.1/x86_64/tomcat5-servlet-2.4-api-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n cbdd58e1c9e1e8f0089af055abbd85e0 2008.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm\n cbee0f1f720269f77a66e30709ecd7ae 2008.1/x86_64/tomcat5-webapps-5.5.25-1.2.1.1mdv2008.1.x86_64.rpm \n 2621d41df35e895a1ed0ed471f93f211 2008.1/SRPMS/tomcat5-5.5.25-1.2.1.1mdv2008.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFIwYsKmqjQ0CJFipgRApJjAKCVZ1XtEGoADQcp8l/m1ECSRstnjACg4qE8\nj+sCdAEJN0CXvurmFcjUvNU=\n=+kFf\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. HP has updated the Apache Tomcat and Oracle database software to\naddress vulnerabilities affecting confidentiality, availability, and\nintegrity. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nphpPgAds XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15884\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15884/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nphpPgAds 2.x\nhttp://secunia.com/product/4577/\n\nDESCRIPTION:\nA vulnerability has been reported in phpPgAds, which can be exploited\nby malicious people to compromise a vulnerable system. \nhttp://sourceforge.net/project/showfiles.php?group_id=36679\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2370"
},
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "BID",
"id": "30494"
},
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "PACKETSTORM",
"id": "68743"
},
{
"db": "PACKETSTORM",
"id": "74633"
},
{
"db": "PACKETSTORM",
"id": "82837"
},
{
"db": "PACKETSTORM",
"id": "70055"
},
{
"db": "PACKETSTORM",
"id": "125556"
},
{
"db": "PACKETSTORM",
"id": "75161"
},
{
"db": "PACKETSTORM",
"id": "69700"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "PACKETSTORM",
"id": "38390"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32137",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-2370"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-2370",
"trust": 3.6
},
{
"db": "BID",
"id": "30494",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "31381",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "31379",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1020623",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "33797",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31639",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "36249",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "37460",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31982",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32120",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35393",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32266",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32222",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33999",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31865",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "57126",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31891",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "34013",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-1535",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-0503",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2823",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2780",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3316",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-0320",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-2215",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2305",
"trust": 1.7
},
{
"db": "BID",
"id": "31681",
"trust": 1.7
},
{
"db": "SREASON",
"id": "4099",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "15884",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15810",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15922",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15852",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15855",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15861",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15862",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15872",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15883",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15895",
"trust": 0.8
},
{
"db": "BID",
"id": "14088",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014327",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#442845",
"trust": 0.8
},
{
"db": "XF",
"id": "44156",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "32137",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-2370",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68743",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74633",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "82837",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70055",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125556",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "75161",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69700",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125436",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38390",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "BID",
"id": "30494"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "PACKETSTORM",
"id": "68743"
},
{
"db": "PACKETSTORM",
"id": "74633"
},
{
"db": "PACKETSTORM",
"id": "82837"
},
{
"db": "PACKETSTORM",
"id": "70055"
},
{
"db": "PACKETSTORM",
"id": "125556"
},
{
"db": "PACKETSTORM",
"id": "75161"
},
{
"db": "PACKETSTORM",
"id": "69700"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"id": "VAR-200808-0011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T20:51:12.284000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache Tomcat 5.5.SVN",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"title": "Fixed in Apache Tomcat 6.0.18",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"title": "Fixed in Apache Tomcat 4.1.SVN",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"title": "APPLE-SA-2008-10-09 Security Update 2008-007",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
},
{
"title": "HT3216",
"trust": 0.8,
"url": "http://support.apple.com/en-us/ht3216"
},
{
"title": "HT3216",
"trust": 0.8,
"url": "http://support.apple.com/ja-jp/ht3216"
},
{
"title": "tomcat5-5.5.23-0jpp.7.1.1AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=156"
},
{
"title": "ASA-2008-401",
"trust": 0.8,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-401.htm"
},
{
"title": "HPSBUX02401 SSRT090005",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01650939"
},
{
"title": "HPSBST02955 SSRT101157",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04047415"
},
{
"title": "1381",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1381"
},
{
"title": "NV09-012",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv09-012.html"
},
{
"title": "RHSA-2008:0648",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0648.html"
},
{
"title": "RHSA-2008:0862",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2008-0862.html"
},
{
"title": "Multiple vulnerabilities in Oracle Java Web Console",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1"
},
{
"title": "251986",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251986-1"
},
{
"title": "VMSA-2009-0002",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2009-0002.html"
},
{
"title": "VMSA-2009-0016",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2009-0016.html"
},
{
"title": "interstage_as_200902",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200902.html"
},
{
"title": "Red Hat: Important: jbossweb security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20080877 - security advisory"
},
{
"title": "Red Hat: Important: tomcat security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20080864 - security advisory"
},
{
"title": "Red Hat: Important: tomcat security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20080862 - security advisory"
},
{
"title": "Red Hat: Low: tomcat security update for Red Hat Network Satellite Server",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20081007 - security advisory"
},
{
"title": "VMware Security Advisories: VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=73a787a1c84c97013ffa2f87f6d2e4ba"
},
{
"title": "VMware Security Advisories: VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4675848a694e2124743f676a2c827ef7"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.securityfocus.com/bid/30494"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020623"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/31379"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/31381"
},
{
"trust": 2.4,
"url": "http://www.vmware.com/security/advisories/vmsa-2009-0002.html"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/31681"
},
{
"trust": 2.3,
"url": "http://www.vmware.com/security/advisories/vmsa-2009-0016.html"
},
{
"trust": 2.0,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"trust": 2.0,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"trust": 2.0,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-401.htm"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200902e.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31639"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0648.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:188"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00889.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00859.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31891"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-september/msg00712.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31865"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0862.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0864.html"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht3216"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32222"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/4099"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31982"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=123376588623823\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33797"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32120"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32266"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/0503"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33999"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/34013"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35393"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/1535"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/2215"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/36249"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37460"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3316"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2780"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/0320"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2823"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/2305"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/57126"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44156"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5876"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10577"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/495022/100/0/threaded"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.6,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2370"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15884/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15852/"
},
{
"trust": 0.8,
"url": "http://www.hardened-php.net/advisory-022005.php"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15861/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15862/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15895/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15883/"
},
{
"trust": 0.8,
"url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15855/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15810/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15872/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15922/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14088"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/2305"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/44156"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2370"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2370"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1947"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1232"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1232"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1947"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5342"
},
{
"trust": 0.3,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000068.html"
},
{
"trust": 0.3,
"url": "http://tomcat.apache.org/"
},
{
"trust": 0.3,
"url": "http://www.redhat.com/docs/en-us/jboss_enterprise_application_platform/4.2.0.cp04/html-single/readme/index.html"
},
{
"trust": 0.3,
"url": "https://sourceforge.net/project/shownotes.php?release_id=626903\u0026group_id=144774"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251986-1"
},
{
"trust": 0.3,
"url": "http://download.novell.com/download?buildid=n5vszfht1vs"
},
{
"trust": 0.3,
"url": "/archive/1/495022"
},
{
"trust": 0.3,
"url": "/archive/1/507985"
},
{
"trust": 0.3,
"url": "http://mail-archives.apache.org/mod_mbox/ode-user/200908.mbox/%3cfbdc6a970908072141w20a7a9d9ka1f896ad8073dffb@mail.gmail.com%3e"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0648.html"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7006398"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2938"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5342"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6286"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5333"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5461"
},
{
"trust": 0.2,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.2,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5461"
},
{
"trust": 0.2,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/resources/techresources/726"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6286"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5333"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2938"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.2,
"url": "http://www.hp.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0534"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5063"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5064"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2481"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5062"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.2,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2008:0877"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/32137/"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/security.html"
},
{
"trust": 0.1,
"url": "http://svn.apache.org/viewvc?rev=680949\u0026view=rev"
},
{
"trust": 0.1,
"url": "http://host/page.jsp?blah=/../web-inf/web.xml"
},
{
"trust": 0.1,
"url": "http://svn.apache.org/viewvc?rev=680950\u0026view=rev"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1102"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1099"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1098"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0745"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5515"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2671"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0675"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2671"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0033"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1096"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2052"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2315"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2416"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1099"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2724"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5031"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0159"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3143"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1439"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2716"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4864"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=vc40u1"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1895"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3142"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3144"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2407"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2692"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2673"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2723"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0778"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1096"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1721"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2675"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1103"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1097"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0746"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1103"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1385"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2670"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1633"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0747"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1106"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1102"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2414"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4965"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0748"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0834"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2847"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1097"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1105"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3528"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2406"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2417"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2670"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1106"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1337"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2722"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0781"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2698"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0783"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1107"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-155-20091116-013169/esxi-4.0.0-update01.zip"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-158-20091118-187517/esx-4.0.0-update01.zip"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1101"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1104"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1100"
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0676"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0028"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0696"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1072"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1336"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014886"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1104"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2721"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1098"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1192"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1100"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0002"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5700"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1389"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5966"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0580"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0322"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2719"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0787"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1105"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2848"
},
{
"trust": 0.1,
"url": "http://www.wikidsystems.com"
},
{
"trust": 0.1,
"url": "https://sourceforge.net/project/showfiles.php?group_id=144774"
},
{
"trust": 0.1,
"url": "http://www.wikidsystems.com/downloads/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/download.do?downloadgroup=vc250u4"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/vi3/doc/vi3_vc25u4_rel_notes.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=36679"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "BID",
"id": "30494"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "PACKETSTORM",
"id": "68743"
},
{
"db": "PACKETSTORM",
"id": "74633"
},
{
"db": "PACKETSTORM",
"id": "82837"
},
{
"db": "PACKETSTORM",
"id": "70055"
},
{
"db": "PACKETSTORM",
"id": "125556"
},
{
"db": "PACKETSTORM",
"id": "75161"
},
{
"db": "PACKETSTORM",
"id": "69700"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"db": "BID",
"id": "30494"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"db": "PACKETSTORM",
"id": "68743"
},
{
"db": "PACKETSTORM",
"id": "74633"
},
{
"db": "PACKETSTORM",
"id": "82837"
},
{
"db": "PACKETSTORM",
"id": "70055"
},
{
"db": "PACKETSTORM",
"id": "125556"
},
{
"db": "PACKETSTORM",
"id": "75161"
},
{
"db": "PACKETSTORM",
"id": "69700"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "PACKETSTORM",
"id": "38390"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2008-08-04T00:00:00",
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"date": "2008-08-01T00:00:00",
"db": "BID",
"id": "30494"
},
{
"date": "2008-09-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"date": "2008-08-01T20:26:42",
"db": "PACKETSTORM",
"id": "68743"
},
{
"date": "2009-02-04T18:45:10",
"db": "PACKETSTORM",
"id": "74633"
},
{
"date": "2009-11-20T22:21:26",
"db": "PACKETSTORM",
"id": "82837"
},
{
"date": "2008-09-17T15:13:40",
"db": "PACKETSTORM",
"id": "70055"
},
{
"date": "2014-03-06T02:39:08",
"db": "PACKETSTORM",
"id": "125556"
},
{
"date": "2009-02-25T00:58:34",
"db": "PACKETSTORM",
"id": "75161"
},
{
"date": "2008-09-06T00:23:13",
"db": "PACKETSTORM",
"id": "69700"
},
{
"date": "2014-02-26T22:39:24",
"db": "PACKETSTORM",
"id": "125436"
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38390"
},
{
"date": "2007-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"date": "2008-08-04T01:41:00",
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-09T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2019-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2008-2370"
},
{
"date": "2015-05-07T17:17:00",
"db": "BID",
"id": "30494"
},
{
"date": "2015-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001606"
},
{
"date": "2023-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-030"
},
{
"date": "2023-02-13T02:19:08.810000",
"db": "NVD",
"id": "CVE-2008-2370"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-030"
}
],
"trust": 0.6
}
}
VAR-200908-0708
Vulnerability from variot - Updated: 2024-07-23 20:50Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. Apache APR (Apache Portable Runtime) and 'APR-util' are prone to multiple integer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of an application that uses the affected library. Successful exploits will compromise the affected application and possibly the computer. Failed attacks will cause denial-of-service conditions.
This update provides fixes for these vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
Updated Packages:
Mandriva Linux 2008.1: bd5757bce0a8299edcf7dcc3e2980964 2008.1/i586/apr-util-dbd-mysql-1.2.12-4.2mdv2008.1.i586.rpm 50ba5cc45e1f72e8219addc0df369ca4 2008.1/i586/apr-util-dbd-pgsql-1.2.12-4.2mdv2008.1.i586.rpm 1cb0f643e4084741afefb8d25d975062 2008.1/i586/apr-util-dbd-sqlite3-1.2.12-4.2mdv2008.1.i586.rpm 23990e6d23f02addecd2d3dcd7d68baf 2008.1/i586/libapr1-1.2.12-3.1mdv2008.1.i586.rpm 002cebd9b1e101cc487490fb5e1de4b9 2008.1/i586/libapr-devel-1.2.12-3.1mdv2008.1.i586.rpm 178584e4fee60428188b4f8be39e8b22 2008.1/i586/libapr-util1-1.2.12-4.2mdv2008.1.i586.rpm d718e18960ee01edbfc9cf99cb335604 2008.1/i586/libapr-util-devel-1.2.12-4.2mdv2008.1.i586.rpm bf792d204211369b8c63051f1360fd97 2008.1/SRPMS/apr-1.2.12-3.1mdv2008.1.src.rpm dcbd01ea287e6d8efc276dfa074c3930 2008.1/SRPMS/apr-util-1.2.12-4.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 6a9a81c520c8e30b5f8fbbe54d185dff 2008.1/x86_64/apr-util-dbd-mysql-1.2.12-4.2mdv2008.1.x86_64.rpm cc9d7917d41f5ca317d2942c2d14c859 2008.1/x86_64/apr-util-dbd-pgsql-1.2.12-4.2mdv2008.1.x86_64.rpm 016e48025c0fec50db868ba23d20140e 2008.1/x86_64/apr-util-dbd-sqlite3-1.2.12-4.2mdv2008.1.x86_64.rpm 6ee3859a30eab3399275b29356df5727 2008.1/x86_64/lib64apr1-1.2.12-3.1mdv2008.1.x86_64.rpm 766f74618ab9532eef5ab40f94112579 2008.1/x86_64/lib64apr-devel-1.2.12-3.1mdv2008.1.x86_64.rpm 6e57aa1381b9af730eec5f313f8d5d79 2008.1/x86_64/lib64apr-util1-1.2.12-4.2mdv2008.1.x86_64.rpm 6fda7ebf5640ad5ad9ba0d2d1169dbc9 2008.1/x86_64/lib64apr-util-devel-1.2.12-4.2mdv2008.1.x86_64.rpm bf792d204211369b8c63051f1360fd97 2008.1/SRPMS/apr-1.2.12-3.1mdv2008.1.src.rpm dcbd01ea287e6d8efc276dfa074c3930 2008.1/SRPMS/apr-util-1.2.12-4.2mdv2008.1.src.rpm
Mandriva Linux 2009.0: 89786c5904cee8d22c5140528d412a1c 2009.0/i586/apr-util-dbd-freetds-1.3.4-2.2mdv2009.0.i586.rpm 19df90719d15def384b7aec1efc5dcd8 2009.0/i586/apr-util-dbd-ldap-1.3.4-2.2mdv2009.0.i586.rpm e164acf4668fd239f2801698e3dc9aa4 2009.0/i586/apr-util-dbd-mysql-1.3.4-2.2mdv2009.0.i586.rpm 70f55ca514ef15778001082f3c51a9fd 2009.0/i586/apr-util-dbd-odbc-1.3.4-2.2mdv2009.0.i586.rpm 85135d9490be22fc56a897cf9d5fba7e 2009.0/i586/apr-util-dbd-pgsql-1.3.4-2.2mdv2009.0.i586.rpm 424d3a8896bc70503a69dc8c4d9882a9 2009.0/i586/apr-util-dbd-sqlite3-1.3.4-2.2mdv2009.0.i586.rpm 586edd704499f119527638f0f1913614 2009.0/i586/libapr1-1.3.3-2.1mdv2009.0.i586.rpm f5065323fca63075434ce1eb850e3c01 2009.0/i586/libapr-devel-1.3.3-2.1mdv2009.0.i586.rpm 4aba7262b561a1d67187c799cd06a138 2009.0/i586/libapr-util1-1.3.4-2.2mdv2009.0.i586.rpm a125fa8529bd8dd79ada83747c23f9d4 2009.0/i586/libapr-util-devel-1.3.4-2.2mdv2009.0.i586.rpm 23e454eea7e368502047b85976d1ef88 2009.0/SRPMS/apr-1.3.3-2.1mdv2009.0.src.rpm 162271ed051fa5de81a973e5adc487dc 2009.0/SRPMS/apr-util-1.3.4-2.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 667ffab851dd6babd31700a5d9c113a7 2009.0/x86_64/apr-util-dbd-freetds-1.3.4-2.2mdv2009.0.x86_64.rpm 08089224bb9da997752624d85c229251 2009.0/x86_64/apr-util-dbd-ldap-1.3.4-2.2mdv2009.0.x86_64.rpm 7ce1a16bc3e35fc4a3dcb8a1e148c05b 2009.0/x86_64/apr-util-dbd-mysql-1.3.4-2.2mdv2009.0.x86_64.rpm 075dbc136d3110952d54f9a85761c1b6 2009.0/x86_64/apr-util-dbd-odbc-1.3.4-2.2mdv2009.0.x86_64.rpm 90edf3ec758ed79a7973a36141ddc295 2009.0/x86_64/apr-util-dbd-pgsql-1.3.4-2.2mdv2009.0.x86_64.rpm f15ee7ff2b203c436eab2d7e4c118a1d 2009.0/x86_64/apr-util-dbd-sqlite3-1.3.4-2.2mdv2009.0.x86_64.rpm 2b0529a353e38a0eda5f8d08ecf95554 2009.0/x86_64/lib64apr1-1.3.3-2.1mdv2009.0.x86_64.rpm 524773745dfeb06cd86e7149723c6cbe 2009.0/x86_64/lib64apr-devel-1.3.3-2.1mdv2009.0.x86_64.rpm 3e7bc1d3e713ba5893c34215ee93f932 2009.0/x86_64/lib64apr-util1-1.3.4-2.2mdv2009.0.x86_64.rpm 44be6021b3db277a5993f488b02074db 2009.0/x86_64/lib64apr-util-devel-1.3.4-2.2mdv2009.0.x86_64.rpm 23e454eea7e368502047b85976d1ef88 2009.0/SRPMS/apr-1.3.3-2.1mdv2009.0.src.rpm 162271ed051fa5de81a973e5adc487dc 2009.0/SRPMS/apr-util-1.3.4-2.2mdv2009.0.src.rpm
Mandriva Linux 2009.1: 0b3427fcb40fcd8e068eb81e8de67685 2009.1/i586/apr-util-dbd-freetds-1.3.4-9.2mdv2009.1.i586.rpm 77e215797fc02c290e59ce072a36fffc 2009.1/i586/apr-util-dbd-ldap-1.3.4-9.2mdv2009.1.i586.rpm 05d1106df36459a7a40ecb11d5560c61 2009.1/i586/apr-util-dbd-mysql-1.3.4-9.2mdv2009.1.i586.rpm 97adcfda40750873588942a9ab0e5e3c 2009.1/i586/apr-util-dbd-odbc-1.3.4-9.2mdv2009.1.i586.rpm 1b9379f8d6ec49908d43d4228ecbee66 2009.1/i586/apr-util-dbd-pgsql-1.3.4-9.2mdv2009.1.i586.rpm a5e5bb25d2e370e22f274482afe74fd8 2009.1/i586/apr-util-dbd-sqlite3-1.3.4-9.2mdv2009.1.i586.rpm 1f907eab0d93dd413086f0943988284c 2009.1/i586/libapr1-1.3.3-5.1mdv2009.1.i586.rpm a6992c671c7352c2965f46abced93b8a 2009.1/i586/libapr-devel-1.3.3-5.1mdv2009.1.i586.rpm e748ca10352eaa46ef2514ce8718674b 2009.1/i586/libapr-util1-1.3.4-9.2mdv2009.1.i586.rpm 73afb8eabe81ae8be63f1ba9d8fc3bf2 2009.1/i586/libapr-util-devel-1.3.4-9.2mdv2009.1.i586.rpm 1a1706c01c2668a058a54c06d6e5aac6 2009.1/SRPMS/apr-1.3.3-5.1mdv2009.1.src.rpm 241d8b7b1261089d299f9b8463f391a7 2009.1/SRPMS/apr-util-1.3.4-9.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: f0b10ee44c9092605ad1137a46e4955c 2009.1/x86_64/apr-util-dbd-freetds-1.3.4-9.2mdv2009.1.x86_64.rpm 98247a74314a56b6f4097a9943e236c0 2009.1/x86_64/apr-util-dbd-ldap-1.3.4-9.2mdv2009.1.x86_64.rpm 2e0d895eb1b93c2518436ab4c678da23 2009.1/x86_64/apr-util-dbd-mysql-1.3.4-9.2mdv2009.1.x86_64.rpm 8269586d2608f6e79eff11de7bda333e 2009.1/x86_64/apr-util-dbd-odbc-1.3.4-9.2mdv2009.1.x86_64.rpm 489b31861a5fabd272348ca224e4d9b4 2009.1/x86_64/apr-util-dbd-pgsql-1.3.4-9.2mdv2009.1.x86_64.rpm b1164ff6f2e06bfcada083e9d11c1595 2009.1/x86_64/apr-util-dbd-sqlite3-1.3.4-9.2mdv2009.1.x86_64.rpm 257e2b240479fb7c472efa7de7ee11c8 2009.1/x86_64/lib64apr1-1.3.3-5.1mdv2009.1.x86_64.rpm 222f5f44d9600dcf593923ea6422d47e 2009.1/x86_64/lib64apr-devel-1.3.3-5.1mdv2009.1.x86_64.rpm 99ef537b486eccad55d8f0d79f37abbd 2009.1/x86_64/lib64apr-util1-1.3.4-9.2mdv2009.1.x86_64.rpm 9d9e0933f57289530059e5a9b3e42e1c 2009.1/x86_64/lib64apr-util-devel-1.3.4-9.2mdv2009.1.x86_64.rpm 1a1706c01c2668a058a54c06d6e5aac6 2009.1/SRPMS/apr-1.3.3-5.1mdv2009.1.src.rpm 241d8b7b1261089d299f9b8463f391a7 2009.1/SRPMS/apr-util-1.3.4-9.2mdv2009.1.src.rpm
Corporate 3.0: 39d0747e39f45148c8540e76a272f219 corporate/3.0/i586/apache2-2.0.48-6.22.C30mdk.i586.rpm 9c7677568ec7e3fab84ed224af029d6a corporate/3.0/i586/apache2-common-2.0.48-6.22.C30mdk.i586.rpm 9f60f68aa326aaaa02cb6e9346ac0b7b corporate/3.0/i586/apache2-devel-2.0.48-6.22.C30mdk.i586.rpm a9051117cf2a34ed7cf9066e31d1767f corporate/3.0/i586/apache2-manual-2.0.48-6.22.C30mdk.i586.rpm ddc2cafb1a02ee501e5127a8731ea942 corporate/3.0/i586/apache2-mod_cache-2.0.48-6.22.C30mdk.i586.rpm f3bbd229b347489f40b81419214c42bd corporate/3.0/i586/apache2-mod_dav-2.0.48-6.22.C30mdk.i586.rpm cd19b116ef93c07f78efbe4393d2e3be corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.22.C30mdk.i586.rpm 5a2da72b9255a8c35f0ed877899f90eb corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.i586.rpm e940b8e3b2da880bca84ebc9f528b2e6 corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.22.C30mdk.i586.rpm 5d713bee1985cc49c585b4289ee76f1e corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.22.C30mdk.i586.rpm f293fbf344f6fc55e92170518a710149 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.i586.rpm f4c48499cb6968a12a5250e3464a2b30 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.22.C30mdk.i586.rpm 997ea437e49903a014de32e61573de7a corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.22.C30mdk.i586.rpm fe5f16a62fc94177286445e9830cb6a6 corporate/3.0/i586/apache2-modules-2.0.48-6.22.C30mdk.i586.rpm 4eb89be3edc9f7dd0511e22d64baefe2 corporate/3.0/i586/apache2-source-2.0.48-6.22.C30mdk.i586.rpm 64be98dcd021367f603e972cc40d6710 corporate/3.0/i586/libapr0-2.0.48-6.22.C30mdk.i586.rpm 5c5a7cb9305c8b0d469fc424931ae215 corporate/3.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm
Corporate 3.0/X86_64: c84b780216da90735018f37b8d606ad9 corporate/3.0/x86_64/apache2-2.0.48-6.22.C30mdk.x86_64.rpm 079ef7c187ea63bdfdb7b2f8e0c7ed85 corporate/3.0/x86_64/apache2-common-2.0.48-6.22.C30mdk.x86_64.rpm 78d8764d894dcf4821e3014b3bf0a1c2 corporate/3.0/x86_64/apache2-devel-2.0.48-6.22.C30mdk.x86_64.rpm e938351292eaf95bad5937066e071f6e corporate/3.0/x86_64/apache2-manual-2.0.48-6.22.C30mdk.x86_64.rpm b7b0c47891c1da19b9bfedd5eaeb5a12 corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.22.C30mdk.x86_64.rpm 14603191e70ea26450ad9f5254f1eff8 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.22.C30mdk.x86_64.rpm f49c1f32bfa9b325836e28f7078d3897 corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.22.C30mdk.x86_64.rpm 0d8058c7d57105b18e97579817872d95 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.x86_64.rpm 09b7bdc4907e672ee9b83a9f0ed2fb13 corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.22.C30mdk.x86_64.rpm 90a9565c923530b22f4141d2a186972b corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.22.C30mdk.x86_64.rpm 0f244810519460074938138d87a11997 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.x86_64.rpm 0836106477de3d26f4c31a595c996cdc corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.22.C30mdk.x86_64.rpm 353d05dfc30072a39f3597c39454f331 corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.22.C30mdk.x86_64.rpm 1234e8bf94a4ddf65cf225aaf4367937 corporate/3.0/x86_64/apache2-modules-2.0.48-6.22.C30mdk.x86_64.rpm fbb25973021e327262cc152fd46996cc corporate/3.0/x86_64/apache2-source-2.0.48-6.22.C30mdk.x86_64.rpm 0520ca7c45963a2e2e26d8e3b5f63c41 corporate/3.0/x86_64/lib64apr0-2.0.48-6.22.C30mdk.x86_64.rpm 5c5a7cb9305c8b0d469fc424931ae215 corporate/3.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm
Corporate 4.0: 59bb8b01944e22319fcd4a0202bdffd9 corporate/4.0/i586/apr-util-dbd-mysql-1.2.7-6.2.20060mlcs4.i586.rpm 75fc1a2cbde6e0426f3f59cfd099b3b1 corporate/4.0/i586/apr-util-dbd-pgsql-1.2.7-6.2.20060mlcs4.i586.rpm 73cbae192430eca396ba79f548437cc1 corporate/4.0/i586/apr-util-dbd-sqlite3-1.2.7-6.2.20060mlcs4.i586.rpm 09726634b12dc2afc37d292853cfb28c corporate/4.0/i586/libapr1-1.2.7-1.1.20060mlcs4.i586.rpm cbfbe3652be9a6986f5f672034b84dc0 corporate/4.0/i586/libapr1-devel-1.2.7-1.1.20060mlcs4.i586.rpm 0733be6b968d4cbcce3494afe962ea12 corporate/4.0/i586/libapr-util1-1.2.7-6.2.20060mlcs4.i586.rpm 725117e7948c43a6fb72f51966d6dd79 corporate/4.0/i586/libapr-util1-devel-1.2.7-6.2.20060mlcs4.i586.rpm 4003af7f60b2b13d6f77a05ebe9dfb22 corporate/4.0/SRPMS/apr-1.2.7-1.1.20060mlcs4.src.rpm e74d2bc186c01528afbbf64f7491f221 corporate/4.0/SRPMS/apr-util-1.2.7-6.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 09e54e8fb5df6737dc1b00440d31d5c7 corporate/4.0/x86_64/apr-util-dbd-mysql-1.2.7-6.2.20060mlcs4.x86_64.rpm 766214b9f0df47776db7bea60f97298f corporate/4.0/x86_64/apr-util-dbd-pgsql-1.2.7-6.2.20060mlcs4.x86_64.rpm 22cb8925b104be9d571cf592a29064c3 corporate/4.0/x86_64/apr-util-dbd-sqlite3-1.2.7-6.2.20060mlcs4.x86_64.rpm 0fb8d44ea77b337e4026e72ed4000bf8 corporate/4.0/x86_64/lib64apr1-1.2.7-1.1.20060mlcs4.x86_64.rpm ba0345c32bfe4376621334e36a62a1c0 corporate/4.0/x86_64/lib64apr1-devel-1.2.7-1.1.20060mlcs4.x86_64.rpm cbd9beef22028ade9ecf3d172c710ff1 corporate/4.0/x86_64/lib64apr-util1-1.2.7-6.2.20060mlcs4.x86_64.rpm 5247ff1b281c9fa95ad547996f3bbb17 corporate/4.0/x86_64/lib64apr-util1-devel-1.2.7-6.2.20060mlcs4.x86_64.rpm 4003af7f60b2b13d6f77a05ebe9dfb22 corporate/4.0/SRPMS/apr-1.2.7-1.1.20060mlcs4.src.rpm e74d2bc186c01528afbbf64f7491f221 corporate/4.0/SRPMS/apr-util-1.2.7-6.2.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: fe7bd17a4b8499027179f5f421fce92d mes5/i586/libapr1-1.3.3-2.1mdvmes5.i586.rpm ce82a19e9423f69bc380fc32e0e96a9d mes5/i586/libapr-devel-1.3.3-2.1mdvmes5.i586.rpm 01004428f12cd78529ac43a546976121 mes5/SRPMS/apr-1.3.3-2.1mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64: 744cad17495d753e07fed748ccab4c46 mes5/x86_64/apr-util-dbd-freetds-1.3.4-2.2mdvmes5.x86_64.rpm 4c70155fb19f486a19f048455e41e480 mes5/x86_64/apr-util-dbd-ldap-1.3.4-2.2mdvmes5.x86_64.rpm 278c7292a0432e0d6760639667ec6858 mes5/x86_64/apr-util-dbd-mysql-1.3.4-2.2mdvmes5.x86_64.rpm 0358fea0177405ccd625304c83715992 mes5/x86_64/apr-util-dbd-odbc-1.3.4-2.2mdvmes5.x86_64.rpm a549b591b27f810ba898e75030f61398 mes5/x86_64/apr-util-dbd-pgsql-1.3.4-2.2mdvmes5.x86_64.rpm fb02a789f8ec6081f01df92768cda441 mes5/x86_64/apr-util-dbd-sqlite3-1.3.4-2.2mdvmes5.x86_64.rpm 4dbc88f0779d110f589ee60d7708e1e0 mes5/x86_64/lib64apr1-1.3.3-2.1mdvmes5.x86_64.rpm d591c7684cfd0d6a9a5ae749a3120f58 mes5/x86_64/lib64apr-devel-1.3.3-2.1mdvmes5.x86_64.rpm 6b946eebc0ff697faad4364beae260f8 mes5/x86_64/lib64apr-util1-1.3.4-2.2mdvmes5.x86_64.rpm 5c1f8dd8c2fcb0eb68bd1e24a25d1e22 mes5/x86_64/lib64apr-util-devel-1.3.4-2.2mdvmes5.x86_64.rpm 01004428f12cd78529ac43a546976121 mes5/SRPMS/apr-1.3.3-2.1mdvmes5.src.rpm
Multi Network Firewall 2.0: 39d0747e39f45148c8540e76a272f219 mnf/2.0/i586/apache2-2.0.48-6.22.C30mdk.i586.rpm 9c7677568ec7e3fab84ed224af029d6a mnf/2.0/i586/apache2-common-2.0.48-6.22.C30mdk.i586.rpm 9f60f68aa326aaaa02cb6e9346ac0b7b mnf/2.0/i586/apache2-devel-2.0.48-6.22.C30mdk.i586.rpm a9051117cf2a34ed7cf9066e31d1767f mnf/2.0/i586/apache2-manual-2.0.48-6.22.C30mdk.i586.rpm ddc2cafb1a02ee501e5127a8731ea942 mnf/2.0/i586/apache2-mod_cache-2.0.48-6.22.C30mdk.i586.rpm f3bbd229b347489f40b81419214c42bd mnf/2.0/i586/apache2-mod_dav-2.0.48-6.22.C30mdk.i586.rpm cd19b116ef93c07f78efbe4393d2e3be mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.22.C30mdk.i586.rpm 5a2da72b9255a8c35f0ed877899f90eb mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.i586.rpm e940b8e3b2da880bca84ebc9f528b2e6 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.22.C30mdk.i586.rpm 5d713bee1985cc49c585b4289ee76f1e mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.22.C30mdk.i586.rpm f293fbf344f6fc55e92170518a710149 mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.i586.rpm f4c48499cb6968a12a5250e3464a2b30 mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.22.C30mdk.i586.rpm 997ea437e49903a014de32e61573de7a mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.22.C30mdk.i586.rpm fe5f16a62fc94177286445e9830cb6a6 mnf/2.0/i586/apache2-modules-2.0.48-6.22.C30mdk.i586.rpm 4eb89be3edc9f7dd0511e22d64baefe2 mnf/2.0/i586/apache2-source-2.0.48-6.22.C30mdk.i586.rpm 64be98dcd021367f603e972cc40d6710 mnf/2.0/i586/libapr0-2.0.48-6.22.C30mdk.i586.rpm 5c5a7cb9305c8b0d469fc424931ae215 mnf/2.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKesC1mqjQ0CJFipgRAvjJAJ9/hkPV+kb4tO2KHfjb2m+3nV+9+gCfQHvt uej6FdYjm8TitsZAK4BFOis= =IDO9 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1854-1 security@debian.org http://www.debian.org/security/ Florian Weimer August 08, 2009 http://www.debian.org/security/faq
Package : apr, apr-util Vulnerability : heap buffer overflow Debian-specific: no CVE Id(s) : CVE-2009-2412
Matt Lewis discovered that the memory management code in the Apache Portable Runtime (APR) library does not guard against a wrap-around during size computations. This could cause the library to return a memory area which smaller than requested, resulting a heap overflow and possibly arbitrary code execution.
For the old stable distribution (etch), this problem has been fixed in version 1.2.7-9 of the apr package, and version 1.2.7+dfsg-2+etch3 of the apr-util package.
For the stable distribution (lenny), this problem has been fixed in version 1.2.12-5+lenny1 of the apr package and version 1.2.12-5+lenny1 of the apr-util package.
For the unstable distribution (sid), this problem will be fixed soon.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Source archives:
http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.dsc Size/MD5 checksum: 1036 9dc256c005a7f544c4d5c410b226fb74 http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.diff.gz Size/MD5 checksum: 26613 021ef3aa5b3a9fc021779a0b6a6a4ec9 http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.diff.gz Size/MD5 checksum: 21651 e090ebfd7174c90bae4e4935a3d3db15 http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7.orig.tar.gz Size/MD5 checksum: 1102370 aea926cbe588f844ad9e317157d60175 http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.dsc Size/MD5 checksum: 856 89662625fd7a34ceb514087de869d918
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_alpha.deb Size/MD5 checksum: 121726 df1e2d6e8bf9ed485ad417fe274eb0e3 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_alpha.deb Size/MD5 checksum: 83690 b5873275f420b15f9868ea0dde699c60 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_alpha.deb Size/MD5 checksum: 371668 4e8bd42151f3cdf8cee91c49599aab42 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_alpha.deb Size/MD5 checksum: 129158 5074639b4b0d9877ff29b96540fdfaec http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_alpha.deb Size/MD5 checksum: 185420 ddf84849ff3bee792dc187c6d21958bd http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_alpha.deb Size/MD5 checksum: 148140 079cff06535a7e3f4e9a5d682d80bb1b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_amd64.deb Size/MD5 checksum: 72946 6b11e4b65bdf67981a091177d9644007 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_amd64.deb Size/MD5 checksum: 126156 b420f555d02504e0497a0ba3c27e0cac http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_amd64.deb Size/MD5 checksum: 127742 1606857f3291ccb10e038219f1f2eab3 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_amd64.deb Size/MD5 checksum: 187302 bb1a4aa5768fa012201ad1e72bc27e93 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_amd64.deb Size/MD5 checksum: 348120 b5d6b4e7c628dffe867159b54b6c82f1 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_amd64.deb Size/MD5 checksum: 111664 6b51dc29ea4defa975902d246188086f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_arm.deb Size/MD5 checksum: 121504 3ba789c274f2ed7030aa286ea57dbb3d http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_arm.deb Size/MD5 checksum: 175146 86ff258e9181fa424cb043dc22e2c0e0 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_arm.deb Size/MD5 checksum: 117302 97d701c8f9d6746eb14448bfde8e8588 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_arm.deb Size/MD5 checksum: 104934 45a976662beb7ec3b15ee7c7a45f3de7 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_arm.deb Size/MD5 checksum: 66110 09c54142359236f50654bd9c7b375781 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_arm.deb Size/MD5 checksum: 335520 14d06ecfb54247718b780c893df8f4cc
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_hppa.deb Size/MD5 checksum: 126186 9494353aa42e983a245af2890dd2c6d7 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_hppa.deb Size/MD5 checksum: 78668 60c87b0e86c1ed31deecddd88cdf5fa5 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_hppa.deb Size/MD5 checksum: 133918 ae993c733053a326603c5b750505bee9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_i386.deb Size/MD5 checksum: 116052 6238f10eb5077bb53b9664b82b985c40 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_i386.deb Size/MD5 checksum: 338694 262cec472ec3aaeb1b4d38eebaa940c8 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_i386.deb Size/MD5 checksum: 68854 78ab4f6425153d8b746b99842994d555 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_i386.deb Size/MD5 checksum: 109138 4aa254cacd4e95785ae823cedb1cce2f http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_i386.deb Size/MD5 checksum: 122136 4a16475bb5780625902c79069681ae74 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_i386.deb Size/MD5 checksum: 180654 481471d06045a2e348b55de6dbdf5f94
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_ia64.deb Size/MD5 checksum: 156562 52761fff3e82e21728e0c6a79bf4508f http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_ia64.deb Size/MD5 checksum: 99446 3ad58d882e434e39be525e7aa41d9e93 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_ia64.deb Size/MD5 checksum: 141894 5b7351a6b4c3765e3d76b9d22e04cf0e http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_ia64.deb Size/MD5 checksum: 118716 8c73712293cd4d9a5935aefd18a3e4c9 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_ia64.deb Size/MD5 checksum: 171514 f474001e4f852a44af517b5d6f737a65 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_ia64.deb Size/MD5 checksum: 385514 76d0bbda16c749f6a5b40fd6297a180a
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mips.deb Size/MD5 checksum: 188816 de1ecb467042d2c1891cc1d2f5db83d9 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mips.deb Size/MD5 checksum: 130394 fc34d9b137c080b63374d809c1d6bf8b http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mips.deb Size/MD5 checksum: 130492 4d7cdffabbef214eeea0c02a346d0eb8 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mips.deb Size/MD5 checksum: 70776 6fe66f5cb81c2a3af2fa0cd64a85cfd8 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mips.deb Size/MD5 checksum: 357368 aab08f1596aead97cc48924ebf99c80e http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mips.deb Size/MD5 checksum: 112644 9c6d720999259453daaa13e8ec3c8336
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mipsel.deb Size/MD5 checksum: 186464 5b2392a143ff8a173a771b819377ab47 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mipsel.deb Size/MD5 checksum: 128052 02e3c278190e92d7131c275aab5f5c44 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mipsel.deb Size/MD5 checksum: 358010 480087a77642a8ff99a32bb323b62600 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mipsel.deb Size/MD5 checksum: 130712 50da703a75deb2ba87d4be171e80bd5b http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mipsel.deb Size/MD5 checksum: 113352 d363370bcba834268202db5271b20aa3 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mipsel.deb Size/MD5 checksum: 70794 1f57c4362c286bd0d2df40d775690612
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_powerpc.deb Size/MD5 checksum: 125106 92d5d46effd18aaa8e849254d9da8acd http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_powerpc.deb Size/MD5 checksum: 348504 2f4f96652c28e3f5f1cfae8e5265ec83 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_powerpc.deb Size/MD5 checksum: 130380 dacdce767bcff6b0ecbe66add6838e8b http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_powerpc.deb Size/MD5 checksum: 189780 ae1e23e3080fbfe3ba26b8acf9561d6c http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_powerpc.deb Size/MD5 checksum: 113956 1e2ba4da9ee0775325b351887c182f52 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_powerpc.deb Size/MD5 checksum: 72472 3a47c9eca3ec7b6f4e87609b3aca7f65
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_s390.deb Size/MD5 checksum: 124802 cdd46922b57a51fedb25ae401d8dc753 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_s390.deb Size/MD5 checksum: 121978 71edc1d101933b1a43a9c395427a4aed http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_s390.deb Size/MD5 checksum: 128570 f0f7d5dfecb61c6212e0803a325e8a01 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_s390.deb Size/MD5 checksum: 186320 cca313c55848e6161810ff16fb71390f http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_s390.deb Size/MD5 checksum: 349848 b9cbaa0a70b9bfa28d74ac4a6e107428 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_s390.deb Size/MD5 checksum: 76668 f6b5e093ae1c3c5d4442e223115052de
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_sparc.deb Size/MD5 checksum: 338056 ab06437e18c1cc36dab35779cc4102d8 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_sparc.deb Size/MD5 checksum: 103200 1c6f94d15f4e3052e9ed80fc232f96b5 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_sparc.deb Size/MD5 checksum: 117840 5f0671d301a9e2ea8020d0dcaa71a42b http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_sparc.deb Size/MD5 checksum: 66374 668815a44c99c366ae8e3f624613932e http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_sparc.deb Size/MD5 checksum: 167962 f338f71eeb38be58c67d1ac0fd92d1ff http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_sparc.deb Size/MD5 checksum: 117510 63dd9c471f24472eb46a5fd9dcb92077
Debian GNU/Linux 5.0 alias lenny
Source archives:
http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12.orig.tar.gz Size/MD5 checksum: 1127522 020ea947446dca2d1210c099c7a4c837 http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.diff.gz Size/MD5 checksum: 12398 b407ff7dac7363278f4f060e121aa611 http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.dsc Size/MD5 checksum: 1530 dccceaa89d58074be3b7b7738a99756b http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.diff.gz Size/MD5 checksum: 23138 a2222477de9ad92015416542a2c250ed http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.dsc Size/MD5 checksum: 1284 4330306f892fd7c0950b1ccf2537b38d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_alpha.deb Size/MD5 checksum: 806236 3689d5ee779d3846fe67c9dad2f213dc http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_alpha.deb Size/MD5 checksum: 53204 92bb2e8a7c48e6f8437680e08607a3f7 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_alpha.deb Size/MD5 checksum: 147658 edba141e93c382fbf0ab2bbec1dba899 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_alpha.deb Size/MD5 checksum: 158060 b80ad32790c6c8d89f0007a69d9ce0b8 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_alpha.deb Size/MD5 checksum: 90740 c715b55d060a2d4e8d7684477d0b9014 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_alpha.deb Size/MD5 checksum: 121774 565a4fdd123d04698907456e40d4df0b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_amd64.deb Size/MD5 checksum: 54232 3f23cc38f68bbf926b801b82b3fea917 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_amd64.deb Size/MD5 checksum: 80046 f6158018f26ddd6369687b8f9f64aa75 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_amd64.deb Size/MD5 checksum: 114326 851cc08504589c09f08ec9e6efa52ef1 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_amd64.deb Size/MD5 checksum: 147928 136a5a5c0d558d8f252d1ed44efed217 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_amd64.deb Size/MD5 checksum: 133850 6b71ac477650c688863ef33fc58216a0 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_amd64.deb Size/MD5 checksum: 825740 bf80dbc726c5b691b023e96e463ba88c
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_arm.deb Size/MD5 checksum: 818438 8e6c8a9964650a793e4a0e5ec51a8619 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_arm.deb Size/MD5 checksum: 54912 a853d8175d2bee56c6f37aada02fc2ca http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_arm.deb Size/MD5 checksum: 107790 85e0815ff8f340d99052a9c9f604cccd http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_arm.deb Size/MD5 checksum: 71112 20a4c9fd130c188166c0ebc6ceff5fcf http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_arm.deb Size/MD5 checksum: 138982 c84f95cff9713ed403fae7b712456ade http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_arm.deb Size/MD5 checksum: 124090 c4fc3663255a416725a69818e3523731
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_armel.deb Size/MD5 checksum: 109676 e26ebffcc101ffc87963c9a65b3543f6 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_armel.deb Size/MD5 checksum: 124626 4c34337eb3d1d55900a067f2c8412abc http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_armel.deb Size/MD5 checksum: 821990 19c68f5f904bb3bbdfd44349f8544e83 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_armel.deb Size/MD5 checksum: 55820 f39b0928bc4b91fb60bd6259c6ae6e02 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_armel.deb Size/MD5 checksum: 70086 1d3032e0879ed1ea6fa2f04c34af1782 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_armel.deb Size/MD5 checksum: 139434 e802e42577998c62fadfc335edb3b81a
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_hppa.deb Size/MD5 checksum: 83668 3c8893214d7375303eaf1eec6e27212b http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_hppa.deb Size/MD5 checksum: 827762 2fd0d8dd54c92c828e42100bb8816b00 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_hppa.deb Size/MD5 checksum: 142916 14e1e2f8fa50b0eb1772f1e4bbc26e50 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_hppa.deb Size/MD5 checksum: 140872 7fef63f2cd282e44c51b5e69d94d8706 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_hppa.deb Size/MD5 checksum: 113954 926b8c39fee1787a94b3d6cc1c6d420b http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_hppa.deb Size/MD5 checksum: 54332 18751dc2275828a126b2dbe568678f32
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_i386.deb Size/MD5 checksum: 73814 2ef03972ed5b2232fe5782c4960bc362 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_i386.deb Size/MD5 checksum: 54582 edc98ca59cebd14195602929def1da31 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_i386.deb Size/MD5 checksum: 141438 5a54e1cac30640ca5e9922586d9983a8 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_i386.deb Size/MD5 checksum: 108882 075f37cd43e483d27ff0b94ad01f2d08 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_i386.deb Size/MD5 checksum: 121138 fc2411e049936d12702713c82377c9e5 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_i386.deb Size/MD5 checksum: 809460 a5648e0404f1cb4244c156cf85bfe0f5
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_ia64.deb Size/MD5 checksum: 135404 8f7a4964b22e5e9e5297380c15d8818d http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_ia64.deb Size/MD5 checksum: 170110 412b51e1e3c1ed4e309459dd17844e68 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_ia64.deb Size/MD5 checksum: 154362 2fc1441f28ef4f90446464627c8ef36d http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_ia64.deb Size/MD5 checksum: 837496 6862607faf59e42525f5205d8a967818 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_ia64.deb Size/MD5 checksum: 111140 12f0bf9e6264cc9c170c2b8365428cc0 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_ia64.deb Size/MD5 checksum: 53428 a6a55d644fb58a0f7ea6a9b509cb71d0
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mips.deb Size/MD5 checksum: 110932 feb666e4f402bcb1954bc194c37496d7 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mips.deb Size/MD5 checksum: 147482 e2508cc75520518ccbe4c3a5cf0cc50c http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mips.deb Size/MD5 checksum: 56582 5134a012017e629239cc543fedf4edf3 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mips.deb Size/MD5 checksum: 74584 2fbb1b76079126fd701f32e45a9cf7f0 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mips.deb Size/MD5 checksum: 792650 126585d9fe0def77f7632f9d098eb11d http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mips.deb Size/MD5 checksum: 136438 ae62dc1d5a32fac11615f4b67cfa4a6b
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mipsel.deb Size/MD5 checksum: 56414 ecca7e3643ccb91fc962b886bdddbc0e http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mipsel.deb Size/MD5 checksum: 136390 d45f956c14ea9fe22b77bce3810c32b7 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mipsel.deb Size/MD5 checksum: 144740 05411f88615592531468cdd89bb4b5d0 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mipsel.deb Size/MD5 checksum: 74366 a15e15331a62f33d33481b7e53f07b48 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mipsel.deb Size/MD5 checksum: 792762 dc1e4748e106c82e9f8bf6c3ecce4a38 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mipsel.deb Size/MD5 checksum: 110974 a5dd28b5c9b3106da8e4c81abea6777d
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_powerpc.deb Size/MD5 checksum: 82512 f8a18fb94a4ef3cabec01c288a26eef5 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_powerpc.deb Size/MD5 checksum: 55708 555d64273f15c6ebd503b7cb84f0fb29 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_powerpc.deb Size/MD5 checksum: 132338 66e77820b5b9d2a05d6df5c4ec2c76b0 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_powerpc.deb Size/MD5 checksum: 116238 1a291989c32ea21ac8eef9ca51831fc5 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_powerpc.deb Size/MD5 checksum: 147180 cc9f274b349dbbb9ce9b69b0d0edf493 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_powerpc.deb Size/MD5 checksum: 821948 fc3acf3dec16223caf6f932e8b7c0c01
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_s390.deb Size/MD5 checksum: 126058 474bddd0f3c5a69cc21fc2d403fe90f6 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_s390.deb Size/MD5 checksum: 148614 89cc7bb2619f28e5e6e9d0042050a924 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_s390.deb Size/MD5 checksum: 133044 fb35625937e6fae551d97df283a32dd9 http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_s390.deb Size/MD5 checksum: 787872 2dc32425bfbd17b841218064599d80ed http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_s390.deb Size/MD5 checksum: 85496 c41f2fdebd22ec066815211768dcdc3a http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_s390.deb Size/MD5 checksum: 54414 c36fa2538d8077a8ef09842e07bd989a
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_sparc.deb Size/MD5 checksum: 814624 613a70f3443404f5939e91e229d01d25 http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_sparc.deb Size/MD5 checksum: 54370 4c12839718c73a2b96b607d77fcbc583 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_sparc.deb Size/MD5 checksum: 131706 5c2ad3da38aaaab8ac2c14656602c532 http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_sparc.deb Size/MD5 checksum: 108712 c1f66be9c2daa447d5bfbd1f7639aada http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_sparc.deb Size/MD5 checksum: 72738 ec558ed4277ca676f07e3181ffad0335 http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_sparc.deb Size/MD5 checksum: 124976 22385c13d934c3877ce2f9eeaa4584e3
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJKfcqtAAoJEL97/wQC1SS+6T4IAJxpIZ7AUOwmDtuOk/WQzlzv U1nz6YhC9nhf/QdjbmAe0+ClaGwP5FZOacfEK6t64DBJ/81qgLtHlh6hlbm2+9wD vIddGlXmdKjEcHXVbt5rwEoc9pk6ma954Fziu2yUVxhP40SBLWlfEQ5w1LxjNHAI UKokX2+4C3Lk+6hJd8AqnvyfqP8h990HzFqT11hh8OlKVrvHmAiZWbSMmLvkKsPf F5mNDGVKluNfpAhwo6eLN2ayRDEKAeuejF2jQtb/MXQN3kJpPri2JhalhMra371l RmpmVNUOtKKJz/3gHSLjQNh6D5G4kj/I9RcHFA68Pv14kXh0xgtQlKGGLaPo/3M= =704P -----END PGP SIGNATURE----- . Subversion clients and servers, versions 1.6.0 - 1.6.3 and all versions < 1.5.7, are vulnerable to several heap overflow problems which may lead to remote code execution. The official advisory (mirrored at http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt) follows:
Subversion clients and servers up to 1.6.3 (inclusive) have heap overflow issues in the parsing of binary deltas.
Summary:
Subversion clients and servers have multiple heap overflow issues in the parsing of binary deltas. This is related to an allocation vulnerability in the APR library used by Subversion.
Clients with commit access to a vulnerable server can cause a remote heap overflow; servers can cause a heap overflow on vulnerable clients that try to do a checkout or update.
This can lead to a DoS (an exploit has been tested) and to arbitrary code execution (no exploit tested, but the possibility is clear).
Known vulnerable:
Subversion clients and servers <= 1.5.6. Subversion clients and servers 1.6.0 through 1.6.3 (inclusive).
Known fixed:
Subversion 1.6.4 Subversion 1.5.7
(Search for "Patch" below to see the patches from 1.6.3 -> 1.6.4 and 1.5.6 -> 1.5.7. Search for "Recommendations" to get URLs for the 1.6.4 release and associated APR library patch.)
Details:
The libsvn_delta library does not contain sufficient input validation of svndiff streams. If a stream with large windows is processed, one of several integer overflows may lead to some boundary checks incorrectly passing, which in turn can lead to a heap overflow.
Severity:
A remote attacker with commit access to repository may be able to execute code on a Subversion server. A malicious server may be able to execute code on a Subversion client.
Recommendations:
We recommend all users to upgrade to Subversion 1.6.4.
We recommend all users to upgrade to the latest versions of APR and APR-UTIL, or apply the CVE-2009-2412 patch appropriate to their APR installation from http://www.apache.org/dist/apr/patches/.
New Subversion packages can be found at: http://subversion.tigris.org/project_packages.html
References:
CVE-2009-2411 (Subversion) CVE-2009-2412 (APR)
Reported by:
Matt Lewis, Google.
Patches:
This patch applies to Subversion 1.6.x (apply with patch -p0 < patchfile):
[[[ Index: subversion/libsvn_delta/svndiff.c =================================================================== --- subversion/libsvn_delta/svndiff.c (revision 38519) +++ subversion/libsvn_delta/svndiff.c (working copy) @@ -60,10 +60,23 @@ struct encoder_baton { apr_pool_t *pool; };
+/ This is at least as big as the largest size of an integer that + encode_int can generate; it is sufficient for creating buffers for + it to write into. This assumes that integers are at most 64 bits, + and so 10 bytes (with 7 bits of information each) are sufficient to + represent them. / +#define MAX_ENCODED_INT_LEN 10 +/ This is at least as big as the largest size for a single instruction. / +#define MAX_INSTRUCTION_LEN (2MAX_ENCODED_INT_LEN+1) +/ This is at least as big as the largest possible instructions + section: in theory, the instructions could be SVN_DELTA_WINDOW_SIZE + 1-byte copy-from-source instructions (though this is very unlikely). / +#define MAX_INSTRUCTION_SECTION_LEN (SVN_DELTA_WINDOW_SIZEMAX_INSTRUCTION_LEN)
/* Encode VAL into the buffer P using the variable-length svndiff integer format. Return the incremented value of P after the - encoded bytes have been written. + encoded bytes have been written. P must point to a buffer of size + at least MAX_ENCODED_INT_LEN.
This encoding uses the high bit of each byte as a continuation bit
and the other seven bits as data bits. High-order data bits are
@@ -85,7 +98,7 @@ encode_int(char *p, svn_filesize_t val) svn_filesize_t v; unsigned char cont;
- assert(val >= 0);
- SVN_ERR_ASSERT_NO_RETURN(val >= 0);
/ Figure out how many bytes we'll need. / v = val >> 7; @@ -96,6 +109,8 @@ encode_int(char *p, svn_filesize_t val) n++; }
- SVN_ERR_ASSERT_NO_RETURN(n <= MAX_ENCODED_INT_LEN); + / Encode the remaining bytes; n is always the number of bytes coming after the one we're encoding. / while (--n >= 0) @@ -112,7 +127,7 @@ encode_int(char p, svn_filesize_t val) static void append_encoded_int(svn_stringbuf_t header, svn_filesize_t val) {
- char buf[128], *p;
- char buf[MAX_ENCODED_INT_LEN], *p;
p = encode_int(buf, val); svn_stringbuf_appendbytes(header, buf, p - buf); @@ -168,7 +183,7 @@ window_handler(svn_txdelta_window_t window, void svn_stringbuf_t i1 = svn_stringbuf_create("", pool); svn_stringbuf_t header = svn_stringbuf_create("", pool); const svn_string_t newdata; - char ibuf[128], ip; + char ibuf[MAX_INSTRUCTION_LEN], ip; const svn_txdelta_op_t *op; apr_size_t len;
@@ -346,6 +361,8 @@ decode_file_offset(svn_filesize_t val, const unsigned char p, const unsigned char end) { + if (p + MAX_ENCODED_INT_LEN < end) + end = p + MAX_ENCODED_INT_LEN; / Decode bytes until we're done. / val = 0; while (p < end) @@ -365,6 +382,8 @@ decode_size(apr_size_t val, const unsigned char p, const unsigned char end) { + if (p + MAX_ENCODED_INT_LEN < end) + end = p + MAX_ENCODED_INT_LEN; / Decode bytes until we're done. / val = 0; while (p < end) @@ -382,7 +401,7 @@ decode_size(apr_size_t val, data is not compressed. /
static svn_error_t * -zlib_decode(svn_stringbuf_t in, svn_stringbuf_t out) +zlib_decode(svn_stringbuf_t in, svn_stringbuf_t out, apr_size_t limit) { apr_size_t len; char oldplace = in->data; @@ -390,6 +409,13 @@ static svn_error_t * / First thing in the string is the original length. / in->data = (char )decode_size(&len, (unsigned char )in->data, (unsigned char )in->data+in->len); + if (in->data == NULL) + return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL, + ("Decompression of svndiff data failed: no size")); + if (len > limit) + return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL, + ("Decompression of svndiff data failed: " + "size too large")); / We need to subtract the size of the encoded original length off the * still remaining input length. / in->len -= (in->data - oldplace); @@ -487,10 +513,10 @@ count_and_verify_instructions(int ninst, return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, ("Invalid diff stream: insn %d cannot be decoded"), n); - else if (op.length <= 0) + else if (op.length == 0) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, - ("Invalid diff stream: insn %d has non-positive length"), n); + _("Invalid diff stream: insn %d has length zero"), n); else if (op.length > tview_len - tpos) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, @@ -499,7 +525,8 @@ count_and_verify_instructions(int ninst, switch (op.action_code) { case svn_txdelta_source: - if (op.length > sview_len - op.offset) + if (op.length > sview_len - op.offset || + op.offset > sview_len) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, _("Invalid diff stream: " @@ -565,11 +592,11 @@ decode_window(svn_txdelta_window_t *window, svn_fi
instin = svn_stringbuf_ncreate((const char *)data, insend - data, pool);
instout = svn_stringbuf_create("", pool);
- SVN_ERR(zlib_decode(instin, instout));
-
SVN_ERR(zlib_decode(instin, instout, MAX_INSTRUCTION_SECTION_LEN));
ndin = svn_stringbuf_ncreate((const char *)insend, newlen, pool); ndout = svn_stringbuf_create("", pool); - SVN_ERR(zlib_decode(ndin, ndout)); + SVN_ERR(zlib_decode(ndin, ndout, SVN_DELTA_WINDOW_SIZE));
newlen = ndout->len; data = (unsigned char )instout->data; @@ -685,6 +712,14 @@ write_handler(void baton, if (p == NULL) return SVN_NO_ERROR;
-
if (tview_len > SVN_DELTA_WINDOW_SIZE ||
- sview_len > SVN_DELTA_WINDOW_SIZE ||
- / for svndiff1, newlen includes the original length /
- newlen > SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||
- inslen > MAX_INSTRUCTION_SECTION_LEN)
- return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,
-
_("Svndiff contains a too-large window")); + / Check for integer overflow. / if (sview_offset < 0 || inslen + newlen < inslen || sview_len + tview_len < sview_len @@ -841,6 +876,14 @@ read_window_header(svn_stream_t *stream, svn_files SVN_ERR(read_one_size(inslen, stream)); SVN_ERR(read_one_size(newlen, stream));
-
if (*tview_len > SVN_DELTA_WINDOW_SIZE ||
- *sview_len > SVN_DELTA_WINDOW_SIZE ||
- / for svndiff1, newlen includes the original length /
- *newlen > SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||
- *inslen > MAX_INSTRUCTION_SECTION_LEN)
- return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,
- _("Svndiff contains a too-large window")); + / Check for integer overflow. / if (sview_offset < 0 || inslen + newlen < inslen || sview_len + tview_len < sview_len Index: subversion/libsvn_delta/text_delta.c =================================================================== --- subversion/libsvn_delta/text_delta.c (revision 38519) +++ subversion/libsvn_delta/text_delta.c (working copy) @@ -548,7 +548,7 @@ svn_txdelta_target_push(svn_txdelta_window_handler / Functions for applying deltas. */
/ Ensure that BUF has enough space for VIEW_LEN bytes. / -static APR_INLINE void +static APR_INLINE svn_error_t * size_buffer(char buf, apr_size_t buf_size, apr_size_t view_len, apr_pool_t pool) { @@ -557,8 +557,11 @@ size_buffer(char buf, apr_size_t buf_size, buf_size = 2; if (buf_size < view_len) buf_size = view_len; + SVN_ERR_ASSERT(APR_ALIGN_DEFAULT(buf_size) >= buf_size); buf = apr_palloc(pool, *buf_size); } + + return SVN_NO_ERROR; }
@@ -659,7 +662,7 @@ apply_window(svn_txdelta_window_t window, void b >= ab->sbuf_offset + ab->sbuf_len)));
/ Make sure there's enough room in the target buffer. / - size_buffer(&ab->tbuf, &ab->tbuf_size, window->tview_len, ab->pool); + SVN_ERR(size_buffer(&ab->tbuf, &ab->tbuf_size, window->tview_len, ab->pool));
/ Prepare the source buffer for reading from the input stream. / if (window->sview_offset != ab->sbuf_offset @@ -668,7 +671,8 @@ apply_window(svn_txdelta_window_t window, void b char *old_sbuf = ab->sbuf;
/* Make sure there's enough room. */
- size_buffer(&ab->sbuf, &ab->sbuf_size, window->sview_len, ab->pool);
- SVN_ERR(size_buffer(&ab->sbuf, &ab->sbuf_size, window->sview_len,
-
ab->pool));
/ If the existing view overlaps with the new view, copy the * overlap to the beginning of the new buffer. / ]]]
This patch applies to Subversion 1.5.x:
[[[ Index: subversion/libsvn_delta/svndiff.c =================================================================== --- subversion/libsvn_delta/svndiff.c (revision 38498) +++ subversion/libsvn_delta/svndiff.c (working copy) @@ -55,10 +55,23 @@ struct encoder_baton { apr_pool_t *pool; };
+/ This is at least as big as the largest size of an integer that + encode_int can generate; it is sufficient for creating buffers for + it to write into. This assumes that integers are at most 64 bits, + and so 10 bytes (with 7 bits of information each) are sufficient to + represent them. / +#define MAX_ENCODED_INT_LEN 10 +/ This is at least as big as the largest size for a single instruction. / +#define MAX_INSTRUCTION_LEN (2MAX_ENCODED_INT_LEN+1) +/ This is at least as big as the largest possible instructions + section: in theory, the instructions could be SVN_DELTA_WINDOW_SIZE + 1-byte copy-from-source instructions (though this is very unlikely). / +#define MAX_INSTRUCTION_SECTION_LEN (SVN_DELTA_WINDOW_SIZEMAX_INSTRUCTION_LEN)
/* Encode VAL into the buffer P using the variable-length svndiff integer format. Return the incremented value of P after the - encoded bytes have been written. + encoded bytes have been written. P must point to a buffer of size + at least MAX_ENCODED_INT_LEN.
This encoding uses the high bit of each byte as a continuation bit
and the other seven bits as data bits. High-order data bits are
@@ -91,6 +104,8 @@ encode_int(char *p, svn_filesize_t val) n++; }
- assert(n <= MAX_ENCODED_INT_LEN); + / Encode the remaining bytes; n is always the number of bytes coming after the one we're encoding. / while (--n >= 0) @@ -107,7 +122,7 @@ encode_int(char p, svn_filesize_t val) static void append_encoded_int(svn_stringbuf_t header, svn_filesize_t val) {
- char buf[128], *p;
- char buf[MAX_ENCODED_INT_LEN], *p;
p = encode_int(buf, val); svn_stringbuf_appendbytes(header, buf, p - buf); @@ -163,7 +178,7 @@ window_handler(svn_txdelta_window_t window, void svn_stringbuf_t i1 = svn_stringbuf_create("", pool); svn_stringbuf_t header = svn_stringbuf_create("", pool); const svn_string_t newdata; - char ibuf[128], ip; + char ibuf[MAX_INSTRUCTION_LEN], ip; const svn_txdelta_op_t *op; apr_size_t len;
@@ -341,6 +356,8 @@ decode_file_offset(svn_filesize_t val, const unsigned char p, const unsigned char end) { + if (p + MAX_ENCODED_INT_LEN < end) + end = p + MAX_ENCODED_INT_LEN; / Decode bytes until we're done. / val = 0; while (p < end) @@ -360,6 +377,8 @@ decode_size(apr_size_t val, const unsigned char p, const unsigned char end) { + if (p + MAX_ENCODED_INT_LEN < end) + end = p + MAX_ENCODED_INT_LEN; / Decode bytes until we're done. / val = 0; while (p < end) @@ -377,7 +396,7 @@ decode_size(apr_size_t val, data is not compressed. /
static svn_error_t * -zlib_decode(svn_stringbuf_t in, svn_stringbuf_t out) +zlib_decode(svn_stringbuf_t in, svn_stringbuf_t out, apr_size_t limit) { apr_size_t len; char oldplace = in->data; @@ -385,6 +404,13 @@ static svn_error_t * / First thing in the string is the original length. / in->data = (char )decode_size(&len, (unsigned char )in->data, (unsigned char )in->data+in->len); + if (in->data == NULL) + return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL, + ("Decompression of svndiff data failed: no size")); + if (len > limit) + return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL, + ("Decompression of svndiff data failed: " + "size too large")); / We need to subtract the size of the encoded original length off the * still remaining input length. / in->len -= (in->data - oldplace); @@ -482,10 +508,10 @@ count_and_verify_instructions(int ninst, return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, ("Invalid diff stream: insn %d cannot be decoded"), n); - else if (op.length <= 0) + else if (op.length == 0) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, - ("Invalid diff stream: insn %d has non-positive length"), n); + _("Invalid diff stream: insn %d has length zero"), n); else if (op.length > tview_len - tpos) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, @@ -494,7 +520,8 @@ count_and_verify_instructions(int ninst, switch (op.action_code) { case svn_txdelta_source: - if (op.length > sview_len - op.offset) + if (op.length > sview_len - op.offset || + op.offset > sview_len) return svn_error_createf (SVN_ERR_SVNDIFF_INVALID_OPS, NULL, _("Invalid diff stream: " @@ -560,11 +587,11 @@ decode_window(svn_txdelta_window_t *window, svn_fi
instin = svn_stringbuf_ncreate((const char *)data, insend - data, pool);
instout = svn_stringbuf_create("", pool);
- SVN_ERR(zlib_decode(instin, instout));
-
SVN_ERR(zlib_decode(instin, instout, MAX_INSTRUCTION_SECTION_LEN));
ndin = svn_stringbuf_ncreate((const char *)insend, newlen, pool); ndout = svn_stringbuf_create("", pool); - SVN_ERR(zlib_decode(ndin, ndout)); + SVN_ERR(zlib_decode(ndin, ndout, SVN_DELTA_WINDOW_SIZE));
newlen = ndout->len; data = (unsigned char )instout->data; @@ -680,6 +707,14 @@ write_handler(void baton, if (p == NULL) return SVN_NO_ERROR;
-
if (tview_len > SVN_DELTA_WINDOW_SIZE ||
- sview_len > SVN_DELTA_WINDOW_SIZE ||
- / for svndiff1, newlen includes the original length /
- newlen > SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||
- inslen > MAX_INSTRUCTION_SECTION_LEN)
- return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,
-
_("Svndiff contains a too-large window")); + / Check for integer overflow. / if (sview_offset < 0 || inslen + newlen < inslen || sview_len + tview_len < sview_len @@ -836,6 +871,14 @@ read_window_header(svn_stream_t *stream, svn_files SVN_ERR(read_one_size(inslen, stream)); SVN_ERR(read_one_size(newlen, stream));
-
if (*tview_len > SVN_DELTA_WINDOW_SIZE ||
- *sview_len > SVN_DELTA_WINDOW_SIZE ||
- / for svndiff1, newlen includes the original length /
- *newlen > SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||
- *inslen > MAX_INSTRUCTION_SECTION_LEN)
- return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,
- _("Svndiff contains a too-large window")); + / Check for integer overflow. / if (sview_offset < 0 || inslen + newlen < inslen || sview_len + tview_len < sview_len Index: subversion/libsvn_delta/text_delta.c =================================================================== --- subversion/libsvn_delta/text_delta.c (revision 38498) +++ subversion/libsvn_delta/text_delta.c (working copy) @@ -498,7 +498,7 @@ svn_txdelta_target_push(svn_txdelta_window_handler / Functions for applying deltas. */
/ Ensure that BUF has enough space for VIEW_LEN bytes. / -static APR_INLINE void +static APR_INLINE svn_error_t * size_buffer(char buf, apr_size_t buf_size, apr_size_t view_len, apr_pool_t pool) { @@ -507,8 +507,13 @@ size_buffer(char buf, apr_size_t buf_size, buf_size = 2; if (buf_size < view_len) buf_size = view_len; + if (APR_ALIGN_DEFAULT(buf_size) < buf_size) + return svn_error_create(SVN_ERR_SVNDIFF_INVALID_OPS, NULL, + "Diff stream resulted in invalid buffer size."); buf = apr_palloc(pool, *buf_size); } + + return SVN_NO_ERROR; }
@@ -609,7 +614,7 @@ apply_window(svn_txdelta_window_t window, void b >= ab->sbuf_offset + ab->sbuf_len)));
/ Make sure there's enough room in the target buffer. / - size_buffer(&ab->tbuf, &ab->tbuf_size, window->tview_len, ab->pool); + SVN_ERR(size_buffer(&ab->tbuf, &ab->tbuf_size, window->tview_len, ab->pool));
/ Prepare the source buffer for reading from the input stream. / if (window->sview_offset != ab->sbuf_offset @@ -618,7 +623,8 @@ apply_window(svn_txdelta_window_t window, void b char *old_sbuf = ab->sbuf;
/* Make sure there's enough room. */
- size_buffer(&ab->sbuf, &ab->sbuf_size, window->sview_len, ab->pool);
- SVN_ERR(size_buffer(&ab->sbuf, &ab->sbuf_size, window->sview_len,
-
ab->pool));
/ If the existing view overlaps with the new view, copy the * overlap to the beginning of the new buffer. / ]]] . The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and databases connections.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/apr < 1.3.8 >= 1.3.8 2 dev-libs/apr-util < 1.3.9 >= 1.3.9 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------
Description
Matt Lewis reported multiple Integer overflows in the apr_rmm_malloc(), apr_rmm_calloc(), and apr_rmm_realloc() functions in misc/apr_rmm.c of APR-Util and in memory/unix/apr_pools.c of APR, both occurring when aligning memory blocks.
Impact
A remote attacker could entice a user to connect to a malicious server with software that uses the APR or act as a malicious client to a server that uses the APR (such as Subversion or Apache servers), possibly resulting in the execution of arbitrary code with the privileges of the user running the application.
Workaround
There is no known workaround at this time.
Resolution
All Apache Portable Runtime users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose =dev-libs/apr-1.3.8
All APR Utility Library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose =dev-libs/apr-util-1.3.9
References
[ 1 ] CVE-2009-2412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200909-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-813-2 August 08, 2009 apache2 vulnerability CVE-2009-2412 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libapr0 2.0.55-4ubuntu2.7
After a standard system upgrade you need to restart any applications using apr, such as Subversion and Apache, to effect the necessary changes.
Details follow:
USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.diff.gz
Size/MD5: 126010 68da83341313e1b166fe345138d1eaa5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.dsc
Size/MD5: 1156 0b17c48d0880ab82c769c41d1aff7002
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.7_all.deb
Size/MD5: 2125530 9356b79c2b1591ffec1a6cd1974f82fd
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 833902 08b8aaf66aa52e6fd9dbed1647bb5dd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 229124 400d32297652e4976456cb7b367cc435
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 224122 07be7749fd618703c9f093efeb5e6fad
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 228700 9c79315063121eb7017cd99c6bb4667c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 172244 e15a994901f09e6e8294d656b8a8254c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 173028 985f0a987b0e5e17b24fdd6f8475781a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 95066 2b836251f30a5c3d0cb24c2775a9b997
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 37096 2756f162320b3b183c7447dad130cff9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 286664 f46d70c05cba04ceaba7d62afe5ac5be
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_amd64.deb
Size/MD5: 145234 e1c285b96d1ee5e8a66d01eadcc289c6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 787150 ab3e75481087dc0148ca3ccc450a1ab1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 203722 e10938af36f0e1802fbd3b0946ae6e3c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 199634 7ee8d5ba9679c8c7dd78c95b5fb74046
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 203146 5456087e20afd24d2a27d648fafeb135
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 172228 98a58d9526a667a05573e9b26fcfd45b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 173020 1db636c0e79b0ea3c405da958c35c932
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 92998 737aee7a7026d4d9b33a0f71b44e0b19
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 37098 15db8827569af434025942a84e77b381
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 262652 93f2171d69072153264cab51860f781c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_i386.deb
Size/MD5: 133118 cac6f1c804a1e34bf4250be4d8670862
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 859954 558399d0c5fb22cee0cdc1b20d4d7586
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 221090 94c5789d3d06b3553d883eca45ab06b7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 216702 68edfa60eb9de377b20be68e10bd879a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 220634 8f103f83772eb2e52cd38bb0fb1efbec
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 172234 559b5683e44f424324d43b09f42c63f6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 173014 7c05a2f5fe626036ebaa271cece0cd09
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 104772 63a31e0f30472ebc19a79744b1b1fe03
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 37098 c00f5d32432f97ac992652ac1bbb7259
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 282244 1a2c7d7038b335ae2ab6ff68d06a380f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_powerpc.deb
Size/MD5: 142328 169a4ce5fc42eb789c76f46acb07aa00
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 804250 3a780a65322c539717e93a64792acc16
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 211276 e1f45226511664f1759a6ad75aff6155
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 206948 19e2792273d8a4935ef6fcc6ee369326
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 210556 e62136b10dca8c665defa2cc54640e64
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 172232 6e2213cb4b6a5dec1506fe01ce5cc028
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 173010 9603ee752f034d04fd349db168fbe2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 94084 c6f6315ff2e1865f409ae49d54e3a233
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 37102 fdb3a44756f9d6e8d36c1b2558420d57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 268648 03fbe81b3cc1f0ac17961fc5c58a3f5f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_sparc.deb
Size/MD5: 131056 8707670bfb577280d9b5d0689c51608c
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0708",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "apr-util",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.3.8"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.3.5"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.9,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "0.9.6"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "0.9.1"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "0.9.7"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "0.9.7-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "0.9.16"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.8"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.4"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.4-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.6-dev"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.2"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.8"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.5"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.5"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.8"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.2"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.3"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.2-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.6-dev"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.9"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.6"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.7-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.5"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.9"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.2-dev"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.3"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.3-dev"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.16-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.1"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.4"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.4-dev"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "0.9.3-dev"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.64"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "0.9.x"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.x"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "0.9.x"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.x"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.x"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.39"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.29"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.39"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.29"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.1"
},
{
"model": "opensolaris",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "3.0 (x64)"
},
{
"model": "turbolinux client",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2008"
},
{
"model": "turbolinux fuji",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "( extended maintenance )"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "interscan messaging security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "7.x"
},
{
"model": "interscan messaging security virtual appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "7.0"
},
{
"model": "trendmicro interscan messaging security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "7.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.3.z (server)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise sp3 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp2 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "jboss enterprise web server el4",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux eus 5.3.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux es 4.8.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as 4.8.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.3.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server standard-j edition b",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.1"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition 9.1.0b",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.2.2.5"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "4.2.2.4"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.5"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "5.4"
},
{
"model": "coat systems director",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.9.17"
},
{
"model": "apr-util",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.9.7"
},
{
"model": "portable runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0.9.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "2.2.7-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "opensolaris build snv 122",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems director",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "5.5.2.3"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
}
],
"sources": [
{
"db": "BID",
"id": "35949"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.6-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.6-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.2-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.7-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.16-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.7-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.3-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.4-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.2-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:0.9.3-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.4-dev:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Lewis\u203b mattlewis@google.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2412",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2412",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2412",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-530",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information. Apache APR (Apache Portable Runtime) and \u0027APR-util\u0027 are prone to multiple integer-overflow vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of an application that uses the affected library. Successful exploits will compromise the affected application and possibly the computer. Failed attacks will cause denial-of-service conditions. \n \n This update provides fixes for these vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.1:\n bd5757bce0a8299edcf7dcc3e2980964 2008.1/i586/apr-util-dbd-mysql-1.2.12-4.2mdv2008.1.i586.rpm\n 50ba5cc45e1f72e8219addc0df369ca4 2008.1/i586/apr-util-dbd-pgsql-1.2.12-4.2mdv2008.1.i586.rpm\n 1cb0f643e4084741afefb8d25d975062 2008.1/i586/apr-util-dbd-sqlite3-1.2.12-4.2mdv2008.1.i586.rpm\n 23990e6d23f02addecd2d3dcd7d68baf 2008.1/i586/libapr1-1.2.12-3.1mdv2008.1.i586.rpm\n 002cebd9b1e101cc487490fb5e1de4b9 2008.1/i586/libapr-devel-1.2.12-3.1mdv2008.1.i586.rpm\n 178584e4fee60428188b4f8be39e8b22 2008.1/i586/libapr-util1-1.2.12-4.2mdv2008.1.i586.rpm\n d718e18960ee01edbfc9cf99cb335604 2008.1/i586/libapr-util-devel-1.2.12-4.2mdv2008.1.i586.rpm \n bf792d204211369b8c63051f1360fd97 2008.1/SRPMS/apr-1.2.12-3.1mdv2008.1.src.rpm\n dcbd01ea287e6d8efc276dfa074c3930 2008.1/SRPMS/apr-util-1.2.12-4.2mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 6a9a81c520c8e30b5f8fbbe54d185dff 2008.1/x86_64/apr-util-dbd-mysql-1.2.12-4.2mdv2008.1.x86_64.rpm\n cc9d7917d41f5ca317d2942c2d14c859 2008.1/x86_64/apr-util-dbd-pgsql-1.2.12-4.2mdv2008.1.x86_64.rpm\n 016e48025c0fec50db868ba23d20140e 2008.1/x86_64/apr-util-dbd-sqlite3-1.2.12-4.2mdv2008.1.x86_64.rpm\n 6ee3859a30eab3399275b29356df5727 2008.1/x86_64/lib64apr1-1.2.12-3.1mdv2008.1.x86_64.rpm\n 766f74618ab9532eef5ab40f94112579 2008.1/x86_64/lib64apr-devel-1.2.12-3.1mdv2008.1.x86_64.rpm\n 6e57aa1381b9af730eec5f313f8d5d79 2008.1/x86_64/lib64apr-util1-1.2.12-4.2mdv2008.1.x86_64.rpm\n 6fda7ebf5640ad5ad9ba0d2d1169dbc9 2008.1/x86_64/lib64apr-util-devel-1.2.12-4.2mdv2008.1.x86_64.rpm \n bf792d204211369b8c63051f1360fd97 2008.1/SRPMS/apr-1.2.12-3.1mdv2008.1.src.rpm\n dcbd01ea287e6d8efc276dfa074c3930 2008.1/SRPMS/apr-util-1.2.12-4.2mdv2008.1.src.rpm\n\n Mandriva Linux 2009.0:\n 89786c5904cee8d22c5140528d412a1c 2009.0/i586/apr-util-dbd-freetds-1.3.4-2.2mdv2009.0.i586.rpm\n 19df90719d15def384b7aec1efc5dcd8 2009.0/i586/apr-util-dbd-ldap-1.3.4-2.2mdv2009.0.i586.rpm\n e164acf4668fd239f2801698e3dc9aa4 2009.0/i586/apr-util-dbd-mysql-1.3.4-2.2mdv2009.0.i586.rpm\n 70f55ca514ef15778001082f3c51a9fd 2009.0/i586/apr-util-dbd-odbc-1.3.4-2.2mdv2009.0.i586.rpm\n 85135d9490be22fc56a897cf9d5fba7e 2009.0/i586/apr-util-dbd-pgsql-1.3.4-2.2mdv2009.0.i586.rpm\n 424d3a8896bc70503a69dc8c4d9882a9 2009.0/i586/apr-util-dbd-sqlite3-1.3.4-2.2mdv2009.0.i586.rpm\n 586edd704499f119527638f0f1913614 2009.0/i586/libapr1-1.3.3-2.1mdv2009.0.i586.rpm\n f5065323fca63075434ce1eb850e3c01 2009.0/i586/libapr-devel-1.3.3-2.1mdv2009.0.i586.rpm\n 4aba7262b561a1d67187c799cd06a138 2009.0/i586/libapr-util1-1.3.4-2.2mdv2009.0.i586.rpm\n a125fa8529bd8dd79ada83747c23f9d4 2009.0/i586/libapr-util-devel-1.3.4-2.2mdv2009.0.i586.rpm \n 23e454eea7e368502047b85976d1ef88 2009.0/SRPMS/apr-1.3.3-2.1mdv2009.0.src.rpm\n 162271ed051fa5de81a973e5adc487dc 2009.0/SRPMS/apr-util-1.3.4-2.2mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 667ffab851dd6babd31700a5d9c113a7 2009.0/x86_64/apr-util-dbd-freetds-1.3.4-2.2mdv2009.0.x86_64.rpm\n 08089224bb9da997752624d85c229251 2009.0/x86_64/apr-util-dbd-ldap-1.3.4-2.2mdv2009.0.x86_64.rpm\n 7ce1a16bc3e35fc4a3dcb8a1e148c05b 2009.0/x86_64/apr-util-dbd-mysql-1.3.4-2.2mdv2009.0.x86_64.rpm\n 075dbc136d3110952d54f9a85761c1b6 2009.0/x86_64/apr-util-dbd-odbc-1.3.4-2.2mdv2009.0.x86_64.rpm\n 90edf3ec758ed79a7973a36141ddc295 2009.0/x86_64/apr-util-dbd-pgsql-1.3.4-2.2mdv2009.0.x86_64.rpm\n f15ee7ff2b203c436eab2d7e4c118a1d 2009.0/x86_64/apr-util-dbd-sqlite3-1.3.4-2.2mdv2009.0.x86_64.rpm\n 2b0529a353e38a0eda5f8d08ecf95554 2009.0/x86_64/lib64apr1-1.3.3-2.1mdv2009.0.x86_64.rpm\n 524773745dfeb06cd86e7149723c6cbe 2009.0/x86_64/lib64apr-devel-1.3.3-2.1mdv2009.0.x86_64.rpm\n 3e7bc1d3e713ba5893c34215ee93f932 2009.0/x86_64/lib64apr-util1-1.3.4-2.2mdv2009.0.x86_64.rpm\n 44be6021b3db277a5993f488b02074db 2009.0/x86_64/lib64apr-util-devel-1.3.4-2.2mdv2009.0.x86_64.rpm \n 23e454eea7e368502047b85976d1ef88 2009.0/SRPMS/apr-1.3.3-2.1mdv2009.0.src.rpm\n 162271ed051fa5de81a973e5adc487dc 2009.0/SRPMS/apr-util-1.3.4-2.2mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 0b3427fcb40fcd8e068eb81e8de67685 2009.1/i586/apr-util-dbd-freetds-1.3.4-9.2mdv2009.1.i586.rpm\n 77e215797fc02c290e59ce072a36fffc 2009.1/i586/apr-util-dbd-ldap-1.3.4-9.2mdv2009.1.i586.rpm\n 05d1106df36459a7a40ecb11d5560c61 2009.1/i586/apr-util-dbd-mysql-1.3.4-9.2mdv2009.1.i586.rpm\n 97adcfda40750873588942a9ab0e5e3c 2009.1/i586/apr-util-dbd-odbc-1.3.4-9.2mdv2009.1.i586.rpm\n 1b9379f8d6ec49908d43d4228ecbee66 2009.1/i586/apr-util-dbd-pgsql-1.3.4-9.2mdv2009.1.i586.rpm\n a5e5bb25d2e370e22f274482afe74fd8 2009.1/i586/apr-util-dbd-sqlite3-1.3.4-9.2mdv2009.1.i586.rpm\n 1f907eab0d93dd413086f0943988284c 2009.1/i586/libapr1-1.3.3-5.1mdv2009.1.i586.rpm\n a6992c671c7352c2965f46abced93b8a 2009.1/i586/libapr-devel-1.3.3-5.1mdv2009.1.i586.rpm\n e748ca10352eaa46ef2514ce8718674b 2009.1/i586/libapr-util1-1.3.4-9.2mdv2009.1.i586.rpm\n 73afb8eabe81ae8be63f1ba9d8fc3bf2 2009.1/i586/libapr-util-devel-1.3.4-9.2mdv2009.1.i586.rpm \n 1a1706c01c2668a058a54c06d6e5aac6 2009.1/SRPMS/apr-1.3.3-5.1mdv2009.1.src.rpm\n 241d8b7b1261089d299f9b8463f391a7 2009.1/SRPMS/apr-util-1.3.4-9.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n f0b10ee44c9092605ad1137a46e4955c 2009.1/x86_64/apr-util-dbd-freetds-1.3.4-9.2mdv2009.1.x86_64.rpm\n 98247a74314a56b6f4097a9943e236c0 2009.1/x86_64/apr-util-dbd-ldap-1.3.4-9.2mdv2009.1.x86_64.rpm\n 2e0d895eb1b93c2518436ab4c678da23 2009.1/x86_64/apr-util-dbd-mysql-1.3.4-9.2mdv2009.1.x86_64.rpm\n 8269586d2608f6e79eff11de7bda333e 2009.1/x86_64/apr-util-dbd-odbc-1.3.4-9.2mdv2009.1.x86_64.rpm\n 489b31861a5fabd272348ca224e4d9b4 2009.1/x86_64/apr-util-dbd-pgsql-1.3.4-9.2mdv2009.1.x86_64.rpm\n b1164ff6f2e06bfcada083e9d11c1595 2009.1/x86_64/apr-util-dbd-sqlite3-1.3.4-9.2mdv2009.1.x86_64.rpm\n 257e2b240479fb7c472efa7de7ee11c8 2009.1/x86_64/lib64apr1-1.3.3-5.1mdv2009.1.x86_64.rpm\n 222f5f44d9600dcf593923ea6422d47e 2009.1/x86_64/lib64apr-devel-1.3.3-5.1mdv2009.1.x86_64.rpm\n 99ef537b486eccad55d8f0d79f37abbd 2009.1/x86_64/lib64apr-util1-1.3.4-9.2mdv2009.1.x86_64.rpm\n 9d9e0933f57289530059e5a9b3e42e1c 2009.1/x86_64/lib64apr-util-devel-1.3.4-9.2mdv2009.1.x86_64.rpm \n 1a1706c01c2668a058a54c06d6e5aac6 2009.1/SRPMS/apr-1.3.3-5.1mdv2009.1.src.rpm\n 241d8b7b1261089d299f9b8463f391a7 2009.1/SRPMS/apr-util-1.3.4-9.2mdv2009.1.src.rpm\n\n Corporate 3.0:\n 39d0747e39f45148c8540e76a272f219 corporate/3.0/i586/apache2-2.0.48-6.22.C30mdk.i586.rpm\n 9c7677568ec7e3fab84ed224af029d6a corporate/3.0/i586/apache2-common-2.0.48-6.22.C30mdk.i586.rpm\n 9f60f68aa326aaaa02cb6e9346ac0b7b corporate/3.0/i586/apache2-devel-2.0.48-6.22.C30mdk.i586.rpm\n a9051117cf2a34ed7cf9066e31d1767f corporate/3.0/i586/apache2-manual-2.0.48-6.22.C30mdk.i586.rpm\n ddc2cafb1a02ee501e5127a8731ea942 corporate/3.0/i586/apache2-mod_cache-2.0.48-6.22.C30mdk.i586.rpm\n f3bbd229b347489f40b81419214c42bd corporate/3.0/i586/apache2-mod_dav-2.0.48-6.22.C30mdk.i586.rpm\n cd19b116ef93c07f78efbe4393d2e3be corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.22.C30mdk.i586.rpm\n 5a2da72b9255a8c35f0ed877899f90eb corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.i586.rpm\n e940b8e3b2da880bca84ebc9f528b2e6 corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.22.C30mdk.i586.rpm\n 5d713bee1985cc49c585b4289ee76f1e corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.22.C30mdk.i586.rpm\n f293fbf344f6fc55e92170518a710149 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.i586.rpm\n f4c48499cb6968a12a5250e3464a2b30 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.22.C30mdk.i586.rpm\n 997ea437e49903a014de32e61573de7a corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.22.C30mdk.i586.rpm\n fe5f16a62fc94177286445e9830cb6a6 corporate/3.0/i586/apache2-modules-2.0.48-6.22.C30mdk.i586.rpm\n 4eb89be3edc9f7dd0511e22d64baefe2 corporate/3.0/i586/apache2-source-2.0.48-6.22.C30mdk.i586.rpm\n 64be98dcd021367f603e972cc40d6710 corporate/3.0/i586/libapr0-2.0.48-6.22.C30mdk.i586.rpm \n 5c5a7cb9305c8b0d469fc424931ae215 corporate/3.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n c84b780216da90735018f37b8d606ad9 corporate/3.0/x86_64/apache2-2.0.48-6.22.C30mdk.x86_64.rpm\n 079ef7c187ea63bdfdb7b2f8e0c7ed85 corporate/3.0/x86_64/apache2-common-2.0.48-6.22.C30mdk.x86_64.rpm\n 78d8764d894dcf4821e3014b3bf0a1c2 corporate/3.0/x86_64/apache2-devel-2.0.48-6.22.C30mdk.x86_64.rpm\n e938351292eaf95bad5937066e071f6e corporate/3.0/x86_64/apache2-manual-2.0.48-6.22.C30mdk.x86_64.rpm\n b7b0c47891c1da19b9bfedd5eaeb5a12 corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.22.C30mdk.x86_64.rpm\n 14603191e70ea26450ad9f5254f1eff8 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.22.C30mdk.x86_64.rpm\n f49c1f32bfa9b325836e28f7078d3897 corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.22.C30mdk.x86_64.rpm\n 0d8058c7d57105b18e97579817872d95 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.x86_64.rpm\n 09b7bdc4907e672ee9b83a9f0ed2fb13 corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.22.C30mdk.x86_64.rpm\n 90a9565c923530b22f4141d2a186972b corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.22.C30mdk.x86_64.rpm\n 0f244810519460074938138d87a11997 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.x86_64.rpm\n 0836106477de3d26f4c31a595c996cdc corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.22.C30mdk.x86_64.rpm\n 353d05dfc30072a39f3597c39454f331 corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.22.C30mdk.x86_64.rpm\n 1234e8bf94a4ddf65cf225aaf4367937 corporate/3.0/x86_64/apache2-modules-2.0.48-6.22.C30mdk.x86_64.rpm\n fbb25973021e327262cc152fd46996cc corporate/3.0/x86_64/apache2-source-2.0.48-6.22.C30mdk.x86_64.rpm\n 0520ca7c45963a2e2e26d8e3b5f63c41 corporate/3.0/x86_64/lib64apr0-2.0.48-6.22.C30mdk.x86_64.rpm \n 5c5a7cb9305c8b0d469fc424931ae215 corporate/3.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm\n\n Corporate 4.0:\n 59bb8b01944e22319fcd4a0202bdffd9 corporate/4.0/i586/apr-util-dbd-mysql-1.2.7-6.2.20060mlcs4.i586.rpm\n 75fc1a2cbde6e0426f3f59cfd099b3b1 corporate/4.0/i586/apr-util-dbd-pgsql-1.2.7-6.2.20060mlcs4.i586.rpm\n 73cbae192430eca396ba79f548437cc1 corporate/4.0/i586/apr-util-dbd-sqlite3-1.2.7-6.2.20060mlcs4.i586.rpm\n 09726634b12dc2afc37d292853cfb28c corporate/4.0/i586/libapr1-1.2.7-1.1.20060mlcs4.i586.rpm\n cbfbe3652be9a6986f5f672034b84dc0 corporate/4.0/i586/libapr1-devel-1.2.7-1.1.20060mlcs4.i586.rpm\n 0733be6b968d4cbcce3494afe962ea12 corporate/4.0/i586/libapr-util1-1.2.7-6.2.20060mlcs4.i586.rpm\n 725117e7948c43a6fb72f51966d6dd79 corporate/4.0/i586/libapr-util1-devel-1.2.7-6.2.20060mlcs4.i586.rpm \n 4003af7f60b2b13d6f77a05ebe9dfb22 corporate/4.0/SRPMS/apr-1.2.7-1.1.20060mlcs4.src.rpm\n e74d2bc186c01528afbbf64f7491f221 corporate/4.0/SRPMS/apr-util-1.2.7-6.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 09e54e8fb5df6737dc1b00440d31d5c7 corporate/4.0/x86_64/apr-util-dbd-mysql-1.2.7-6.2.20060mlcs4.x86_64.rpm\n 766214b9f0df47776db7bea60f97298f corporate/4.0/x86_64/apr-util-dbd-pgsql-1.2.7-6.2.20060mlcs4.x86_64.rpm\n 22cb8925b104be9d571cf592a29064c3 corporate/4.0/x86_64/apr-util-dbd-sqlite3-1.2.7-6.2.20060mlcs4.x86_64.rpm\n 0fb8d44ea77b337e4026e72ed4000bf8 corporate/4.0/x86_64/lib64apr1-1.2.7-1.1.20060mlcs4.x86_64.rpm\n ba0345c32bfe4376621334e36a62a1c0 corporate/4.0/x86_64/lib64apr1-devel-1.2.7-1.1.20060mlcs4.x86_64.rpm\n cbd9beef22028ade9ecf3d172c710ff1 corporate/4.0/x86_64/lib64apr-util1-1.2.7-6.2.20060mlcs4.x86_64.rpm\n 5247ff1b281c9fa95ad547996f3bbb17 corporate/4.0/x86_64/lib64apr-util1-devel-1.2.7-6.2.20060mlcs4.x86_64.rpm \n 4003af7f60b2b13d6f77a05ebe9dfb22 corporate/4.0/SRPMS/apr-1.2.7-1.1.20060mlcs4.src.rpm\n e74d2bc186c01528afbbf64f7491f221 corporate/4.0/SRPMS/apr-util-1.2.7-6.2.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n fe7bd17a4b8499027179f5f421fce92d mes5/i586/libapr1-1.3.3-2.1mdvmes5.i586.rpm\n ce82a19e9423f69bc380fc32e0e96a9d mes5/i586/libapr-devel-1.3.3-2.1mdvmes5.i586.rpm \n 01004428f12cd78529ac43a546976121 mes5/SRPMS/apr-1.3.3-2.1mdvmes5.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 744cad17495d753e07fed748ccab4c46 mes5/x86_64/apr-util-dbd-freetds-1.3.4-2.2mdvmes5.x86_64.rpm\n 4c70155fb19f486a19f048455e41e480 mes5/x86_64/apr-util-dbd-ldap-1.3.4-2.2mdvmes5.x86_64.rpm\n 278c7292a0432e0d6760639667ec6858 mes5/x86_64/apr-util-dbd-mysql-1.3.4-2.2mdvmes5.x86_64.rpm\n 0358fea0177405ccd625304c83715992 mes5/x86_64/apr-util-dbd-odbc-1.3.4-2.2mdvmes5.x86_64.rpm\n a549b591b27f810ba898e75030f61398 mes5/x86_64/apr-util-dbd-pgsql-1.3.4-2.2mdvmes5.x86_64.rpm\n fb02a789f8ec6081f01df92768cda441 mes5/x86_64/apr-util-dbd-sqlite3-1.3.4-2.2mdvmes5.x86_64.rpm\n 4dbc88f0779d110f589ee60d7708e1e0 mes5/x86_64/lib64apr1-1.3.3-2.1mdvmes5.x86_64.rpm\n d591c7684cfd0d6a9a5ae749a3120f58 mes5/x86_64/lib64apr-devel-1.3.3-2.1mdvmes5.x86_64.rpm\n 6b946eebc0ff697faad4364beae260f8 mes5/x86_64/lib64apr-util1-1.3.4-2.2mdvmes5.x86_64.rpm\n 5c1f8dd8c2fcb0eb68bd1e24a25d1e22 mes5/x86_64/lib64apr-util-devel-1.3.4-2.2mdvmes5.x86_64.rpm \n 01004428f12cd78529ac43a546976121 mes5/SRPMS/apr-1.3.3-2.1mdvmes5.src.rpm\n\n Multi Network Firewall 2.0:\n 39d0747e39f45148c8540e76a272f219 mnf/2.0/i586/apache2-2.0.48-6.22.C30mdk.i586.rpm\n 9c7677568ec7e3fab84ed224af029d6a mnf/2.0/i586/apache2-common-2.0.48-6.22.C30mdk.i586.rpm\n 9f60f68aa326aaaa02cb6e9346ac0b7b mnf/2.0/i586/apache2-devel-2.0.48-6.22.C30mdk.i586.rpm\n a9051117cf2a34ed7cf9066e31d1767f mnf/2.0/i586/apache2-manual-2.0.48-6.22.C30mdk.i586.rpm\n ddc2cafb1a02ee501e5127a8731ea942 mnf/2.0/i586/apache2-mod_cache-2.0.48-6.22.C30mdk.i586.rpm\n f3bbd229b347489f40b81419214c42bd mnf/2.0/i586/apache2-mod_dav-2.0.48-6.22.C30mdk.i586.rpm\n cd19b116ef93c07f78efbe4393d2e3be mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.22.C30mdk.i586.rpm\n 5a2da72b9255a8c35f0ed877899f90eb mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.22.C30mdk.i586.rpm\n e940b8e3b2da880bca84ebc9f528b2e6 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.22.C30mdk.i586.rpm\n 5d713bee1985cc49c585b4289ee76f1e mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.22.C30mdk.i586.rpm\n f293fbf344f6fc55e92170518a710149 mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.22.C30mdk.i586.rpm\n f4c48499cb6968a12a5250e3464a2b30 mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.22.C30mdk.i586.rpm\n 997ea437e49903a014de32e61573de7a mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.22.C30mdk.i586.rpm\n fe5f16a62fc94177286445e9830cb6a6 mnf/2.0/i586/apache2-modules-2.0.48-6.22.C30mdk.i586.rpm\n 4eb89be3edc9f7dd0511e22d64baefe2 mnf/2.0/i586/apache2-source-2.0.48-6.22.C30mdk.i586.rpm\n 64be98dcd021367f603e972cc40d6710 mnf/2.0/i586/libapr0-2.0.48-6.22.C30mdk.i586.rpm \n 5c5a7cb9305c8b0d469fc424931ae215 mnf/2.0/SRPMS/apache2-2.0.48-6.22.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFKesC1mqjQ0CJFipgRAvjJAJ9/hkPV+kb4tO2KHfjb2m+3nV+9+gCfQHvt\nuej6FdYjm8TitsZAK4BFOis=\n=IDO9\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1854-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nAugust 08, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : apr, apr-util\nVulnerability : heap buffer overflow\nDebian-specific: no\nCVE Id(s) : CVE-2009-2412\n\nMatt Lewis discovered that the memory management code in the Apache\nPortable Runtime (APR) library does not guard against a wrap-around\nduring size computations. This could cause the library to return a\nmemory area which smaller than requested, resulting a heap overflow\nand possibly arbitrary code execution. \n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 1.2.7-9 of the apr package, and version 1.2.7+dfsg-2+etch3 of\nthe apr-util package. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1.2.12-5+lenny1 of the apr package and version 1.2.12-5+lenny1\nof the apr-util package. \n\nFor the unstable distribution (sid), this problem will be fixed soon. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz\n Size/MD5 checksum: 643328 a3117be657f99e92316be40add59b9ff\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.dsc\n Size/MD5 checksum: 1036 9dc256c005a7f544c4d5c410b226fb74\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.diff.gz\n Size/MD5 checksum: 26613 021ef3aa5b3a9fc021779a0b6a6a4ec9\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.diff.gz\n Size/MD5 checksum: 21651 e090ebfd7174c90bae4e4935a3d3db15\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7.orig.tar.gz\n Size/MD5 checksum: 1102370 aea926cbe588f844ad9e317157d60175\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.dsc\n Size/MD5 checksum: 856 89662625fd7a34ceb514087de869d918\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_alpha.deb\n Size/MD5 checksum: 121726 df1e2d6e8bf9ed485ad417fe274eb0e3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 83690 b5873275f420b15f9868ea0dde699c60\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_alpha.deb\n Size/MD5 checksum: 371668 4e8bd42151f3cdf8cee91c49599aab42\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 129158 5074639b4b0d9877ff29b96540fdfaec\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_alpha.deb\n Size/MD5 checksum: 185420 ddf84849ff3bee792dc187c6d21958bd\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_alpha.deb\n Size/MD5 checksum: 148140 079cff06535a7e3f4e9a5d682d80bb1b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 72946 6b11e4b65bdf67981a091177d9644007\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 126156 b420f555d02504e0497a0ba3c27e0cac\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_amd64.deb\n Size/MD5 checksum: 127742 1606857f3291ccb10e038219f1f2eab3\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_amd64.deb\n Size/MD5 checksum: 187302 bb1a4aa5768fa012201ad1e72bc27e93\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_amd64.deb\n Size/MD5 checksum: 348120 b5d6b4e7c628dffe867159b54b6c82f1\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_amd64.deb\n Size/MD5 checksum: 111664 6b51dc29ea4defa975902d246188086f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 121504 3ba789c274f2ed7030aa286ea57dbb3d\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_arm.deb\n Size/MD5 checksum: 175146 86ff258e9181fa424cb043dc22e2c0e0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 117302 97d701c8f9d6746eb14448bfde8e8588\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_arm.deb\n Size/MD5 checksum: 104934 45a976662beb7ec3b15ee7c7a45f3de7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_arm.deb\n Size/MD5 checksum: 66110 09c54142359236f50654bd9c7b375781\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_arm.deb\n Size/MD5 checksum: 335520 14d06ecfb54247718b780c893df8f4cc\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 126186 9494353aa42e983a245af2890dd2c6d7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 78668 60c87b0e86c1ed31deecddd88cdf5fa5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_hppa.deb\n Size/MD5 checksum: 133918 ae993c733053a326603c5b750505bee9\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 116052 6238f10eb5077bb53b9664b82b985c40\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_i386.deb\n Size/MD5 checksum: 338694 262cec472ec3aaeb1b4d38eebaa940c8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 68854 78ab4f6425153d8b746b99842994d555\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_i386.deb\n Size/MD5 checksum: 109138 4aa254cacd4e95785ae823cedb1cce2f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_i386.deb\n Size/MD5 checksum: 122136 4a16475bb5780625902c79069681ae74\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_i386.deb\n Size/MD5 checksum: 180654 481471d06045a2e348b55de6dbdf5f94\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 156562 52761fff3e82e21728e0c6a79bf4508f\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 99446 3ad58d882e434e39be525e7aa41d9e93\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_ia64.deb\n Size/MD5 checksum: 141894 5b7351a6b4c3765e3d76b9d22e04cf0e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_ia64.deb\n Size/MD5 checksum: 118716 8c73712293cd4d9a5935aefd18a3e4c9\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_ia64.deb\n Size/MD5 checksum: 171514 f474001e4f852a44af517b5d6f737a65\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_ia64.deb\n Size/MD5 checksum: 385514 76d0bbda16c749f6a5b40fd6297a180a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mips.deb\n Size/MD5 checksum: 188816 de1ecb467042d2c1891cc1d2f5db83d9\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 130394 fc34d9b137c080b63374d809c1d6bf8b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 130492 4d7cdffabbef214eeea0c02a346d0eb8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mips.deb\n Size/MD5 checksum: 70776 6fe66f5cb81c2a3af2fa0cd64a85cfd8\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mips.deb\n Size/MD5 checksum: 357368 aab08f1596aead97cc48924ebf99c80e\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mips.deb\n Size/MD5 checksum: 112644 9c6d720999259453daaa13e8ec3c8336\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 186464 5b2392a143ff8a173a771b819377ab47\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 128052 02e3c278190e92d7131c275aab5f5c44\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 358010 480087a77642a8ff99a32bb323b62600\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 130712 50da703a75deb2ba87d4be171e80bd5b\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mipsel.deb\n Size/MD5 checksum: 113352 d363370bcba834268202db5271b20aa3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mipsel.deb\n Size/MD5 checksum: 70794 1f57c4362c286bd0d2df40d775690612\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 125106 92d5d46effd18aaa8e849254d9da8acd\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 348504 2f4f96652c28e3f5f1cfae8e5265ec83\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 130380 dacdce767bcff6b0ecbe66add6838e8b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 189780 ae1e23e3080fbfe3ba26b8acf9561d6c\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_powerpc.deb\n Size/MD5 checksum: 113956 1e2ba4da9ee0775325b351887c182f52\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_powerpc.deb\n Size/MD5 checksum: 72472 3a47c9eca3ec7b6f4e87609b3aca7f65\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 124802 cdd46922b57a51fedb25ae401d8dc753\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_s390.deb\n Size/MD5 checksum: 121978 71edc1d101933b1a43a9c395427a4aed\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 128570 f0f7d5dfecb61c6212e0803a325e8a01\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_s390.deb\n Size/MD5 checksum: 186320 cca313c55848e6161810ff16fb71390f\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_s390.deb\n Size/MD5 checksum: 349848 b9cbaa0a70b9bfa28d74ac4a6e107428\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_s390.deb\n Size/MD5 checksum: 76668 f6b5e093ae1c3c5d4442e223115052de\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_sparc.deb\n Size/MD5 checksum: 338056 ab06437e18c1cc36dab35779cc4102d8\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_sparc.deb\n Size/MD5 checksum: 103200 1c6f94d15f4e3052e9ed80fc232f96b5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 117840 5f0671d301a9e2ea8020d0dcaa71a42b\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 66374 668815a44c99c366ae8e3f624613932e\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_sparc.deb\n Size/MD5 checksum: 167962 f338f71eeb38be58c67d1ac0fd92d1ff\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_sparc.deb\n Size/MD5 checksum: 117510 63dd9c471f24472eb46a5fd9dcb92077\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12.orig.tar.gz\n Size/MD5 checksum: 1127522 020ea947446dca2d1210c099c7a4c837\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.diff.gz\n Size/MD5 checksum: 12398 b407ff7dac7363278f4f060e121aa611\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz\n Size/MD5 checksum: 658687 4ef3e41037fe0cdd3a0d107335a008eb\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.dsc\n Size/MD5 checksum: 1530 dccceaa89d58074be3b7b7738a99756b\n http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.diff.gz\n Size/MD5 checksum: 23138 a2222477de9ad92015416542a2c250ed\n http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.dsc\n Size/MD5 checksum: 1284 4330306f892fd7c0950b1ccf2537b38d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 806236 3689d5ee779d3846fe67c9dad2f213dc\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 53204 92bb2e8a7c48e6f8437680e08607a3f7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 147658 edba141e93c382fbf0ab2bbec1dba899\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 158060 b80ad32790c6c8d89f0007a69d9ce0b8\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_alpha.deb\n Size/MD5 checksum: 90740 c715b55d060a2d4e8d7684477d0b9014\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_alpha.deb\n Size/MD5 checksum: 121774 565a4fdd123d04698907456e40d4df0b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 54232 3f23cc38f68bbf926b801b82b3fea917\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 80046 f6158018f26ddd6369687b8f9f64aa75\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 114326 851cc08504589c09f08ec9e6efa52ef1\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 147928 136a5a5c0d558d8f252d1ed44efed217\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_amd64.deb\n Size/MD5 checksum: 133850 6b71ac477650c688863ef33fc58216a0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_amd64.deb\n Size/MD5 checksum: 825740 bf80dbc726c5b691b023e96e463ba88c\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 818438 8e6c8a9964650a793e4a0e5ec51a8619\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 54912 a853d8175d2bee56c6f37aada02fc2ca\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_arm.deb\n Size/MD5 checksum: 107790 85e0815ff8f340d99052a9c9f604cccd\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 71112 20a4c9fd130c188166c0ebc6ceff5fcf\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 138982 c84f95cff9713ed403fae7b712456ade\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_arm.deb\n Size/MD5 checksum: 124090 c4fc3663255a416725a69818e3523731\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 109676 e26ebffcc101ffc87963c9a65b3543f6\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 124626 4c34337eb3d1d55900a067f2c8412abc\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 821990 19c68f5f904bb3bbdfd44349f8544e83\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_armel.deb\n Size/MD5 checksum: 55820 f39b0928bc4b91fb60bd6259c6ae6e02\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 70086 1d3032e0879ed1ea6fa2f04c34af1782\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_armel.deb\n Size/MD5 checksum: 139434 e802e42577998c62fadfc335edb3b81a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 83668 3c8893214d7375303eaf1eec6e27212b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 827762 2fd0d8dd54c92c828e42100bb8816b00\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 142916 14e1e2f8fa50b0eb1772f1e4bbc26e50\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_hppa.deb\n Size/MD5 checksum: 140872 7fef63f2cd282e44c51b5e69d94d8706\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 113954 926b8c39fee1787a94b3d6cc1c6d420b\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_hppa.deb\n Size/MD5 checksum: 54332 18751dc2275828a126b2dbe568678f32\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 73814 2ef03972ed5b2232fe5782c4960bc362\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 54582 edc98ca59cebd14195602929def1da31\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 141438 5a54e1cac30640ca5e9922586d9983a8\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 108882 075f37cd43e483d27ff0b94ad01f2d08\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_i386.deb\n Size/MD5 checksum: 121138 fc2411e049936d12702713c82377c9e5\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_i386.deb\n Size/MD5 checksum: 809460 a5648e0404f1cb4244c156cf85bfe0f5\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 135404 8f7a4964b22e5e9e5297380c15d8818d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 170110 412b51e1e3c1ed4e309459dd17844e68\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 154362 2fc1441f28ef4f90446464627c8ef36d\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 837496 6862607faf59e42525f5205d8a967818\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_ia64.deb\n Size/MD5 checksum: 111140 12f0bf9e6264cc9c170c2b8365428cc0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_ia64.deb\n Size/MD5 checksum: 53428 a6a55d644fb58a0f7ea6a9b509cb71d0\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 110932 feb666e4f402bcb1954bc194c37496d7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 147482 e2508cc75520518ccbe4c3a5cf0cc50c\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 56582 5134a012017e629239cc543fedf4edf3\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 74584 2fbb1b76079126fd701f32e45a9cf7f0\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mips.deb\n Size/MD5 checksum: 792650 126585d9fe0def77f7632f9d098eb11d\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mips.deb\n Size/MD5 checksum: 136438 ae62dc1d5a32fac11615f4b67cfa4a6b\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 56414 ecca7e3643ccb91fc962b886bdddbc0e\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 136390 d45f956c14ea9fe22b77bce3810c32b7\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 144740 05411f88615592531468cdd89bb4b5d0\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mipsel.deb\n Size/MD5 checksum: 74366 a15e15331a62f33d33481b7e53f07b48\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 792762 dc1e4748e106c82e9f8bf6c3ecce4a38\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mipsel.deb\n Size/MD5 checksum: 110974 a5dd28b5c9b3106da8e4c81abea6777d\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 82512 f8a18fb94a4ef3cabec01c288a26eef5\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 55708 555d64273f15c6ebd503b7cb84f0fb29\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 132338 66e77820b5b9d2a05d6df5c4ec2c76b0\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 116238 1a291989c32ea21ac8eef9ca51831fc5\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_powerpc.deb\n Size/MD5 checksum: 147180 cc9f274b349dbbb9ce9b69b0d0edf493\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_powerpc.deb\n Size/MD5 checksum: 821948 fc3acf3dec16223caf6f932e8b7c0c01\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 126058 474bddd0f3c5a69cc21fc2d403fe90f6\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 148614 89cc7bb2619f28e5e6e9d0042050a924\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 133044 fb35625937e6fae551d97df283a32dd9\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 787872 2dc32425bfbd17b841218064599d80ed\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_s390.deb\n Size/MD5 checksum: 85496 c41f2fdebd22ec066815211768dcdc3a\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_s390.deb\n Size/MD5 checksum: 54414 c36fa2538d8077a8ef09842e07bd989a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 814624 613a70f3443404f5939e91e229d01d25\n http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 54370 4c12839718c73a2b96b607d77fcbc583\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 131706 5c2ad3da38aaaab8ac2c14656602c532\n http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_sparc.deb\n Size/MD5 checksum: 108712 c1f66be9c2daa447d5bfbd1f7639aada\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 72738 ec558ed4277ca676f07e3181ffad0335\n http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_sparc.deb\n Size/MD5 checksum: 124976 22385c13d934c3877ce2f9eeaa4584e3\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niQEcBAEBAgAGBQJKfcqtAAoJEL97/wQC1SS+6T4IAJxpIZ7AUOwmDtuOk/WQzlzv\nU1nz6YhC9nhf/QdjbmAe0+ClaGwP5FZOacfEK6t64DBJ/81qgLtHlh6hlbm2+9wD\nvIddGlXmdKjEcHXVbt5rwEoc9pk6ma954Fziu2yUVxhP40SBLWlfEQ5w1LxjNHAI\nUKokX2+4C3Lk+6hJd8AqnvyfqP8h990HzFqT11hh8OlKVrvHmAiZWbSMmLvkKsPf\nF5mNDGVKluNfpAhwo6eLN2ayRDEKAeuejF2jQtb/MXQN3kJpPri2JhalhMra371l\nRmpmVNUOtKKJz/3gHSLjQNh6D5G4kj/I9RcHFA68Pv14kXh0xgtQlKGGLaPo/3M=\n=704P\n-----END PGP SIGNATURE-----\n. Subversion clients and servers, versions 1.6.0 - 1.6.3 and all\nversions \u003c 1.5.7, are vulnerable to several heap overflow problems\nwhich may lead to remote code execution. The official advisory\n(mirrored at http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt)\nfollows:\n\n\n Subversion clients and servers up to 1.6.3 (inclusive) have heap\n overflow issues in the parsing of binary deltas. \n\nSummary:\n========\n\n Subversion clients and servers have multiple heap overflow issues in\n the parsing of binary deltas. This is related to an allocation\n vulnerability in the APR library used by Subversion. \n\n Clients with commit access to a vulnerable server can cause a remote\n heap overflow; servers can cause a heap overflow on vulnerable\n clients that try to do a checkout or update. \n\n This can lead to a DoS (an exploit has been tested) and to arbitrary\n code execution (no exploit tested, but the possibility is clear). \n\nKnown vulnerable:\n=================\n\n Subversion clients and servers \u003c= 1.5.6. \n Subversion clients and servers 1.6.0 through 1.6.3 (inclusive). \n\nKnown fixed:\n============\n\n Subversion 1.6.4\n Subversion 1.5.7\n\n (Search for \"Patch\" below to see the patches from 1.6.3 -\u003e 1.6.4 and\n 1.5.6 -\u003e 1.5.7. Search for \"Recommendations\" to get URLs for the\n 1.6.4 release and associated APR library patch.)\n\nDetails:\n========\n\n The libsvn_delta library does not contain sufficient input validation\n of svndiff streams. If a stream with large windows is processed,\n one of several integer overflows may lead to some boundary checks\n incorrectly passing, which in turn can lead to a heap overflow. \n\nSeverity:\n=========\n\n A remote attacker with commit access to repository may be able to\n execute code on a Subversion server. A malicious server may be able to\n execute code on a Subversion client. \n\nRecommendations:\n================\n\n We recommend all users to upgrade to Subversion 1.6.4. \n\n We recommend all users to upgrade to the latest versions of APR and\n APR-UTIL, or apply the CVE-2009-2412 patch appropriate to their APR\n installation from \u003chttp://www.apache.org/dist/apr/patches/\u003e. \n\n New Subversion packages can be found at:\n http://subversion.tigris.org/project_packages.html\n\nReferences:\n===========\n\n CVE-2009-2411 (Subversion)\n CVE-2009-2412 (APR)\n\nReported by:\n============\n\n Matt Lewis, Google. \n\nPatches:\n========\n\n This patch applies to Subversion 1.6.x (apply with patch -p0 \u003c patchfile):\n\n[[[\nIndex: subversion/libsvn_delta/svndiff.c\n===================================================================\n--- subversion/libsvn_delta/svndiff.c (revision 38519)\n+++ subversion/libsvn_delta/svndiff.c (working copy)\n@@ -60,10 +60,23 @@ struct encoder_baton {\n apr_pool_t *pool;\n };\n\n+/* This is at least as big as the largest size of an integer that\n+ encode_int can generate; it is sufficient for creating buffers for\n+ it to write into. This assumes that integers are at most 64 bits,\n+ and so 10 bytes (with 7 bits of information each) are sufficient to\n+ represent them. */\n+#define MAX_ENCODED_INT_LEN 10\n+/* This is at least as big as the largest size for a single instruction. */\n+#define MAX_INSTRUCTION_LEN (2*MAX_ENCODED_INT_LEN+1)\n+/* This is at least as big as the largest possible instructions\n+ section: in theory, the instructions could be SVN_DELTA_WINDOW_SIZE\n+ 1-byte copy-from-source instructions (though this is very unlikely). */\n+#define MAX_INSTRUCTION_SECTION_LEN (SVN_DELTA_WINDOW_SIZE*MAX_INSTRUCTION_LEN)\n\n /* Encode VAL into the buffer P using the variable-length svndiff\n integer format. Return the incremented value of P after the\n- encoded bytes have been written. \n+ encoded bytes have been written. P must point to a buffer of size\n+ at least MAX_ENCODED_INT_LEN. \n\n This encoding uses the high bit of each byte as a continuation bit\n and the other seven bits as data bits. High-order data bits are\n@@ -85,7 +98,7 @@ encode_int(char *p, svn_filesize_t val)\n svn_filesize_t v;\n unsigned char cont;\n\n- assert(val \u003e= 0);\n+ SVN_ERR_ASSERT_NO_RETURN(val \u003e= 0);\n\n /* Figure out how many bytes we\u0027ll need. */\n v = val \u003e\u003e 7;\n@@ -96,6 +109,8 @@ encode_int(char *p, svn_filesize_t val)\n n++;\n }\n\n+ SVN_ERR_ASSERT_NO_RETURN(n \u003c= MAX_ENCODED_INT_LEN);\n+\n /* Encode the remaining bytes; n is always the number of bytes\n coming after the one we\u0027re encoding. */\n while (--n \u003e= 0)\n@@ -112,7 +127,7 @@ encode_int(char *p, svn_filesize_t val)\n static void\n append_encoded_int(svn_stringbuf_t *header, svn_filesize_t val)\n {\n- char buf[128], *p;\n+ char buf[MAX_ENCODED_INT_LEN], *p;\n\n p = encode_int(buf, val);\n svn_stringbuf_appendbytes(header, buf, p - buf);\n@@ -168,7 +183,7 @@ window_handler(svn_txdelta_window_t *window, void\n svn_stringbuf_t *i1 = svn_stringbuf_create(\"\", pool);\n svn_stringbuf_t *header = svn_stringbuf_create(\"\", pool);\n const svn_string_t *newdata;\n- char ibuf[128], *ip;\n+ char ibuf[MAX_INSTRUCTION_LEN], *ip;\n const svn_txdelta_op_t *op;\n apr_size_t len;\n\n@@ -346,6 +361,8 @@ decode_file_offset(svn_filesize_t *val,\n const unsigned char *p,\n const unsigned char *end)\n {\n+ if (p + MAX_ENCODED_INT_LEN \u003c end)\n+ end = p + MAX_ENCODED_INT_LEN;\n /* Decode bytes until we\u0027re done. */\n *val = 0;\n while (p \u003c end)\n@@ -365,6 +382,8 @@ decode_size(apr_size_t *val,\n const unsigned char *p,\n const unsigned char *end)\n {\n+ if (p + MAX_ENCODED_INT_LEN \u003c end)\n+ end = p + MAX_ENCODED_INT_LEN;\n /* Decode bytes until we\u0027re done. */\n *val = 0;\n while (p \u003c end)\n@@ -382,7 +401,7 @@ decode_size(apr_size_t *val,\n data is not compressed. */\n\n static svn_error_t *\n-zlib_decode(svn_stringbuf_t *in, svn_stringbuf_t *out)\n+zlib_decode(svn_stringbuf_t *in, svn_stringbuf_t *out, apr_size_t limit)\n {\n apr_size_t len;\n char *oldplace = in-\u003edata;\n@@ -390,6 +409,13 @@ static svn_error_t *\n /* First thing in the string is the original length. */\n in-\u003edata = (char *)decode_size(\u0026len, (unsigned char *)in-\u003edata,\n (unsigned char *)in-\u003edata+in-\u003elen);\n+ if (in-\u003edata == NULL)\n+ return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL,\n+ _(\"Decompression of svndiff data failed:\nno size\"));\n+ if (len \u003e limit)\n+ return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL,\n+ _(\"Decompression of svndiff data failed: \"\n+ \"size too large\"));\n /* We need to subtract the size of the encoded original length off the\n * still remaining input length. */\n in-\u003elen -= (in-\u003edata - oldplace);\n@@ -487,10 +513,10 @@ count_and_verify_instructions(int *ninst,\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n _(\"Invalid diff stream: insn %d cannot be decoded\"), n);\n- else if (op.length \u003c= 0)\n+ else if (op.length == 0)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n- _(\"Invalid diff stream: insn %d has non-positive length\"), n);\n+ _(\"Invalid diff stream: insn %d has length zero\"), n);\n else if (op.length \u003e tview_len - tpos)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n@@ -499,7 +525,8 @@ count_and_verify_instructions(int *ninst,\n switch (op.action_code)\n {\n case svn_txdelta_source:\n- if (op.length \u003e sview_len - op.offset)\n+ if (op.length \u003e sview_len - op.offset ||\n+ op.offset \u003e sview_len)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n _(\"Invalid diff stream: \"\n@@ -565,11 +592,11 @@ decode_window(svn_txdelta_window_t *window, svn_fi\n\n instin = svn_stringbuf_ncreate((const char *)data, insend - data, pool);\n instout = svn_stringbuf_create(\"\", pool);\n- SVN_ERR(zlib_decode(instin, instout));\n+ SVN_ERR(zlib_decode(instin, instout, MAX_INSTRUCTION_SECTION_LEN));\n\n ndin = svn_stringbuf_ncreate((const char *)insend, newlen, pool);\n ndout = svn_stringbuf_create(\"\", pool);\n- SVN_ERR(zlib_decode(ndin, ndout));\n+ SVN_ERR(zlib_decode(ndin, ndout, SVN_DELTA_WINDOW_SIZE));\n\n newlen = ndout-\u003elen;\n data = (unsigned char *)instout-\u003edata;\n@@ -685,6 +712,14 @@ write_handler(void *baton,\n if (p == NULL)\n return SVN_NO_ERROR;\n\n+ if (tview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ sview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ /* for svndiff1, newlen includes the original length */\n+ newlen \u003e SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||\n+ inslen \u003e MAX_INSTRUCTION_SECTION_LEN)\n+ return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,\n+ _(\"Svndiff contains a too-large window\"));\n+\n /* Check for integer overflow. */\n if (sview_offset \u003c 0 || inslen + newlen \u003c inslen\n || sview_len + tview_len \u003c sview_len\n@@ -841,6 +876,14 @@ read_window_header(svn_stream_t *stream, svn_files\n SVN_ERR(read_one_size(inslen, stream));\n SVN_ERR(read_one_size(newlen, stream));\n\n+ if (*tview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ *sview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ /* for svndiff1, newlen includes the original length */\n+ *newlen \u003e SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||\n+ *inslen \u003e MAX_INSTRUCTION_SECTION_LEN)\n+ return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,\n+ _(\"Svndiff contains a too-large window\"));\n+\n /* Check for integer overflow. */\n if (*sview_offset \u003c 0 || *inslen + *newlen \u003c *inslen\n || *sview_len + *tview_len \u003c *sview_len\nIndex: subversion/libsvn_delta/text_delta.c\n===================================================================\n--- subversion/libsvn_delta/text_delta.c (revision 38519)\n+++ subversion/libsvn_delta/text_delta.c (working copy)\n@@ -548,7 +548,7 @@ svn_txdelta_target_push(svn_txdelta_window_handler\n /* Functions for applying deltas. */\n\n /* Ensure that BUF has enough space for VIEW_LEN bytes. */\n-static APR_INLINE void\n+static APR_INLINE svn_error_t *\n size_buffer(char **buf, apr_size_t *buf_size,\n apr_size_t view_len, apr_pool_t *pool)\n {\n@@ -557,8 +557,11 @@ size_buffer(char **buf, apr_size_t *buf_size,\n *buf_size *= 2;\n if (*buf_size \u003c view_len)\n *buf_size = view_len;\n+ SVN_ERR_ASSERT(APR_ALIGN_DEFAULT(*buf_size) \u003e= *buf_size);\n *buf = apr_palloc(pool, *buf_size);\n }\n+\n+ return SVN_NO_ERROR;\n }\n\n\n@@ -659,7 +662,7 @@ apply_window(svn_txdelta_window_t *window, void *b\n \u003e= ab-\u003esbuf_offset + ab-\u003esbuf_len)));\n\n /* Make sure there\u0027s enough room in the target buffer. */\n- size_buffer(\u0026ab-\u003etbuf, \u0026ab-\u003etbuf_size, window-\u003etview_len, ab-\u003epool);\n+ SVN_ERR(size_buffer(\u0026ab-\u003etbuf, \u0026ab-\u003etbuf_size, window-\u003etview_len, ab-\u003epool));\n\n /* Prepare the source buffer for reading from the input stream. */\n if (window-\u003esview_offset != ab-\u003esbuf_offset\n@@ -668,7 +671,8 @@ apply_window(svn_txdelta_window_t *window, void *b\n char *old_sbuf = ab-\u003esbuf;\n\n /* Make sure there\u0027s enough room. */\n- size_buffer(\u0026ab-\u003esbuf, \u0026ab-\u003esbuf_size, window-\u003esview_len, ab-\u003epool);\n+ SVN_ERR(size_buffer(\u0026ab-\u003esbuf, \u0026ab-\u003esbuf_size, window-\u003esview_len,\n+ ab-\u003epool));\n\n /* If the existing view overlaps with the new view, copy the\n * overlap to the beginning of the new buffer. */\n]]]\n\n\n This patch applies to Subversion 1.5.x:\n\n[[[\nIndex: subversion/libsvn_delta/svndiff.c\n===================================================================\n--- subversion/libsvn_delta/svndiff.c (revision 38498)\n+++ subversion/libsvn_delta/svndiff.c (working copy)\n@@ -55,10 +55,23 @@ struct encoder_baton {\n apr_pool_t *pool;\n };\n\n+/* This is at least as big as the largest size of an integer that\n+ encode_int can generate; it is sufficient for creating buffers for\n+ it to write into. This assumes that integers are at most 64 bits,\n+ and so 10 bytes (with 7 bits of information each) are sufficient to\n+ represent them. */\n+#define MAX_ENCODED_INT_LEN 10\n+/* This is at least as big as the largest size for a single instruction. */\n+#define MAX_INSTRUCTION_LEN (2*MAX_ENCODED_INT_LEN+1)\n+/* This is at least as big as the largest possible instructions\n+ section: in theory, the instructions could be SVN_DELTA_WINDOW_SIZE\n+ 1-byte copy-from-source instructions (though this is very unlikely). */\n+#define MAX_INSTRUCTION_SECTION_LEN (SVN_DELTA_WINDOW_SIZE*MAX_INSTRUCTION_LEN)\n\n /* Encode VAL into the buffer P using the variable-length svndiff\n integer format. Return the incremented value of P after the\n- encoded bytes have been written. \n+ encoded bytes have been written. P must point to a buffer of size\n+ at least MAX_ENCODED_INT_LEN. \n\n This encoding uses the high bit of each byte as a continuation bit\n and the other seven bits as data bits. High-order data bits are\n@@ -91,6 +104,8 @@ encode_int(char *p, svn_filesize_t val)\n n++;\n }\n\n+ assert(n \u003c= MAX_ENCODED_INT_LEN);\n+\n /* Encode the remaining bytes; n is always the number of bytes\n coming after the one we\u0027re encoding. */\n while (--n \u003e= 0)\n@@ -107,7 +122,7 @@ encode_int(char *p, svn_filesize_t val)\n static void\n append_encoded_int(svn_stringbuf_t *header, svn_filesize_t val)\n {\n- char buf[128], *p;\n+ char buf[MAX_ENCODED_INT_LEN], *p;\n\n p = encode_int(buf, val);\n svn_stringbuf_appendbytes(header, buf, p - buf);\n@@ -163,7 +178,7 @@ window_handler(svn_txdelta_window_t *window, void\n svn_stringbuf_t *i1 = svn_stringbuf_create(\"\", pool);\n svn_stringbuf_t *header = svn_stringbuf_create(\"\", pool);\n const svn_string_t *newdata;\n- char ibuf[128], *ip;\n+ char ibuf[MAX_INSTRUCTION_LEN], *ip;\n const svn_txdelta_op_t *op;\n apr_size_t len;\n\n@@ -341,6 +356,8 @@ decode_file_offset(svn_filesize_t *val,\n const unsigned char *p,\n const unsigned char *end)\n {\n+ if (p + MAX_ENCODED_INT_LEN \u003c end)\n+ end = p + MAX_ENCODED_INT_LEN;\n /* Decode bytes until we\u0027re done. */\n *val = 0;\n while (p \u003c end)\n@@ -360,6 +377,8 @@ decode_size(apr_size_t *val,\n const unsigned char *p,\n const unsigned char *end)\n {\n+ if (p + MAX_ENCODED_INT_LEN \u003c end)\n+ end = p + MAX_ENCODED_INT_LEN;\n /* Decode bytes until we\u0027re done. */\n *val = 0;\n while (p \u003c end)\n@@ -377,7 +396,7 @@ decode_size(apr_size_t *val,\n data is not compressed. */\n\n static svn_error_t *\n-zlib_decode(svn_stringbuf_t *in, svn_stringbuf_t *out)\n+zlib_decode(svn_stringbuf_t *in, svn_stringbuf_t *out, apr_size_t limit)\n {\n apr_size_t len;\n char *oldplace = in-\u003edata;\n@@ -385,6 +404,13 @@ static svn_error_t *\n /* First thing in the string is the original length. */\n in-\u003edata = (char *)decode_size(\u0026len, (unsigned char *)in-\u003edata,\n (unsigned char *)in-\u003edata+in-\u003elen);\n+ if (in-\u003edata == NULL)\n+ return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL,\n+ _(\"Decompression of svndiff data failed:\nno size\"));\n+ if (len \u003e limit)\n+ return svn_error_create(SVN_ERR_SVNDIFF_INVALID_COMPRESSED_DATA, NULL,\n+ _(\"Decompression of svndiff data failed: \"\n+ \"size too large\"));\n /* We need to subtract the size of the encoded original length off the\n * still remaining input length. */\n in-\u003elen -= (in-\u003edata - oldplace);\n@@ -482,10 +508,10 @@ count_and_verify_instructions(int *ninst,\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n _(\"Invalid diff stream: insn %d cannot be decoded\"), n);\n- else if (op.length \u003c= 0)\n+ else if (op.length == 0)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n- _(\"Invalid diff stream: insn %d has non-positive length\"), n);\n+ _(\"Invalid diff stream: insn %d has length zero\"), n);\n else if (op.length \u003e tview_len - tpos)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n@@ -494,7 +520,8 @@ count_and_verify_instructions(int *ninst,\n switch (op.action_code)\n {\n case svn_txdelta_source:\n- if (op.length \u003e sview_len - op.offset)\n+ if (op.length \u003e sview_len - op.offset ||\n+ op.offset \u003e sview_len)\n return svn_error_createf\n (SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n _(\"Invalid diff stream: \"\n@@ -560,11 +587,11 @@ decode_window(svn_txdelta_window_t *window, svn_fi\n\n instin = svn_stringbuf_ncreate((const char *)data, insend - data, pool);\n instout = svn_stringbuf_create(\"\", pool);\n- SVN_ERR(zlib_decode(instin, instout));\n+ SVN_ERR(zlib_decode(instin, instout, MAX_INSTRUCTION_SECTION_LEN));\n\n ndin = svn_stringbuf_ncreate((const char *)insend, newlen, pool);\n ndout = svn_stringbuf_create(\"\", pool);\n- SVN_ERR(zlib_decode(ndin, ndout));\n+ SVN_ERR(zlib_decode(ndin, ndout, SVN_DELTA_WINDOW_SIZE));\n\n newlen = ndout-\u003elen;\n data = (unsigned char *)instout-\u003edata;\n@@ -680,6 +707,14 @@ write_handler(void *baton,\n if (p == NULL)\n return SVN_NO_ERROR;\n\n+ if (tview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ sview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ /* for svndiff1, newlen includes the original length */\n+ newlen \u003e SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||\n+ inslen \u003e MAX_INSTRUCTION_SECTION_LEN)\n+ return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,\n+ _(\"Svndiff contains a too-large window\"));\n+\n /* Check for integer overflow. */\n if (sview_offset \u003c 0 || inslen + newlen \u003c inslen\n || sview_len + tview_len \u003c sview_len\n@@ -836,6 +871,14 @@ read_window_header(svn_stream_t *stream, svn_files\n SVN_ERR(read_one_size(inslen, stream));\n SVN_ERR(read_one_size(newlen, stream));\n\n+ if (*tview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ *sview_len \u003e SVN_DELTA_WINDOW_SIZE ||\n+ /* for svndiff1, newlen includes the original length */\n+ *newlen \u003e SVN_DELTA_WINDOW_SIZE + MAX_ENCODED_INT_LEN ||\n+ *inslen \u003e MAX_INSTRUCTION_SECTION_LEN)\n+ return svn_error_create(SVN_ERR_SVNDIFF_CORRUPT_WINDOW, NULL,\n+ _(\"Svndiff contains a too-large window\"));\n+\n /* Check for integer overflow. */\n if (*sview_offset \u003c 0 || *inslen + *newlen \u003c *inslen\n || *sview_len + *tview_len \u003c *sview_len\nIndex: subversion/libsvn_delta/text_delta.c\n===================================================================\n--- subversion/libsvn_delta/text_delta.c (revision 38498)\n+++ subversion/libsvn_delta/text_delta.c (working copy)\n@@ -498,7 +498,7 @@ svn_txdelta_target_push(svn_txdelta_window_handler\n /* Functions for applying deltas. */\n\n /* Ensure that BUF has enough space for VIEW_LEN bytes. */\n-static APR_INLINE void\n+static APR_INLINE svn_error_t *\n size_buffer(char **buf, apr_size_t *buf_size,\n apr_size_t view_len, apr_pool_t *pool)\n {\n@@ -507,8 +507,13 @@ size_buffer(char **buf, apr_size_t *buf_size,\n *buf_size *= 2;\n if (*buf_size \u003c view_len)\n *buf_size = view_len;\n+ if (APR_ALIGN_DEFAULT(*buf_size) \u003c *buf_size)\n+ return svn_error_create(SVN_ERR_SVNDIFF_INVALID_OPS, NULL,\n+ \"Diff stream resulted in invalid\nbuffer size.\");\n *buf = apr_palloc(pool, *buf_size);\n }\n+\n+ return SVN_NO_ERROR;\n }\n\n\n@@ -609,7 +614,7 @@ apply_window(svn_txdelta_window_t *window, void *b\n \u003e= ab-\u003esbuf_offset + ab-\u003esbuf_len)));\n\n /* Make sure there\u0027s enough room in the target buffer. */\n- size_buffer(\u0026ab-\u003etbuf, \u0026ab-\u003etbuf_size, window-\u003etview_len, ab-\u003epool);\n+ SVN_ERR(size_buffer(\u0026ab-\u003etbuf, \u0026ab-\u003etbuf_size, window-\u003etview_len, ab-\u003epool));\n\n /* Prepare the source buffer for reading from the input stream. */\n if (window-\u003esview_offset != ab-\u003esbuf_offset\n@@ -618,7 +623,8 @@ apply_window(svn_txdelta_window_t *window, void *b\n char *old_sbuf = ab-\u003esbuf;\n\n /* Make sure there\u0027s enough room. */\n- size_buffer(\u0026ab-\u003esbuf, \u0026ab-\u003esbuf_size, window-\u003esview_len, ab-\u003epool);\n+ SVN_ERR(size_buffer(\u0026ab-\u003esbuf, \u0026ab-\u003esbuf_size, window-\u003esview_len,\n+ ab-\u003epool));\n\n /* If the existing view overlaps with the new view, copy the\n * overlap to the beginning of the new buffer. */\n]]]\n. The Apache Portable Runtime\nUtility Library (aka APR-Util) provides an interface to functionality\nsuch as XML parsing, string matching and databases connections. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/apr \u003c 1.3.8 \u003e= 1.3.8\n 2 dev-libs/apr-util \u003c 1.3.9 \u003e= 1.3.9\n -------------------------------------------------------------------\n 2 affected packages on all of their supported architectures. \n -------------------------------------------------------------------\n\nDescription\n===========\n\nMatt Lewis reported multiple Integer overflows in the apr_rmm_malloc(),\napr_rmm_calloc(), and apr_rmm_realloc() functions in misc/apr_rmm.c of\nAPR-Util and in memory/unix/apr_pools.c of APR, both occurring when\naligning memory blocks. \n\nImpact\n======\n\nA remote attacker could entice a user to connect to a malicious server\nwith software that uses the APR or act as a malicious client to a\nserver that uses the APR (such as Subversion or Apache servers),\npossibly resulting in the execution of arbitrary code with the\nprivileges of the user running the application. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache Portable Runtime users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =dev-libs/apr-1.3.8\n\nAll APR Utility Library users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose =dev-libs/apr-util-1.3.9\n\nReferences\n==========\n\n [ 1 ] CVE-2009-2412\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200909-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ===========================================================\nUbuntu Security Notice USN-813-2 August 08, 2009\napache2 vulnerability\nCVE-2009-2412\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libapr0 2.0.55-4ubuntu2.7\n\nAfter a standard system upgrade you need to restart any applications using\napr, such as Subversion and Apache, to effect the necessary changes. \n\nDetails follow:\n\nUSN-813-1 fixed vulnerabilities in apr. This update provides the\ncorresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.diff.gz\n Size/MD5: 126010 68da83341313e1b166fe345138d1eaa5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.dsc\n Size/MD5: 1156 0b17c48d0880ab82c769c41d1aff7002\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.7_all.deb\n Size/MD5: 2125530 9356b79c2b1591ffec1a6cd1974f82fd\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 833902 08b8aaf66aa52e6fd9dbed1647bb5dd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 229124 400d32297652e4976456cb7b367cc435\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 224122 07be7749fd618703c9f093efeb5e6fad\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 228700 9c79315063121eb7017cd99c6bb4667c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 172244 e15a994901f09e6e8294d656b8a8254c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 173028 985f0a987b0e5e17b24fdd6f8475781a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 95066 2b836251f30a5c3d0cb24c2775a9b997\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 37096 2756f162320b3b183c7447dad130cff9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 286664 f46d70c05cba04ceaba7d62afe5ac5be\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_amd64.deb\n Size/MD5: 145234 e1c285b96d1ee5e8a66d01eadcc289c6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 787150 ab3e75481087dc0148ca3ccc450a1ab1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 203722 e10938af36f0e1802fbd3b0946ae6e3c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 199634 7ee8d5ba9679c8c7dd78c95b5fb74046\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 203146 5456087e20afd24d2a27d648fafeb135\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 172228 98a58d9526a667a05573e9b26fcfd45b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 173020 1db636c0e79b0ea3c405da958c35c932\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 92998 737aee7a7026d4d9b33a0f71b44e0b19\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 37098 15db8827569af434025942a84e77b381\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 262652 93f2171d69072153264cab51860f781c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_i386.deb\n Size/MD5: 133118 cac6f1c804a1e34bf4250be4d8670862\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 859954 558399d0c5fb22cee0cdc1b20d4d7586\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 221090 94c5789d3d06b3553d883eca45ab06b7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 216702 68edfa60eb9de377b20be68e10bd879a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 220634 8f103f83772eb2e52cd38bb0fb1efbec\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 172234 559b5683e44f424324d43b09f42c63f6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 173014 7c05a2f5fe626036ebaa271cece0cd09\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 104772 63a31e0f30472ebc19a79744b1b1fe03\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 37098 c00f5d32432f97ac992652ac1bbb7259\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 282244 1a2c7d7038b335ae2ab6ff68d06a380f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_powerpc.deb\n Size/MD5: 142328 169a4ce5fc42eb789c76f46acb07aa00\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 804250 3a780a65322c539717e93a64792acc16\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 211276 e1f45226511664f1759a6ad75aff6155\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 206948 19e2792273d8a4935ef6fcc6ee369326\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 210556 e62136b10dca8c665defa2cc54640e64\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 172232 6e2213cb4b6a5dec1506fe01ce5cc028\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 173010 9603ee752f034d04fd349db168fbe2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 94084 c6f6315ff2e1865f409ae49d54e3a233\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 37102 fdb3a44756f9d6e8d36c1b2558420d57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 268648 03fbe81b3cc1f0ac17961fc5c58a3f5f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_sparc.deb\n Size/MD5: 131056 8707670bfb577280d9b5d0689c51608c\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2412"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "BID",
"id": "35949"
},
{
"db": "PACKETSTORM",
"id": "80092"
},
{
"db": "PACKETSTORM",
"id": "80246"
},
{
"db": "PACKETSTORM",
"id": "80232"
},
{
"db": "PACKETSTORM",
"id": "81085"
},
{
"db": "PACKETSTORM",
"id": "80227"
},
{
"db": "PACKETSTORM",
"id": "80226"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2412",
"trust": 3.3
},
{
"db": "BID",
"id": "35949",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "56765",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "56766",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "36138",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "36140",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "37152",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "37221",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "36233",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "36166",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-3184",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2010-1107",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "80092",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80246",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80232",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80227",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80226",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "35949"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "PACKETSTORM",
"id": "80092"
},
{
"db": "PACKETSTORM",
"id": "80246"
},
{
"db": "PACKETSTORM",
"id": "80232"
},
{
"db": "PACKETSTORM",
"id": "81085"
},
{
"db": "PACKETSTORM",
"id": "80227"
},
{
"db": "PACKETSTORM",
"id": "80226"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"id": "VAR-200908-0708",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16451614
},
"last_update_date": "2024-07-23T20:50:52.900000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 2.0.64",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.64"
},
{
"title": "Apache 2.2.13 Released",
"trust": 0.8,
"url": "http://httpd.apache.org/#2.2.13"
},
{
"title": "1.3.x/CHANGES",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/changes?revision=800735\u0026view=markup"
},
{
"title": "0.9.x/CHANGES",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/changes?revision=800736\u0026view=markup"
},
{
"title": "HT3937",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3937"
},
{
"title": "HT3937",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3937?viewlocale=ja_jp"
},
{
"title": "apr-1.2.7-11AXS3.1",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=730"
},
{
"title": "apr-util-1.2.7-7AXS3.2",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=731"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61029"
},
{
"title": "7014506",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014506#7007"
},
{
"title": "7014463",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7007"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007033#60239"
},
{
"title": "7006876",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876##60239"
},
{
"title": "PM10658",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
},
{
"title": "7007951",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951#61029"
},
{
"title": "PK93225",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk93225\u0026loc=en_us"
},
{
"title": "1761",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1761"
},
{
"title": "1768",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1768"
},
{
"title": "1769",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1769"
},
{
"title": "RHSA-2009:1204",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1204.html"
},
{
"title": "RHSA-2009:1205",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1205.html"
},
{
"title": "cve_2010_0740_record_of",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/cve_2010_0740_record_of"
},
{
"title": "readme_imss71_lin_criticalpatch_b12531",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/lin/71/readme_imss71_lin_criticalpatch_b12531.txt"
},
{
"title": "readme_imss70_lin_criticalpatch_b33791",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/lin/70/readme_imss70_lin_criticalpatch_b33791.txt"
},
{
"title": "readme_imss70_sol_criticalpatch_b81651",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/sol/70/readme_imss70_sol_criticalpatch_b81651.txt"
},
{
"title": "readme_imss70_win_criticalpatch_b63681",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/imss/win/70/readme_imss70_win_criticalpatch_b63681.txt"
},
{
"title": "TLSA-2010-30",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2010/tlsa-2010-30j.txt"
},
{
"title": "JP-2076110",
"trust": 0.8,
"url": "http://esupport.trendmicro.co.jp/pages/jp-2076110.aspx"
},
{
"title": "RHSA-2009:1205",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1205j.html"
},
{
"title": "RHSA-2009:1204",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1204j.html"
},
{
"title": "interstage_as_201103",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201103.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://osvdb.org/56766"
},
{
"trust": 2.4,
"url": "http://osvdb.org/56765"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/36140"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/36138"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/35949"
},
{
"trust": 1.9,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/changes?revision=800736\u0026view=markup"
},
{
"trust": 1.9,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/changes?revision=800735\u0026view=markup"
},
{
"trust": 1.9,
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/changes?revision=800733\u0026view=markup"
},
{
"trust": 1.9,
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/changes?revision=800732\u0026view=markup"
},
{
"trust": 1.9,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk93225"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/0.9.x/misc/apr_rmm.c?r1=230441\u0026r2=800736"
},
{
"trust": 1.6,
"url": "http://support.apple.com/kb/ht3937"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk99482"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/37152"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-813-2"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/37221"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/memory/unix/apr_pools.c?r1=585356\u0026r2=800733"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9958"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/misc/apr_rmm.c?r1=647687\u0026r2=800735"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36166"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"trust": 1.6,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-august/msg00353.html"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8394"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36233"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:195"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/archives/security-announce/2009/nov/msg00000.html"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/memory/unix/apr_pools.c?r1=678140\u0026r2=800732"
},
{
"trust": 1.6,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-august/msg00320.html"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2412"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2412"
},
{
"trust": 0.6,
"url": "http://blogs.sun.com/security/entry/cve_2010_0740_record_of"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2412"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2009:1204"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2009:1205"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2009-2412"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2009:1462"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0602"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs."
},
{
"trust": 0.3,
"url": "http://www.mail-archive.com/dev@httpd.apache.org/msg44737.html"
},
{
"trust": 0.3,
"url": "http://apr.apache.org/"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.13"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96157"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
},
{
"trust": 0.3,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201103e.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2009-1204.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2009-1462.html"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa61\u0026actp=list"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.dsc"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7-9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.12-5+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/apr_1.2.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.12+dfsg-8+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.7+dfsg-2+etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.12-5+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.7+dfsg-2+etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-8+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.12-5+lenny1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1_1.2.7-9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.12-5+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dbg_1.2.7-9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-8+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1-dbg_1.2.7+dfsg-2+etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/apr-util_1.2.7+dfsg-2+etch3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr/libapr1-dev_1.2.7-9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/a/apr-util/libaprutil1_1.2.12+dfsg-8+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://www.apache.org/dist/apr/patches/\u003e."
},
{
"trust": 0.1,
"url": "http://subversion.tigris.org/project_packages.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2411"
},
{
"trust": 0.1,
"url": "http://subversion.tigris.org/security/cve-2009-2411-advisory.txt)"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200909-03.xml"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.7_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.7_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.7_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.7_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.7_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.12-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-4ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-5ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.12-4ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.12-5ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.11-1ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.12-4ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-5ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-4ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.12-4ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.11-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.11-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.11-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.11-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.11-1ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.12-4ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-5ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-5ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.12-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.11-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-4ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.11-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-4ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-4ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.12-4ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-4ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.11-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.12-4ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.11-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.11-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-5ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.11-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1_1.2.12-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.12-4ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dbg_1.2.12-4ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.12.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-5ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.11-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.11-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.12-4ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-4ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.11-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.11-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1_1.2.12-4ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.12-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/apr/libapr1-dev_1.2.12-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.12-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dbg_1.2.11-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/libapr1-dev_1.2.12-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apr/apr_1.2.12-5ubuntu0.1.dsc"
}
],
"sources": [
{
"db": "BID",
"id": "35949"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "PACKETSTORM",
"id": "80092"
},
{
"db": "PACKETSTORM",
"id": "80246"
},
{
"db": "PACKETSTORM",
"id": "80232"
},
{
"db": "PACKETSTORM",
"id": "81085"
},
{
"db": "PACKETSTORM",
"id": "80227"
},
{
"db": "PACKETSTORM",
"id": "80226"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "35949"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"db": "PACKETSTORM",
"id": "80092"
},
{
"db": "PACKETSTORM",
"id": "80246"
},
{
"db": "PACKETSTORM",
"id": "80232"
},
{
"db": "PACKETSTORM",
"id": "81085"
},
{
"db": "PACKETSTORM",
"id": "80227"
},
{
"db": "PACKETSTORM",
"id": "80226"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-05T00:00:00",
"db": "BID",
"id": "35949"
},
{
"date": "2009-09-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"date": "2009-08-06T17:50:34",
"db": "PACKETSTORM",
"id": "80092"
},
{
"date": "2009-08-11T01:57:48",
"db": "PACKETSTORM",
"id": "80246"
},
{
"date": "2009-08-11T01:34:56",
"db": "PACKETSTORM",
"id": "80232"
},
{
"date": "2009-09-10T00:41:18",
"db": "PACKETSTORM",
"id": "81085"
},
{
"date": "2009-08-11T01:24:32",
"db": "PACKETSTORM",
"id": "80227"
},
{
"date": "2009-08-11T01:05:43",
"db": "PACKETSTORM",
"id": "80226"
},
{
"date": "2009-08-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"date": "2009-08-06T15:30:00.280000",
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T21:40:00",
"db": "BID",
"id": "35949"
},
{
"date": "2011-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002016"
},
{
"date": "2023-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-530"
},
{
"date": "2023-11-07T02:04:07.420000",
"db": "NVD",
"id": "CVE-2009-2412"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81085"
},
{
"db": "PACKETSTORM",
"id": "80227"
},
{
"db": "PACKETSTORM",
"id": "80226"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "APR Library and APR-util Integer overflow vulnerability in the library",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002016"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-530"
}
],
"trust": 0.6
}
}
VAR-200706-0666
Vulnerability from variot - Updated: 2024-07-23 20:50Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Hitachi Web Server Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA27421
VERIFY ADVISORY: http://secunia.com/advisories/27421/
CRITICAL: Less critical
IMPACT: Security Bypass, Cross Site Scripting
WHERE:
From remote
SOFTWARE: uCosminexus Application Server http://secunia.com/product/13819/ Hitachi Web Server 3.x http://secunia.com/product/13335/ Hitachi Web Server 2.x http://secunia.com/product/13334/ Hitachi Web Server 1.x http://secunia.com/product/13333/
DESCRIPTION: Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks.
1) An error exists within the handling of SSL requests. This can be exploited to trick a vulnerable server into accepting a forged signature.
2) An error exists in the Hitachi Web Server when generating server-status pages for potentially malicious scripts .
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. The update is available on https://www.hp.com/go/softwaredepot/ Note: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.5"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.37 and earlier"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)5.0"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)4.2"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.3"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"model": "http server unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.58"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "software foundation apache 2.3.38-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.6",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.61",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.39",
"versionStartIncluding": "1.3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Esser\u203b s.esser@ematters.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
},
"cve": "CVE-2006-5752",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-5752",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-5752",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Web Server Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA27421\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27421/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nuCosminexus Application Server\nhttp://secunia.com/product/13819/\nHitachi Web Server 3.x\nhttp://secunia.com/product/13335/\nHitachi Web Server 2.x\nhttp://secunia.com/product/13334/\nHitachi Web Server 1.x\nhttp://secunia.com/product/13333/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in the Hitachi Web Server,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions or conduct cross-site scripting attacks. \n\n1) An error exists within the handling of SSL requests. This can be\nexploited to trick a vulnerable server into accepting a forged\nsignature. \n\n2) An error exists in the Hitachi Web Server when generating\nserver-status pages for potentially malicious scripts . \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \nThe update is available on https://www.hp.com/go/softwaredepot/ \nNote: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-5752",
"trust": 3.5
},
{
"db": "BID",
"id": "24645",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "26458",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4305",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28212",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28224",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25873",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25827",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37052",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018302",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "27421",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-035",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60585",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"id": "VAR-200706-0666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15801565
},
"last_update_date": "2024-07-23T20:50:38.808000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "httpd (V4.0)",
"trust": 1.6,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1073"
},
{
"title": "Fixed in Apache httpd 1.3.39-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.39-dev"
},
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Revision 549159",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=549159"
},
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs07-035/index.html"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02262.html"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk55141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK49295",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49295"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1078"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "245112",
"trust": 0.8,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "103179",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/tlsa-2007-41.txt"
},
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs07-035/index.html"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0532j.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0556j.html"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0533j.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2007-0534j.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/tlsa-2007-41j.txt"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-499-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2006-5752 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/24645"
},
{
"trust": 2.0,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=549159"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0532.html"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1500"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk49295\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:141"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:142"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018302"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25827"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25873"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26458"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28212"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28224"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4305"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37052"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35097"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10154"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 1.1,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5752"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/26458/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-012.htm"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.6"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49295"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/499-1/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13335/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-034_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27421/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13333/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13819/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-035_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13334/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-27T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"date": "2007-06-26T00:00:00",
"db": "BID",
"id": "24645"
},
{
"date": "2007-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"date": "2007-07-07T04:30:58",
"db": "PACKETSTORM",
"id": "57506"
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505"
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2007-11-01T02:12:35",
"db": "PACKETSTORM",
"id": "60585"
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939"
},
{
"date": "2007-07-07T04:32:02",
"db": "PACKETSTORM",
"id": "57507"
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667"
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"date": "2007-06-27T17:30:00",
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24645"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-491"
},
{
"date": "2023-11-07T01:59:40.033000",
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_status Module cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-491"
}
],
"trust": 0.6
}
}
VAR-201112-0123
Vulnerability from variot - Updated: 2024-07-23 20:42Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Oracle GlassFish Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. Oracle GlassFish Server 3.1.1 and prior versions are vulnerable. Content-Disposition: inline
==========================================================================Ubuntu Security Notice USN-1373-1 February 24, 2012
openjdk-6 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Multiple OpenJDK 6 vulnerabilities have been fixed.
Software Description: - openjdk-6: Open Source Java implementation
Details:
It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. (CVE-2011-5035)
ATTENTION: this update changes previous Java HttpServer class behavior by limiting the number of request headers to 200. This may be increased by adjusting the sun.net.httpserver.maxReqHeaders property.
It was discovered that the Java Sound component did not properly check buffer boundaries. A remote attacker could use this to cause a denial of service or view confidential data. (CVE-2011-3563)
It was discovered that the Java2D implementation does not properly check graphics rendering objects before passing them to the native renderer. A remote attacker could use this to cause a denial of service or to bypass Java sandbox restrictions. (CVE-2012-0497)
It was discovered that an off-by-one error exists in the Java ZIP file processing code. An attacker could us this to cause a denial of service through a maliciously crafted ZIP file. (CVE-2012-0501)
It was discovered that the Java AWT KeyboardFocusManager did not properly enforce keyboard focus security policy. A remote attacker could use this with an untrusted application or applet to grab keyboard focus and possibly expose confidential data. (CVE-2012-0502)
It was discovered that the Java TimeZone class did not properly enforce security policy around setting the default time zone. A remote attacker could use this with an untrusted application or applet to set a new default time zone and bypass Java sandbox restrictions. (CVE-2012-0503)
It was discovered the Java ObjectStreamClass did not throw an accurately identifiable exception when a deserialization failure occurred. A remote attacker could use this with an untrusted application or applet to bypass Java sandbox restrictions. (CVE-2012-0505)
It was discovered that the Java CORBA implementation did not properly protect repository identifiers on certain CORBA objects. A remote attacker could use this to corrupt object data. (CVE-2012-0506)
It was discovered that the Java AtomicReferenceArray class implementation did not properly check if an array was of the expected Object[] type. A remote attacker could use this with a malicious application or applet to bypass Java sandbox restrictions. (CVE-2012-0507)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10.2 icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10.2 openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10.2
Ubuntu 11.04: icedtea-6-jre-cacao 6b22-1.10.6-0ubuntu1 icedtea-6-jre-jamvm 6b22-1.10.6-0ubuntu1 openjdk-6-jre 6b22-1.10.6-0ubuntu1 openjdk-6-jre-headless 6b22-1.10.6-0ubuntu1 openjdk-6-jre-lib 6b22-1.10.6-0ubuntu1 openjdk-6-jre-zero 6b22-1.10.6-0ubuntu1
Ubuntu 10.10: icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.10.1 openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.10.1
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.04.1 openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.04.1
After a standard system update you need to restart any Java applications or applets to make all the necessary changes.
Release Date: 2012-03-26 Last Updated: 2012-04-02
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.13 or earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0507 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrades to resolve these vulnerabilities. The upgrades are available from the following location
http://www.hp.com/go/java
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.14 or subsequent
MANUAL ACTIONS: Yes - Update For Java v6.0.13 and earlier, update to Java v6.0.14 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 =========== Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W action: install revision 1.6.0.14.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 27 March 2012 Initial release Version:2 (rev.2) 2 April 2012 corrected CVE-2012-0507 score
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
Background
IcedTea is a distribution of the Java OpenJDK source code built with free build tools.
CVE-2011-3377 The Iced Tea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix with the required domain name. This could lead to JVM crash or Java sandbox bypass.
CVE-2012-0505 The Java serialization code leaked references to serialization exceptions, possibly leaking critical objects to untrusted code in Java applets and applications. This could have been used to perform modification of the data that should have been immutable.
For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 6b24-1.11.1-1.
We recommend that you upgrade your openjdk-6 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30
http://security.gentoo.org/
Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30
Synopsis
Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages
Description
Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.
Impact
An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically.
References
[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Oracle Multiple Products Web Form Hash Collision Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA47819
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47819/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47819
RELEASE DATE: 2012-02-01
DISCUSS ADVISORY: http://secunia.com/advisories/47819/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47819/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47819
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in multiple Oracle products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within a hash generation function when hashing form posts and updating a hash table.
The vulnerability is reported in the following products: * Oracle Application Server 10g Release 3 version 10.1.3.5.0. * Oracle iPlanet Web Server 7.0. * Oracle iPlanet Web Server (formerly Oracle Java System Web Server) 6.1.
SOLUTION: Apply patch.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2012:0139-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0139.html Issue date: 2012-02-16 CVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 =====================================================================
- Summary:
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- Description:
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)
All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 31 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
- Bugs fixed (http://bugzilla.redhat.com/):
788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960) 788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283) 788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687) 788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299) 789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367) 789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683) 789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700) 789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704) 790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D) 790724 - CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)
- Package List:
Red Hat Enterprise Linux AS version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Desktop version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4 Extras:
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-3563.html https://www.redhat.com/security/data/cve/CVE-2011-3571.html https://www.redhat.com/security/data/cve/CVE-2011-5035.html https://www.redhat.com/security/data/cve/CVE-2012-0498.html https://www.redhat.com/security/data/cve/CVE-2012-0499.html https://www.redhat.com/security/data/cve/CVE-2012-0500.html https://www.redhat.com/security/data/cve/CVE-2012-0501.html https://www.redhat.com/security/data/cve/CVE-2012-0502.html https://www.redhat.com/security/data/cve/CVE-2012-0503.html https://www.redhat.com/security/data/cve/CVE-2012-0505.html https://www.redhat.com/security/data/cve/CVE-2012-0506.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPPVa5XlSAg2UNWIIRAn6xAJ932rg7KVwp+jyL7jwxMvOiZHAqtQCgmt4n dZEXYZPhMUvix7Sd5jUeKng= =Czkl -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0123",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "glassfish server",
"scope": "eq",
"trust": 2.7,
"vendor": "oracle",
"version": "3.0.1"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 2.7,
"vendor": "oracle",
"version": "2.1.1"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 1.7,
"vendor": "oracle",
"version": "3.1.1"
},
{
"model": "communications server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "10.3.4"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "9.2.4"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "10.0.2"
},
{
"model": "glassfish server",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "3.1.1"
},
{
"model": "jre 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 20",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 18",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 03",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 17",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.7.0 2",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 14",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 25",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 27",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 30",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.7"
},
{
"model": "jre 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 01",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 19",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 15",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 28",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 23",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 11",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 02",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 26",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 1.6.0 21",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.9,
"vendor": "oracle",
"version": "1.7"
},
{
"model": "jdk 1.6.0 22",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 1.6.0 24",
"scope": null,
"trust": 0.9,
"vendor": "oracle",
"version": null
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apache tomcat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ruby",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the php group",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.3"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "6.1"
},
{
"model": "application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10g r3 (10.1.3.5.0)"
},
{
"model": "iplanet web server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "jrockit",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "27.7.1"
},
{
"model": "jrockit",
"scope": "lte",
"trust": 0.8,
"vendor": "oracle",
"version": "28.2.2"
},
{
"model": "sun java system application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.1"
},
{
"model": "sun java system application server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8.2"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11gr1 (10.3.3"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10.3.5)"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "12cr1 (12.1.1)"
},
{
"model": "hp xp p9000 performance advisor software",
"scope": "lte",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "5.4.1"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- standard edition version 4"
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web edition version 4"
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "hirdb for java /xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "developer\u0027s kit for java",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "processing kit for xml",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "smart edition"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard-r"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "for plug-in"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus operator",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus portal framework",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "entry set"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform - messaging"
},
{
"model": "internet navigware server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application development cycle manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "none"
},
{
"model": "interstage application server",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "plus developer / apworks / studio"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage form coordinator workflow",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage list manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage list works",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage service integrator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage shunsaku data manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage xml business activity recorder",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "serverview",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "resource orchestrator cloud edition"
},
{
"model": "success server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker availability view",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker desktop inspection",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker it change manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker it process master",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker operation manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker runbook automation",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service catalog manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker service quality coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker software configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "jdk 01-b06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.6"
},
{
"model": "jre 1.6.0 2",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jdk 1.6.0 01",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "jre 1.6.0 20",
"scope": null,
"trust": 0.6,
"vendor": "sun",
"version": null
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.5.0"
},
{
"model": "jrockit r28.2.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "java se sr8 fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "jrockit r27.6.0-50",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.5.015"
},
{
"model": "processing kit for xml",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "nonstop server h06.16.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.19.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "jdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6"
},
{
"model": "cosminexus studio web edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "nonstop server j06.08.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.15.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.06"
},
{
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "java ibm 64-bit sdk for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "nonstop server j06.06.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk and jre",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "nonstop server j06.14",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "jrockit r27.6.2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "jrockit r27.6.5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "ucosminexus application server standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.8"
},
{
"model": "nonstop server j06.09.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.26",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "nonstop server j06.04.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "nonstop server j06.13",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux enterprise server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "nonstop server j06.09.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "iplanet web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "ucosminexus operator",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0.0.52"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "java system application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.2"
},
{
"model": "cosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "nonstop server h06.18.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server j06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.22.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.014"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "nonstop server j06.12.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "jrockit r27.6.9",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "nonstop server j06.05.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.011"
},
{
"model": "nonstop server j06.08.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server j06.09.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jrockit r27.6.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "nonstop server j06.16",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus client for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "java se sr6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "nonstop server j6.0.14.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"model": "enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "jrockit r27.1.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "010"
},
{
"model": "enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.0"
},
{
"model": "ucosminexus service architect",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "jrockit r28.1.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ucosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "ucosminexus service platform messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "nonstop server j06.07.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "nonstop server j06.09.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "jrockit r28.0.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "nonstop server j06.10.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "jrockit r27.6.6",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "nonstop server j06.06.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.012"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "nonstop server h06.24.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "jrockit r27.6.8",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "nonstop server h06.25",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "messaging storage server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.04"
},
{
"model": "ucosminexus application server light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "nonstop server h06.15.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "jrockit r27.7.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "cosminexus studio",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "java se sr9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "jrockit r28.1.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "nonstop server j06.07.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux enterprise server for vmware sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "xp p9000 performance advisor",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "5.5.1"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.010"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.013"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "jrockit r27.6.4",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "nonstop server j06.08.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server j06.08.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "messaging storage server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.015"
},
{
"model": "nonstop server h06.15.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.24",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.018"
},
{
"model": "cosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.019"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "nonstop server h06.16.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus developer professional for plug-in",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "nonstop server h06.18.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.20.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "java ibm 31-bit sdk for z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "nonstop server j06.13.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "nonstop server h06.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "nonstop server h06.19.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java se sr7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "communication manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "nonstop server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6"
},
{
"model": "jrockit r28.0.1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "call management system r",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "glassfish server ur1 po1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.3"
},
{
"model": "nonstop server h06.22.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "jrockit r28.1.3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "weblogic server 11gr1",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.020"
},
{
"model": "iplanet webserver",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "cosminexus studio standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "-0"
},
{
"model": "nonstop server h06.19.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.03"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "2.1"
},
{
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.05"
},
{
"model": "linux enterprise sdk sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.1"
},
{
"model": "nonstop server j06.11.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java se sr9-fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "virtual desktop infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2"
},
{
"model": "nonstop server j06.15",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2011"
},
{
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "glassfish server ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0"
},
{
"model": "ucosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "ucosminexus developer standard",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "nonstop server h06.21.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jrockit r27.6.7",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "nonstop server h06.20.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "rational synergy",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.3"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "jrockit r27.6.0",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus application server enterprise )",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "09-80"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "cosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "glassfish server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "nonstop server j06.05.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "application server 10g r3",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "nonstop server j06.07.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "java system application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "nonstop server h06.21.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "nonstop server h06.19.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux enterprise java sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.10"
},
{
"model": "xp p9000 performance advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4.1"
},
{
"model": "ucosminexus application server smart edition",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "nonstop server j06.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.26.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "cosminexus developer professional",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.021"
},
{
"model": "jdk and jre",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.0.1"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "nonstop server j06.04.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "java se sr5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "nonstop server j06.04.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "nonstop server j06.06.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus primary server base",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.016"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "nonstop server h06.21.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java se",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.07"
},
{
"model": "nonstop server j06.06.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.17.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "call management system r",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "network node manager i",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "jdk 1.6.0 01-b06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cosminexus developer light",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.2"
},
{
"model": "virtual desktop infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.3"
},
{
"model": "nonstop server h06.20.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "ucosminexus client",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "conferencing standard edition",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "nonstop server j06.10.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "nonstop server h06.17.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.6.017"
},
{
"model": "enterprise linux hpc node supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ucosminexus application server standard-r",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "java system web server sp11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "nonstop server h06.16.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "rational synergy",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.5"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "nonstop server j06.05.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "linux enterprise java sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "11.04"
},
{
"model": "java se sr1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7"
},
{
"model": "nonstop server h06.20.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cosminexus developer no version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "nonstop server j06.09.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux enterprise desktop sp1 for sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "nonstop server h06.17.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server j06.08.03",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "rational synergy",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0.6"
},
{
"model": "nonstop server j06.10.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "nonstop server h06.25.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server h06.18.01",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cosminexus application server no version",
"scope": "eq",
"trust": 0.3,
"vendor": "hitachi",
"version": "0"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.3.60"
},
{
"model": "nonstop server h06.27",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "java se sr10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6"
},
{
"model": "nonstop server h06.17.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "nonstop server j06.14.02",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "BID",
"id": "51194"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:glassfish_server:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Klink, n.runs AG and Julian Waumllde, Technische Universit Darmstadt",
"sources": [
{
"db": "BID",
"id": "51194"
}
],
"trust": 0.3
},
"cve": "CVE-2011-5035",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-5035",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-5035",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#903934",
"trust": 0.8,
"value": "10.80"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-502",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-5035",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Some programming language implementations do not sufficiently randomize their hash functions or provide means to limit key collision attacks, which can be leveraged by an unauthenticated attacker to cause a denial-of-service (DoS) condition. Oracle Glassfish Calculates the hash value of the form parameter without restricting the assumption of hash collision. (CPU Resource consumption ) There is a vulnerability that becomes a condition.A third party can send a large amount of crafted parameters to disrupt service operation. (CPU Resource consumption ) There is a possibility of being put into a state. Oracle GlassFish Server is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue by sending specially crafted forms in HTTP POST requests. \nOracle GlassFish Server 3.1.1 and prior versions are vulnerable. Content-Disposition: inline\n\n==========================================================================Ubuntu Security Notice USN-1373-1\nFebruary 24, 2012\n\nopenjdk-6 vulnerabilities\n==========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.10\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nMultiple OpenJDK 6 vulnerabilities have been fixed. \n\nSoftware Description:\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nIt was discovered that the Java HttpServer class did not limit the\nnumber of headers read from a HTTP request. A remote attacker could\ncause a denial of service by sending special requests that trigger\nhash collisions predictably. (CVE-2011-5035)\n\nATTENTION: this update changes previous Java HttpServer class behavior\nby limiting the number of request headers to 200. This may be increased\nby adjusting the sun.net.httpserver.maxReqHeaders property. \n\nIt was discovered that the Java Sound component did not properly\ncheck buffer boundaries. A remote attacker could use this to cause\na denial of service or view confidential data. (CVE-2011-3563)\n\nIt was discovered that the Java2D implementation does not properly\ncheck graphics rendering objects before passing them to the native\nrenderer. A remote attacker could use this to cause a denial of\nservice or to bypass Java sandbox restrictions. (CVE-2012-0497)\n\nIt was discovered that an off-by-one error exists in the Java ZIP\nfile processing code. An attacker could us this to cause a denial of\nservice through a maliciously crafted ZIP file. (CVE-2012-0501)\n\nIt was discovered that the Java AWT KeyboardFocusManager did not\nproperly enforce keyboard focus security policy. A remote attacker\ncould use this with an untrusted application or applet to grab keyboard\nfocus and possibly expose confidential data. (CVE-2012-0502)\n\nIt was discovered that the Java TimeZone class did not properly enforce\nsecurity policy around setting the default time zone. A remote attacker\ncould use this with an untrusted application or applet to set a new\ndefault time zone and bypass Java sandbox restrictions. (CVE-2012-0503)\n\nIt was discovered the Java ObjectStreamClass did not throw\nan accurately identifiable exception when a deserialization\nfailure occurred. A remote attacker could use this with\nan untrusted application or applet to bypass Java sandbox\nrestrictions. (CVE-2012-0505)\n\nIt was discovered that the Java CORBA implementation did not properly\nprotect repository identifiers on certain CORBA objects. A remote\nattacker could use this to corrupt object data. (CVE-2012-0506)\n\nIt was discovered that the Java AtomicReferenceArray class\nimplementation did not properly check if an array was of\nthe expected Object[] type. A remote attacker could use this\nwith a malicious application or applet to bypass Java sandbox\nrestrictions. (CVE-2012-0507)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.10:\n icedtea-6-jre-cacao 6b23~pre11-0ubuntu1.11.10.2\n icedtea-6-jre-jamvm 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-headless 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-lib 6b23~pre11-0ubuntu1.11.10.2\n openjdk-6-jre-zero 6b23~pre11-0ubuntu1.11.10.2\n\nUbuntu 11.04:\n icedtea-6-jre-cacao 6b22-1.10.6-0ubuntu1\n icedtea-6-jre-jamvm 6b22-1.10.6-0ubuntu1\n openjdk-6-jre 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-headless 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-lib 6b22-1.10.6-0ubuntu1\n openjdk-6-jre-zero 6b22-1.10.6-0ubuntu1\n\nUbuntu 10.10:\n icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.10.1\n openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.10.1\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-headless 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-lib 6b20-1.9.13-0ubuntu1~10.04.1\n openjdk-6-jre-zero 6b20-1.9.13-0ubuntu1~10.04.1\n\nAfter a standard system update you need to restart any Java applications\nor applets to make all the necessary changes. \n\nRelease Date: 2012-03-26\nLast Updated: 2012-04-02\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running HP JDK and JRE 6.0.13 or earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2011-3563 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2011-5035 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-0497 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0498 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0499 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0500 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-0501 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2012-0502 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4\nCVE-2012-0503 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-0504 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3\nCVE-2012-0505 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2012-0506 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2012-0507 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location\n\nhttp://www.hp.com/go/java\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.14 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v6.0.13 and earlier, update to Java v6.0.14 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\nJdk60.JDK60-COM\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\naction: install revision 1.6.0.14.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 27 March 2012 Initial release\nVersion:2 (rev.2) 2 April 2012 corrected CVE-2012-0507 score\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\nBackground\n==========\n\nIcedTea is a distribution of the Java OpenJDK source code built with\nfree build tools. \n\nCVE-2011-3377\n\tThe Iced Tea browser plugin included in the openjdk-6 package\n\tdoes not properly enforce the Same Origin Policy on web content\n\tserved under a domain name which has a common suffix with the\n\trequired domain name. \n\tThis could lead to JVM crash or Java sandbox bypass. \n\nCVE-2012-0505\n\tThe Java serialization code leaked references to serialization\n\texceptions, possibly leaking critical objects to untrusted\n\tcode in Java applets and applications. This could\n\thave been used to perform modification of the data that should\n\thave been immutable. \n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 6b24-1.11.1-1. \n\nWe recommend that you upgrade your openjdk-6 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: January 27, 2014\n Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n #458444, #460360, #466212, #473830, #473980, #488210, #498148\n ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/sun-jdk \u003c= 1.6.0.45 Vulnerable!\n 2 dev-java/oracle-jdk-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 3 dev-java/sun-jre-bin \u003c= 1.6.0.45 Vulnerable!\n 4 dev-java/oracle-jre-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 5 app-emulation/emul-linux-x86-java\n \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n NOTE: Packages marked with asterisks require manual intervention!\n -------------------------------------------------------------------\n 5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nAn unauthenticated, remote attacker could exploit these vulnerabilities\nto execute arbitrary code. \nFurthermore, a local or remote attacker could exploit these\nvulnerabilities to cause unspecified impact, possibly including remote\nexecution of arbitrary code. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nNOTE: As Oracle has revoked the DLJ license for its Java\nimplementation, the packages can no longer be updated automatically. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 2 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 3 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 4 ] CVE-2012-0498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[ 5 ] CVE-2012-0499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[ 6 ] CVE-2012-0500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[ 7 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 8 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 9 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 10 ] CVE-2012-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[ 11 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 12 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 13 ] CVE-2012-0507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[ 14 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 15 ] CVE-2012-1531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[ 16 ] CVE-2012-1532\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[ 17 ] CVE-2012-1533\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[ 18 ] CVE-2012-1541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[ 19 ] CVE-2012-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[ 20 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 21 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 22 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 23 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 24 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 25 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 26 ] CVE-2012-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[ 27 ] CVE-2012-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[ 28 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 29 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 30 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 31 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 32 ] CVE-2012-3136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[ 33 ] CVE-2012-3143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[ 34 ] CVE-2012-3159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[ 35 ] CVE-2012-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[ 36 ] CVE-2012-3213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[ 37 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 38 ] CVE-2012-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[ 39 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 40 ] CVE-2012-4681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[ 41 ] CVE-2012-5067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[ 42 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 43 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 44 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 45 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 46 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 47 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 48 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 49 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 50 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 51 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 52 ] CVE-2012-5079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[ 53 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 54 ] CVE-2012-5083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[ 55 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 56 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 57 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 58 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 59 ] CVE-2012-5088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[ 60 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 61 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 62 ] CVE-2013-0351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[ 63 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 64 ] CVE-2013-0402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[ 65 ] CVE-2013-0409\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[ 66 ] CVE-2013-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[ 67 ] CVE-2013-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[ 68 ] CVE-2013-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[ 69 ] CVE-2013-0430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[ 70 ] CVE-2013-0437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[ 71 ] CVE-2013-0438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[ 72 ] CVE-2013-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[ 73 ] CVE-2013-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[ 74 ] CVE-2013-0448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[ 75 ] CVE-2013-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[ 76 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 77 ] CVE-2013-1473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[ 78 ] CVE-2013-1479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[ 79 ] CVE-2013-1481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[ 80 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 81 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 82 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 83 ] CVE-2013-1487\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[ 84 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 85 ] CVE-2013-1491\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[ 86 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 87 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 88 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 89 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 90 ] CVE-2013-1540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[ 91 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 92 ] CVE-2013-1558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[ 93 ] CVE-2013-1561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[ 94 ] CVE-2013-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[ 95 ] CVE-2013-1564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[ 96 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 97 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 98 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 99 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Multiple Products Web Form Hash Collision Denial of Service\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA47819\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47819/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819\n\nRELEASE DATE:\n2012-02-01\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47819/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47819/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in multiple Oracle products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error within a hash generation\nfunction when hashing form posts and updating a hash table. \n\nThe vulnerability is reported in the following products:\n* Oracle Application Server 10g Release 3 version 10.1.3.5.0. \n* Oracle iPlanet Web Server 7.0. \n* Oracle iPlanet Web Server (formerly Oracle Java System Web Server)\n6.1. \n\nSOLUTION:\nApply patch. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.6.0-sun security update\nAdvisory ID: RHSA-2012:0139-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-0139.html\nIssue date: 2012-02-16\nCVE Names: CVE-2011-3563 CVE-2011-3571 CVE-2011-5035 \n CVE-2012-0498 CVE-2012-0499 CVE-2012-0500 \n CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 \n CVE-2012-0505 CVE-2012-0506 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-sun packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit. \n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch page, listed in the References section. (CVE-2011-3563,\nCVE-2011-3571, CVE-2011-5035, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500,\nCVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506)\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide JDK and JRE 6 Update 31 and resolve these issues. \nAll running instances of Sun Java must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n788606 - CVE-2011-5035 OpenJDK: HttpServer no header count limit (Lightweight HTTP Server, 7126960)\n788624 - CVE-2012-0501 OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)\n788976 - CVE-2012-0503 OpenJDK: unrestricted use of TimeZone.setDefault() (i18n, 7110687)\n788994 - CVE-2011-3571 OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)\n789295 - CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)\n789297 - CVE-2012-0502 OpenJDK: KeyboardFocusManager focus stealing (AWT, 7110683)\n789299 - CVE-2012-0505 OpenJDK: incomplete info in the deserialization exception (Serialization, 7110700)\n789300 - CVE-2012-0506 OpenJDK: mutable repository identifiers (CORBA, 7110704)\n790720 - CVE-2012-0498 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)\n790722 - CVE-2012-0499 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)\n790724 - CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el4.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.i586.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el5.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.i686.rpm\njava-1.6.0-sun-devel-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.31-1jpp.1.el6_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-3563.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3571.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-5035.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0498.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0499.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0500.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0501.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0502.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0503.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0505.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-0506.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html\nhttp://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFPPVa5XlSAg2UNWIIRAn6xAJ932rg7KVwp+jyL7jwxMvOiZHAqtQCgmt4n\ndZEXYZPhMUvix7Sd5jUeKng=\n=Czkl\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. HP has updated the Apache Tomcat and Oracle database software to\naddress vulnerabilities affecting confidentiality, availability, and\nintegrity",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5035"
},
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "BID",
"id": "51194"
},
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "PACKETSTORM",
"id": "110181"
},
{
"db": "PACKETSTORM",
"id": "111624"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "110284"
},
{
"db": "PACKETSTORM",
"id": "112144"
},
{
"db": "PACKETSTORM",
"id": "113170"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "109353"
},
{
"db": "PACKETSTORM",
"id": "109834"
},
{
"db": "PACKETSTORM",
"id": "125436"
}
],
"trust": 3.6
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=2012",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-5035"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-5035",
"trust": 3.8
},
{
"db": "CERT/CC",
"id": "VU#903934",
"trust": 3.3
},
{
"db": "OCERT",
"id": "OCERT-2011-003",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "48589",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57126",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48073",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48074",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "48950",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19347",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19819",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19290",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502",
"trust": 0.6
},
{
"db": "BID",
"id": "51194",
"trust": 0.4
},
{
"db": "HITACHI",
"id": "HS12-007",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "47819",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "2012",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-5035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110181",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111624",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127267",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110284",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113170",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124943",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109353",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "109834",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125436",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "BID",
"id": "51194"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "PACKETSTORM",
"id": "110181"
},
{
"db": "PACKETSTORM",
"id": "111624"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "110284"
},
{
"db": "PACKETSTORM",
"id": "112144"
},
{
"db": "PACKETSTORM",
"id": "113170"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "109353"
},
{
"db": "PACKETSTORM",
"id": "109834"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"id": "VAR-201112-0123",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26205936
},
"last_update_date": "2024-07-23T20:42:32.055000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT5228",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5228"
},
{
"title": "HT1338",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht1338?viewlocale=ja_jp"
},
{
"title": "HT5228",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht5228?viewlocale=ja_jp"
},
{
"title": "HS12-007",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html"
},
{
"title": "HPSBST02955 SSRT101157",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c04047415"
},
{
"title": "Text Form of Oracle Critical Patch Update - January 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013verbose-1897756.html"
},
{
"title": "Oracle Critical Patch Update Advisory - April 2012",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2012",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"title": "Oracle Critical Patch Update Advisory - January 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"title": "Oracle Security Alert for CVE-2011-5035",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html"
},
{
"title": "RHSA-2013:1455",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
},
{
"title": "January 2012 Critical Patch Update Released",
"trust": 0.8,
"url": "http://blogs.oracle.com/security/entry/january_2012_critical_patch_update"
},
{
"title": "January 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/january_2013_critical_patch_update"
},
{
"title": "interstage_as_201201",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201201.html"
},
{
"title": "HS12-007",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-007/index.html"
},
{
"title": "Red Hat: Important: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120322 - security advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-openjdk security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120135 - security advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-sun security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120139 - security advisory"
},
{
"title": "Red Hat: Critical: java-1.6.0-ibm security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20120514 - security advisory"
},
{
"title": "Ubuntu Security Notice: openjdk-6b18 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1373-2"
},
{
"title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1373-1"
},
{
"title": "Amazon Linux AMI: ALAS-2012-043",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2012-043"
},
{
"title": "Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20131455 - security advisory"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/oracle-patches-88-vulnerabilities-including-some-allow-remote-exploits-without-authentication/76457/"
},
{
"title": "welivesecurity",
"trust": 0.1,
"url": "https://www.welivesecurity.com/2012/04/05/mac-flashback-trojan-java-update/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.ocert.org/advisories/ocert-2011-003.html"
},
{
"trust": 2.8,
"url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/903934"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2012-0514.html"
},
{
"trust": 1.1,
"url": "https://github.com/firefart/hashcollision-dos-poc/blob/master/hashtablepoc.py"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48589"
},
{
"trust": 1.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48950"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2013:150"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2012/dsa-2420"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57126"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16908"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48073"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/48074"
},
{
"trust": 0.8,
"url": "http://www.cs.rice.edu/~scrosby/hash/crosbywallach_usenixsec2003.pdf"
},
{
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/bulletin/ms11-100.mspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2011/12/27/more-information-about-the-december-2011-asp-net-vulnerability.aspx"
},
{
"trust": 0.8,
"url": "http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/391606"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5035"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20120106-web.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu903934"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu514315/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5035"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035"
},
{
"trust": 0.7,
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19347"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19290"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19819"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498"
},
{
"trust": 0.4,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html"
},
{
"trust": 0.4,
"url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
},
{
"trust": 0.3,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03350339"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/us/products/middleware/application-server/oracle-glassfish-server/index.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm59971"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm59978"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100159245"
},
{
"trust": 0.3,
"url": "http://downloads.avaya.com/css/p8/documents/100160575"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100160941"
},
{
"trust": 0.3,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184\u0026ac.admitted=1332960372864.876444892.199480143"
},
{
"trust": 0.3,
"url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03254184\u0026ac.admitted=1333452463922.876444892.492883150"
},
{
"trust": 0.3,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-007/index.html"
},
{
"trust": 0.3,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504"
},
{
"trust": 0.2,
"url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://www.hp.com/go/java"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html"
},
{
"trust": 0.2,
"url": "http://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/51194"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2012:0322"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1373-2/"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/2012/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=25553"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b23~pre11-0ubuntu1.11.10.2"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1373-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b22-1.10.6-0ubuntu1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b20-1.9.13-0ubuntu1~10.04.1"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2412"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3557"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0865"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0429"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2421"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0862"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0706"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3556"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0426"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0457"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3552"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-1876"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0431"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0458"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3521"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2398"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0815"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1475"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3569"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3549"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0872"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3860"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3554"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0822"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0025"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1476"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3544"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0456"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2783"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3560"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1480"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0869"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-2397"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0453"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4351"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3551"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3557"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3377"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/knowledge/articles/11258"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201401-30.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47819/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47819"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47819/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/kb/docs/doc-11259"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-3571.html"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2012-0139.html"
},
{
"trust": 0.1,
"url": "http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3571"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2526"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.1,
"url": "http://www.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0534"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3190"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5342"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5461"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5063"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1947"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2481"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-5062"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2729"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "BID",
"id": "51194"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "PACKETSTORM",
"id": "110181"
},
{
"db": "PACKETSTORM",
"id": "111624"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "110284"
},
{
"db": "PACKETSTORM",
"id": "112144"
},
{
"db": "PACKETSTORM",
"id": "113170"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "109353"
},
{
"db": "PACKETSTORM",
"id": "109834"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#903934"
},
{
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"db": "BID",
"id": "51194"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"db": "PACKETSTORM",
"id": "110181"
},
{
"db": "PACKETSTORM",
"id": "111624"
},
{
"db": "PACKETSTORM",
"id": "127267"
},
{
"db": "PACKETSTORM",
"id": "110284"
},
{
"db": "PACKETSTORM",
"id": "112144"
},
{
"db": "PACKETSTORM",
"id": "113170"
},
{
"db": "PACKETSTORM",
"id": "124943"
},
{
"db": "PACKETSTORM",
"id": "109353"
},
{
"db": "PACKETSTORM",
"id": "109834"
},
{
"db": "PACKETSTORM",
"id": "125436"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-28T00:00:00",
"db": "CERT/CC",
"id": "VU#903934"
},
{
"date": "2011-12-30T00:00:00",
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"date": "2011-12-29T00:00:00",
"db": "BID",
"id": "51194"
},
{
"date": "2012-01-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"date": "2012-02-24T22:58:36",
"db": "PACKETSTORM",
"id": "110181"
},
{
"date": "2012-04-06T02:06:18",
"db": "PACKETSTORM",
"id": "111624"
},
{
"date": "2014-06-30T23:39:28",
"db": "PACKETSTORM",
"id": "127267"
},
{
"date": "2012-02-29T16:03:17",
"db": "PACKETSTORM",
"id": "110284"
},
{
"date": "2012-04-25T02:09:03",
"db": "PACKETSTORM",
"id": "112144"
},
{
"date": "2012-06-01T00:12:35",
"db": "PACKETSTORM",
"id": "113170"
},
{
"date": "2014-01-27T18:30:13",
"db": "PACKETSTORM",
"id": "124943"
},
{
"date": "2012-02-02T03:30:52",
"db": "PACKETSTORM",
"id": "109353"
},
{
"date": "2012-02-17T02:33:53",
"db": "PACKETSTORM",
"id": "109834"
},
{
"date": "2014-02-26T22:39:24",
"db": "PACKETSTORM",
"id": "125436"
},
{
"date": "2011-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"date": "2011-12-30T01:55:01.640000",
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-15T00:00:00",
"db": "CERT/CC",
"id": "VU#903934"
},
{
"date": "2018-01-06T00:00:00",
"db": "VULMON",
"id": "CVE-2011-5035"
},
{
"date": "2015-04-13T21:24:00",
"db": "BID",
"id": "51194"
},
{
"date": "2015-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003567"
},
{
"date": "2012-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-502"
},
{
"date": "2018-01-06T02:29:26.690000",
"db": "NVD",
"id": "CVE-2011-5035"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "110181"
},
{
"db": "PACKETSTORM",
"id": "111624"
},
{
"db": "PACKETSTORM",
"id": "113170"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hash table implementations vulnerable to algorithmic complexity attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#903934"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-502"
}
],
"trust": 0.6
}
}